Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XJxIMmiQWgGjGjcKJ3F_e_jX918.roa
File: XJxIMmiQWgGjGjcKJ3F_e_jX918.roa (raw, json)
Hash identifier: LWzKrtEjZZribtZkfGnprXpz7hInJyjXGo7kgHHMVWU=
Subject key identifier: 5C:9C:48:32:68:90:5A:01:A3:1A:37:0A:27:71:7F:7B:F8:D7:F7:5F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCDF4230D7502700C82BB0774525834D1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XJxIMmiQWgGjGjcKJ3F_e_jX918.roa
Signing time: Wed 03 Jan 2024 06:12:58 +0000
ROA not before: Wed 03 Jan 2024 06:12:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cd:f4:23:0d:75:02:70:0c:82:bb:07:74:52:58:34:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 06:12:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c9c483268905a01a31a370a27717f7bf8d7f75f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:94:7a:c2:36:18:29:23:e5:2f:ca:a5:a6:1e:
bd:fb:af:27:17:1e:74:37:10:bf:de:53:ec:9d:20:
a6:e4:37:8b:f1:f6:14:81:b5:ae:8e:77:d8:7c:3f:
64:60:a4:39:4f:46:d4:e6:13:4c:30:57:78:15:8b:
f1:a5:29:b2:76:d4:78:dc:d4:ad:cb:a5:50:22:37:
4e:34:9a:12:cc:ad:72:8a:f3:a2:9e:73:be:45:fa:
5a:3e:cc:e8:ee:7a:b3:1a:af:4a:92:97:2a:9f:fa:
44:ac:1d:42:b9:90:e5:32:00:a3:af:cd:33:d3:43:
07:87:a1:9c:3a:8d:ab:93:00:2b:07:15:a2:7f:a4:
30:ad:da:4d:7a:a4:63:cc:17:14:07:9d:a4:9a:ce:
d6:a3:04:1d:fd:d9:09:b3:84:18:8d:1b:91:35:01:
93:e4:1c:56:3d:84:f3:c4:99:12:9f:d7:29:fb:a5:
57:15:94:93:3a:e1:aa:5f:d0:11:6a:c0:85:da:d8:
92:50:17:d9:3b:12:9b:d6:db:bc:19:d9:4d:1b:8d:
71:ce:a0:8f:36:ad:b5:21:11:64:9f:2d:7d:b0:14:
50:97:1c:e9:f3:0d:5d:2c:04:95:e4:32:6a:66:4c:
de:99:ea:00:db:26:b9:e7:18:01:48:f5:28:c6:7b:
43:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9C:48:32:68:90:5A:01:A3:1A:37:0A:27:71:7F:7B:F8:D7:F7:5F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XJxIMmiQWgGjGjcKJ3F_e_jX918.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:69:5c:b2:83:e8:7c:f7:34:50:64:20:3a:ee:a4:c0:ac:d0:
cd:58:bf:68:df:bf:ef:6f:8f:10:72:05:07:23:c8:ea:d3:32:
c0:9a:f2:49:d6:e8:2e:64:63:57:b2:2d:70:64:4d:e4:51:e8:
b2:97:98:ae:31:73:ef:fa:8d:c7:f9:1a:17:69:20:f8:f4:91:
2e:19:ad:dc:79:96:4a:a2:b3:16:eb:ee:b1:44:56:7c:78:53:
92:64:15:88:86:bc:7e:12:c5:3f:28:26:2d:b0:60:4a:b3:ab:
38:10:81:16:5c:52:00:b4:32:9d:83:bd:e7:09:56:f5:9e:71:
54:44:44:19:c1:a4:f8:4a:e8:e0:f8:27:ab:25:58:cc:d6:4f:
fb:ac:75:39:b6:dc:62:08:bf:9c:33:6a:65:f2:e2:0f:93:ba:
54:8b:09:fb:14:23:07:14:8d:7d:ec:8f:5d:29:ee:3a:4a:fc:
88:99:53:32:52:89:cb:7c:20:e1:9d:0e:01:5c:76:ae:36:df:
fc:02:42:52:57:dd:a0:19:bb:32:34:b9:36:3b:7d:17:15:64:
06:07:70:b7:ce:b4:b2:40:fd:a0:9b:75:d9:0f:70:48:9e:ce:
d8:60:57:9a:b8:5b:e7:c4:fc:31:14:98:97:43:c0:ad:72:0d:
0a:57:92:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzN9CMNdQJwDIK7B3RSWDTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMDYxMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzljNDgzMjY4OTA1YTAxYTMxYTM3MGEyNzcxN2Y3YmY4ZDdmNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZR6wjYYKSPlL8qlph69+68nFx50
NxC/3lPsnSCm5DeL8fYUgbWujnfYfD9kYKQ5T0bU5hNMMFd4FYvxpSmydtR43NSt
y6VQIjdONJoSzK1yivOinnO+RfpaPszo7nqzGq9Kkpcqn/pErB1CuZDlMgCjr80z
00MHh6GcOo2rkwArBxWif6QwrdpNeqRjzBcUB52kms7WowQd/dkJs4QYjRuRNQGT
5BxWPYTzxJkSn9cp+6VXFZSTOuGqX9ARasCF2tiSUBfZOxKb1tu8GdlNG41xzqCP
Nq21IRFkny19sBRQlxzp8w1dLASV5DJqZkzemeoA2ya55xgBSPUoxntDyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFycSDJokFoBoxo3Cidxf3v41/dfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWEp4SU1taVFXZ0dqR2pjS0ozRl9lX2pYOTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGFpXLKD6Hz3NFBkIDru
pMCs0M1Yv2jfv+9vjxByBQcjyOrTMsCa8knW6C5kY1eyLXBkTeRR6LKXmK4xc+/6
jcf5GhdpIPj0kS4Zrdx5lkqisxbr7rFEVnx4U5JkFYiGvH4SxT8oJi2wYEqzqzgQ
gRZcUgC0Mp2DvecJVvWecVRERBnBpPhK6OD4J6slWMzWT/usdTm23GIIv5wzamXy
4g+TulSLCfsUIwcUjX3sj10p7jpK/IiZUzJSict8IOGdDgFcdq423/wCQlJX3aAZ
uzI0uTY7fRcVZAYHcLfOtLJA/aCbddkPcEiezthgV5q4W+fE/DEUmJdDwK1yDQpX
kkE=
-----END CERTIFICATE-----
Generated at Wed Jan 3 16:57:23 2024 by rpki-client on console.sobornost.net