Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZYgeRP7oOZgvNo3qeNw3m-afIFc.roa
File: ZYgeRP7oOZgvNo3qeNw3m-afIFc.roa (raw, json)
Hash identifier: S3kxeEG92e+qngUqNNXzcfv4eVcrDoEoQVJh9h5kjJk=
Subject key identifier: 65:88:1E:44:FE:E8:39:98:2F:36:8D:EA:78:DC:37:9B:E6:9F:20:57
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB8B8A72891A9EB53851B313C992EC83A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZYgeRP7oOZgvNo3qeNw3m-afIFc.roa
Signing time: Sat 30 Dec 2023 03:15:58 +0000
ROA not before: Sat 30 Dec 2023 03:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b8:b8:a7:28:91:a9:eb:53:85:1b:31:3c:99:2e:c8:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 30 03:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65881e44fee839982f368dea78dc379be69f2057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7d:d1:fc:f2:3d:fb:fe:ca:b9:99:5b:99:6e:
c2:1c:7f:7d:3a:3c:11:97:fd:58:0c:32:58:be:fe:
17:63:ef:ec:23:d7:38:1d:98:61:7f:02:3c:ee:6c:
b9:c7:a8:55:12:3d:41:7c:f9:87:93:96:07:c8:93:
b2:91:30:d2:15:48:6e:c5:19:bb:f9:94:94:09:a4:
7d:90:86:59:1b:c5:90:f8:2c:78:0f:ed:f1:e1:0e:
dc:1a:e4:64:3c:37:3b:8c:52:8d:d6:25:2b:6f:59:
88:ec:2e:a5:97:32:9a:20:c1:8d:45:be:17:fc:23:
1f:b9:b3:a4:5b:43:cc:a6:ed:a3:58:08:dd:7d:cf:
bd:91:eb:42:d9:f6:e9:ef:3b:41:4d:75:69:74:71:
79:1a:b1:34:08:ea:1c:90:84:74:3a:e0:7f:1c:20:
92:0d:29:31:fc:c6:70:a7:31:58:2e:72:5b:45:13:
70:be:89:10:e8:e6:2b:36:6c:3a:9d:04:df:be:9d:
86:9d:35:2e:f6:c6:20:45:db:e6:4e:ca:84:8a:b8:
a2:4f:f2:c6:3d:b9:62:2d:28:75:d1:4f:39:65:6e:
36:40:d0:48:e2:a6:7f:da:cc:fe:14:78:d0:f9:07:
53:1c:40:76:38:53:63:9d:d6:ba:9c:6b:57:8d:8f:
a5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:88:1E:44:FE:E8:39:98:2F:36:8D:EA:78:DC:37:9B:E6:9F:20:57
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZYgeRP7oOZgvNo3qeNw3m-afIFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:3c:a9:6e:75:c4:86:4d:af:36:a4:74:b2:68:64:1d:1e:12:
d2:59:24:7a:d6:d8:a5:a8:2c:7f:af:d5:30:7c:a8:af:c1:de:
be:ce:5e:52:6c:d0:bb:65:96:0f:29:0e:66:4a:72:02:fb:55:
f4:7d:02:95:ae:d2:e0:75:fb:70:8e:41:5c:a1:a7:22:46:93:
72:f3:07:cf:8e:bd:40:02:4c:60:61:21:d0:46:11:ee:7e:97:
60:90:27:3f:69:1e:47:6c:2a:89:23:0b:0c:e4:8a:d3:4e:e4:
70:1c:d5:0c:9b:71:56:ac:07:bc:da:e3:b7:36:9e:99:cc:87:
50:8a:4b:3d:d4:b3:c6:f3:de:b1:6c:aa:0a:53:35:59:55:03:
f2:b7:63:8d:2b:17:9d:a0:67:d8:0b:f0:d3:29:d5:b5:f3:76:
9e:50:1a:2d:9f:2c:10:0f:de:9a:d8:7e:c3:50:a3:a4:c3:86:
37:b2:0c:be:dc:f3:fe:57:36:eb:c8:30:26:07:e5:43:84:27:
cd:53:22:25:1f:51:c4:8d:97:a7:03:ac:b8:da:28:6a:76:51:
41:43:e6:d5:92:47:82:e6:cc:69:49:64:24:d6:2d:bc:93:65:
b6:be:e5:37:c0:5a:dd:36:da:12:e8:59:7e:15:13:17:5a:f8:
77:37:e5:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy4uKcokanrU4UbMTyZLsg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMwMDMxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg4MWU0NGZlZTgzOTk4MmYzNjhkZWE3OGRjMzc5YmU2OWYyMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH3R/PI9+/7KuZlbmW7CHH99OjwR
l/1YDDJYvv4XY+/sI9c4HZhhfwI87my5x6hVEj1BfPmHk5YHyJOykTDSFUhuxRm7
+ZSUCaR9kIZZG8WQ+Cx4D+3x4Q7cGuRkPDc7jFKN1iUrb1mI7C6llzKaIMGNRb4X
/CMfubOkW0PMpu2jWAjdfc+9ketC2fbp7ztBTXVpdHF5GrE0COockIR0OuB/HCCS
DSkx/MZwpzFYLnJbRRNwvokQ6OYrNmw6nQTfvp2GnTUu9sYgRdvmTsqEiriiT/LG
PbliLSh10U85ZW42QNBI4qZ/2sz+FHjQ+QdTHEB2OFNjnda6nGtXjY+lEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGWIHkT+6DmYLzaN6njcN5vmnyBXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWllnZVJQN29PWmd2Tm8zcWVOdzNtLWFmSUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJo8qW51xIZNrzakdLJo
ZB0eEtJZJHrW2KWoLH+v1TB8qK/B3r7OXlJs0Ltllg8pDmZKcgL7VfR9ApWu0uB1
+3COQVyhpyJGk3LzB8+OvUACTGBhIdBGEe5+l2CQJz9pHkdsKokjCwzkitNO5HAc
1QybcVasB7za47c2npnMh1CKSz3Us8bz3rFsqgpTNVlVA/K3Y40rF52gZ9gL8NMp
1bXzdp5QGi2fLBAP3prYfsNQo6TDhjeyDL7c8/5XNuvIMCYH5UOEJ81TIiUfUcSN
l6cDrLjaKGp2UUFD5tWSR4LmzGlJZCTWLbyTZba+5TfAWt022hLoWX4VExda+Hc3
5W0=
Generated at Sat Dec 30 06:20:44 2023 by rpki-client on console.sobornost.net