Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cl3Oh4_uGp4CuVfJB7KBE8juVP8.roa
File: cl3Oh4_uGp4CuVfJB7KBE8juVP8.roa (raw, json)
Hash identifier: 507DRG6AhrTKFxB1mS7G/89vgVG2AYtMl6SsL+oe0m8=
Subject key identifier: 72:5D:CE:87:8F:EE:1A:9E:02:B9:57:C9:07:B2:81:13:C8:EE:54:FF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD2AF3A3262569DE188FD1E1A4890F8A0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cl3Oh4_uGp4CuVfJB7KBE8juVP8.roa
Signing time: Thu 04 Jan 2024 04:15:48 +0000
ROA not before: Thu 04 Jan 2024 04:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d2:af:3a:32:62:56:9d:e1:88:fd:1e:1a:48:90:f8:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 4 04:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=725dce878fee1a9e02b957c907b28113c8ee54ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6f:28:d9:32:1d:0f:2a:d1:44:fb:84:c8:f6:
8e:39:66:40:36:12:00:af:3d:98:8d:ec:15:a9:a4:
22:db:c4:cc:6c:e1:c6:01:29:a0:13:49:44:f4:b3:
7a:8a:94:a0:2d:3e:c8:fe:e3:4f:28:b0:25:9b:65:
11:6d:2f:2c:0d:09:ff:51:76:aa:b8:73:dc:55:9d:
a3:63:54:94:fc:a3:a8:cf:e8:d2:67:3a:2c:78:d5:
5b:bb:2f:bb:81:5c:aa:af:61:3c:50:28:80:f5:6f:
f1:96:d4:0b:4e:c0:1c:d3:f1:e6:25:f2:58:33:de:
d5:40:b1:93:57:c4:b9:df:4e:1d:52:1a:05:71:b7:
cb:75:82:29:8d:ca:fe:5b:c0:04:19:86:22:3e:5f:
58:4e:27:82:3f:13:4a:bd:15:2c:26:2b:73:cb:ea:
08:90:8b:58:61:a2:34:30:04:2b:22:a4:68:e7:45:
eb:77:06:d6:78:d3:9f:a8:3a:44:ee:c6:21:bd:eb:
58:08:7b:3d:a0:c7:c5:a3:7a:fd:28:e7:d7:c9:92:
d9:29:10:87:7f:9c:34:c0:51:ff:8f:0d:6d:ea:ac:
7d:bd:20:95:7a:f9:01:1c:77:a7:ae:bb:55:05:56:
2a:3e:98:aa:53:a2:25:2b:24:08:06:bc:3e:ef:3b:
f8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:5D:CE:87:8F:EE:1A:9E:02:B9:57:C9:07:B2:81:13:C8:EE:54:FF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cl3Oh4_uGp4CuVfJB7KBE8juVP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:b0:e6:45:7c:a7:84:2a:5f:49:de:9b:81:37:1c:9c:7b:c9:
ce:de:8e:8e:56:9b:22:2b:a1:8a:3b:11:2f:83:81:3a:e0:5d:
6b:14:96:e4:ee:25:14:ad:51:89:13:7d:ac:82:d3:2c:f4:bc:
5b:13:0a:c9:d4:b2:3b:c5:72:a2:57:0d:9a:5d:34:2f:c2:19:
fc:2e:d9:08:12:7f:8c:70:af:33:64:9e:a7:3e:87:e8:13:6e:
38:2d:b4:10:eb:ee:28:6c:10:ed:50:78:40:1a:a8:e6:f7:0e:
28:61:77:6c:3c:f0:16:17:ce:3f:92:4f:cf:3d:e7:c0:e4:df:
25:19:b6:73:5e:57:71:59:ba:5c:fe:29:1b:e7:a5:a4:aa:c4:
c4:63:86:24:33:2f:a1:ea:88:d1:69:9a:1c:b5:14:2f:55:9d:
b9:3c:7f:4f:91:4c:54:6a:9f:34:1b:de:d2:e3:1b:34:f8:c9:
62:9e:99:84:71:52:90:4f:bd:e2:9f:05:30:d7:10:02:71:89:
db:68:f4:d5:ec:98:9d:72:be:a9:73:2e:88:44:e8:02:d3:30:
48:41:57:32:54:b3:28:d2:a5:34:ea:f1:ea:0c:4d:d8:6e:7e:
32:85:da:48:48:a3:c3:25:5d:5d:57:0a:37:57:75:be:c0:f5:
98:b7:c7:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzSrzoyYlad4Yj9HhpIkPigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA0MDQxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjVkY2U4NzhmZWUxYTllMDJiOTU3YzkwN2IyODExM2M4ZWU1NGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm8o2TIdDyrRRPuEyPaOOWZANhIA
rz2YjewVqaQi28TMbOHGASmgE0lE9LN6ipSgLT7I/uNPKLAlm2URbS8sDQn/UXaq
uHPcVZ2jY1SU/KOoz+jSZzoseNVbuy+7gVyqr2E8UCiA9W/xltQLTsAc0/HmJfJY
M97VQLGTV8S5304dUhoFcbfLdYIpjcr+W8AEGYYiPl9YTieCPxNKvRUsJitzy+oI
kItYYaI0MAQrIqRo50XrdwbWeNOfqDpE7sYhvetYCHs9oMfFo3r9KOfXyZLZKRCH
f5w0wFH/jw1t6qx9vSCVevkBHHenrrtVBVYqPpiqU6IlKyQIBrw+7zv4iQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHJdzoeP7hqeArlXyQeygRPI7lT/MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvY2wzT2g0X3VHcDRDdVZmSkI3S0JFOGp1VlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADuw5kV8p4QqX0nem4E3
HJx7yc7ejo5WmyIroYo7ES+DgTrgXWsUluTuJRStUYkTfayC0yz0vFsTCsnUsjvF
cqJXDZpdNC/CGfwu2QgSf4xwrzNknqc+h+gTbjgttBDr7ihsEO1QeEAaqOb3Dihh
d2w88BYXzj+ST88958Dk3yUZtnNeV3FZulz+KRvnpaSqxMRjhiQzL6HqiNFpmhy1
FC9Vnbk8f0+RTFRqnzQb3tLjGzT4yWKemYRxUpBPveKfBTDXEAJxidto9NXsmJ1y
vqlzLohE6ALTMEhBVzJUsyjSpTTq8eoMTdhufjKF2khIo8MlXV1XCjdXdb7A9Zi3
x7E=
-----END CERTIFICATE-----
Generated at Thu Jan 4 07:16:56 2024 by rpki-client on console.sobornost.net