Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hXLK5BUn58MqVuodiK77Bjbqk7E.roa
File: hXLK5BUn58MqVuodiK77Bjbqk7E.roa (raw, json)
Hash identifier: qDWr+l1IX+WqrjFs1qpPBChh4ABjEJUzSIe4qcWs8+w=
Subject key identifier: 85:72:CA:E4:15:27:E7:C3:2A:56:EA:1D:88:AE:FB:06:36:EA:93:B1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCA8625D5DFD4C722A9274AB921208305
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hXLK5BUn58MqVuodiK77Bjbqk7E.roa
Signing time: Tue 02 Jan 2024 14:13:58 +0000
ROA not before: Tue 02 Jan 2024 14:13:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:86:25:d5:df:d4:c7:22:a9:27:4a:b9:21:20:83:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 2 14:13:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8572cae41527e7c32a56ea1d88aefb0636ea93b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:50:db:3e:72:27:0b:f0:85:31:2c:1a:ab:2a:
81:00:9b:09:75:eb:23:08:ca:4a:05:5f:4b:f1:1e:
a3:e9:51:72:67:9b:a2:86:88:2e:c0:f6:7c:ef:78:
d1:a3:9f:40:5a:fa:6d:e2:f4:b0:b5:19:94:93:13:
36:8f:d4:fe:72:00:c2:66:17:93:9c:db:d9:0a:38:
d1:69:13:c9:d7:d1:a0:51:ea:f5:75:77:1e:79:fb:
bd:5a:ff:11:6b:ce:2e:20:b7:8a:b7:91:c3:da:ea:
87:75:af:7e:1c:33:66:91:bf:be:8f:60:98:7b:f3:
a4:0c:f1:04:ac:b8:06:32:e5:1f:89:9a:d4:b1:4d:
a6:06:5f:4b:5d:27:e0:05:2d:60:ec:2d:3f:22:a9:
e8:19:93:08:f8:92:a1:21:5b:fc:98:9a:fd:d3:b9:
d8:4e:14:cb:fb:08:31:a4:4f:87:02:56:36:b1:b2:
3b:71:64:ef:5b:ee:df:bd:60:cc:29:30:18:60:a7:
d3:0a:f5:43:fd:2c:11:8e:42:02:58:84:b7:48:2f:
29:a4:49:a3:3e:d5:b3:af:40:bb:b4:65:52:cb:d1:
d0:7c:c4:12:cc:f1:2a:cb:f3:b4:b2:02:6f:64:b7:
33:e2:d9:ff:b6:f8:65:2c:b4:ee:a6:53:ef:b4:bf:
9f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:72:CA:E4:15:27:E7:C3:2A:56:EA:1D:88:AE:FB:06:36:EA:93:B1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hXLK5BUn58MqVuodiK77Bjbqk7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:92:5e:60:f6:e4:89:67:d9:fb:50:8f:95:8c:13:d1:d8:e0:
2f:f9:9e:bb:d9:ad:23:e1:d7:1f:e3:eb:73:1c:40:1f:c8:f1:
16:b9:a4:49:05:ec:5f:f3:bb:b7:ce:c9:a4:bd:9b:da:96:e5:
63:8e:00:62:51:ca:96:bb:70:c0:78:bd:0f:6d:d5:9e:73:7a:
87:1e:30:7b:24:c7:58:d4:d1:3c:10:79:5b:4e:ba:94:eb:29:
3e:31:a8:b0:ed:d6:e7:ed:45:b5:a3:a9:bb:51:30:f0:0b:bb:
ac:6f:42:cb:20:fa:24:2d:f6:6b:58:7f:53:46:9d:97:7e:d0:
9e:61:ca:14:04:1a:6d:d5:7c:b1:13:97:f3:9d:ab:53:63:b3:
e2:c7:a6:7a:39:53:2d:21:38:6f:52:65:c8:e5:b7:e6:74:9f:
70:be:10:7d:75:fb:03:7e:e9:b7:da:4b:d9:00:f6:70:77:99:
e7:49:5a:37:89:4f:9d:56:f6:4b:d0:ac:cc:cc:ca:d8:1d:8b:
35:ee:75:4f:00:96:02:ab:18:09:08:4e:d6:21:3c:ce:94:19:
c6:0a:ff:b9:70:b2:85:3a:89:a4:1a:5e:68:a6:59:9c:ea:d5:
3f:cd:47:5d:34:f2:43:71:f1:ae:dd:c2:96:13:f9:3b:b4:00:
a3:c4:90:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKhiXV39THIqknSrkhIIMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAyMTQxMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTcyY2FlNDE1MjdlN2MzMmE1NmVhMWQ4OGFlZmIwNjM2ZWE5M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VDbPnInC/CFMSwaqyqBAJsJdesj
CMpKBV9L8R6j6VFyZ5uihoguwPZ873jRo59AWvpt4vSwtRmUkxM2j9T+cgDCZheT
nNvZCjjRaRPJ19GgUer1dXceefu9Wv8Ra84uILeKt5HD2uqHda9+HDNmkb++j2CY
e/OkDPEErLgGMuUfiZrUsU2mBl9LXSfgBS1g7C0/IqnoGZMI+JKhIVv8mJr907nY
ThTL+wgxpE+HAlY2sbI7cWTvW+7fvWDMKTAYYKfTCvVD/SwRjkICWIS3SC8ppEmj
PtWzr0C7tGVSy9HQfMQSzPEqy/O0sgJvZLcz4tn/tvhlLLTuplPvtL+f6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIVyyuQVJ+fDKlbqHYiu+wY26pOxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaFhMSzVCVW41OE1xVnVvZGlLNzdCamJxazdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIWSXmD25Iln2ftQj5WM
E9HY4C/5nrvZrSPh1x/j63McQB/I8Ra5pEkF7F/zu7fOyaS9m9qW5WOOAGJRypa7
cMB4vQ9t1Z5zeoceMHskx1jU0TwQeVtOupTrKT4xqLDt1uftRbWjqbtRMPALu6xv
Qssg+iQt9mtYf1NGnZd+0J5hyhQEGm3VfLETl/Odq1Njs+LHpno5Uy0hOG9SZcjl
t+Z0n3C+EH11+wN+6bfaS9kA9nB3medJWjeJT51W9kvQrMzMytgdizXudU8AlgKr
GAkITtYhPM6UGcYK/7lwsoU6iaQaXmimWZzq1T/NR1008kNx8a7dwpYT+Tu0AKPE
kBs=
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:43:53 2024 by rpki-client on console.sobornost.net