Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jIzmaxmI5_suPoc_rENL41mcEy8.roa
File: jIzmaxmI5_suPoc_rENL41mcEy8.roa (raw, json)
Hash identifier: yO2Gb9dunRg3dxLK4qq2sF8ltz9YLtjODsaMTscs9ZQ=
Subject key identifier: 8C:8C:E6:6B:19:88:E7:FB:2E:3E:87:3F:AC:43:4B:E3:59:9C:13:2F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ECE252E0C37F41B7F66679A16B60D2E8D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jIzmaxmI5_suPoc_rENL41mcEy8.roa
Signing time: Thu 11 Apr 2024 17:12:06 +0000
ROA not before: Thu 11 Apr 2024 17:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 18:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ce:25:2e:0c:37:f4:1b:7f:66:67:9a:16:b6:0d:2e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 11 17:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c8ce66b1988e7fb2e3e873fac434be3599c132f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:47:b6:79:cc:f6:ca:58:b1:db:87:fb:b8:4e:
d3:97:f2:d1:a6:e8:2c:42:c1:a1:a8:2f:83:56:a2:
27:8d:4d:92:de:72:1d:3b:b1:16:08:d6:31:61:29:
82:bb:a3:2d:a3:ba:00:a6:0c:b7:f7:e2:64:1e:9d:
d5:d3:77:a1:9a:b7:c3:4d:b1:63:40:28:cb:5b:1d:
5d:50:67:6d:51:64:d7:2e:1b:a9:04:8c:ff:0c:7a:
77:41:e0:a2:de:62:73:8d:06:bd:3f:e3:6d:11:25:
cb:84:fd:5b:58:2c:d6:26:36:64:da:5f:48:e2:96:
55:78:39:1e:4d:6d:93:ae:64:12:df:dd:9e:bf:d4:
4f:dc:59:57:1b:9e:34:0e:48:64:ae:79:7c:21:4a:
89:6e:f7:8a:40:cb:78:cd:44:7a:bc:d9:2b:0d:ac:
90:90:d6:9c:73:b9:68:06:47:33:43:91:c1:24:b2:
eb:13:5d:33:97:f5:78:5e:f8:0a:9b:37:26:3f:94:
c8:74:d6:f9:28:5f:1c:92:9e:4a:24:f4:6b:bb:9f:
1c:76:53:66:9f:ac:24:c8:3b:1a:ce:fe:ee:e1:b1:
3d:73:f0:9c:90:cf:85:c4:92:d6:fe:59:18:f7:c0:
a1:2b:27:65:c4:92:89:37:ef:4a:37:0a:41:b7:8a:
89:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8C:E6:6B:19:88:E7:FB:2E:3E:87:3F:AC:43:4B:E3:59:9C:13:2F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jIzmaxmI5_suPoc_rENL41mcEy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:10:c7:d3:6a:ef:22:a9:8c:7b:13:26:01:fd:84:d6:56:4c:
bf:86:f0:4c:7b:84:e3:3b:70:78:8b:b1:c8:20:e3:19:7f:85:
fa:3b:65:22:56:49:94:ed:c2:eb:d7:9d:7d:9e:ee:93:9c:02:
c5:3f:7d:de:97:64:61:85:92:e7:36:dd:dc:b5:b3:1c:fe:bf:
11:eb:e4:99:c8:58:b0:07:15:8c:1b:0c:27:be:23:72:61:fc:
8a:0a:fb:f1:de:ee:c2:52:da:58:e6:f0:e7:fc:dd:3c:75:89:
c6:17:4e:73:bb:40:95:e5:e0:a9:fe:fd:7a:4e:3e:ec:01:00:
49:88:ae:0b:bf:ea:cd:8b:dd:a7:f6:55:e4:a4:ec:ff:9f:9b:
e1:a5:cf:b1:75:07:eb:9b:23:28:06:85:9b:75:04:d2:a6:ce:
af:ef:88:d2:60:bd:46:90:bd:15:a0:12:3a:ac:5c:e1:aa:37:
77:02:e3:dd:84:fe:da:9e:19:fe:b7:c7:d3:d8:d9:8b:6b:9a:
bc:35:9c:0f:07:27:f4:84:ff:5a:eb:20:51:84:8d:8d:7b:6b:
52:68:fd:e9:1c:9d:02:d3:51:c7:fe:90:56:f3:d9:b6:50:ec:
86:ef:5a:ab:28:f8:a9:2d:40:ff:9a:db:fd:bd:3b:10:7e:49:
3b:6e:1b:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7OJS4MN/Qbf2Znmha2DS6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDExMTcxMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzhjZTY2YjE5ODhlN2ZiMmUzZTg3M2ZhYzQzNGJlMzU5OWMxMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUe2ecz2ylix24f7uE7Tl/LRpugs
QsGhqC+DVqInjU2S3nIdO7EWCNYxYSmCu6Mto7oApgy39+JkHp3V03ehmrfDTbFj
QCjLWx1dUGdtUWTXLhupBIz/DHp3QeCi3mJzjQa9P+NtESXLhP1bWCzWJjZk2l9I
4pZVeDkeTW2TrmQS392ev9RP3FlXG540Dkhkrnl8IUqJbveKQMt4zUR6vNkrDayQ
kNacc7loBkczQ5HBJLLrE10zl/V4XvgKmzcmP5TIdNb5KF8ckp5KJPRru58cdlNm
n6wkyDsazv7u4bE9c/CckM+FxJLW/lkY98ChKydlxJKJN+9KNwpBt4qJtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIyM5msZiOf7Lj6HP6xDS+NZnBMvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvakl6bWF4bUk1X3N1UG9jX3JFTkw0MW1jRXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJAQx9Nq7yKpjHsTJgH9
hNZWTL+G8Ex7hOM7cHiLscgg4xl/hfo7ZSJWSZTtwuvXnX2e7pOcAsU/fd6XZGGF
kuc23dy1sxz+vxHr5JnIWLAHFYwbDCe+I3Jh/IoK+/He7sJS2ljm8Of83Tx1icYX
TnO7QJXl4Kn+/XpOPuwBAEmIrgu/6s2L3af2VeSk7P+fm+Glz7F1B+ubIygGhZt1
BNKmzq/viNJgvUaQvRWgEjqsXOGqN3cC492E/tqeGf63x9PY2Ytrmrw1nA8HJ/SE
/1rrIFGEjY17a1Jo/ekcnQLTUcf+kFbz2bZQ7IbvWqso+KktQP+a2/29OxB+STtu
G8U=
-----END CERTIFICATE-----
Generated at Fri Apr 12 01:38:42 2024 by rpki-client on console.sobornost.net