Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/krHFXbYhAD_uTjWhO7C9gjcprW4.roa
File: krHFXbYhAD_uTjWhO7C9gjcprW4.roa (raw, json)
Hash identifier: 31i24AZSSAiTR+7sCceoDp4qrpBqYNrbCt0fFnMg6cc=
Subject key identifier: 92:B1:C5:5D:B6:21:00:3F:EE:4E:35:A1:3B:B0:BD:82:37:29:AD:6E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCFB0EDC81004B9E1D22705E0FE194C9C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/krHFXbYhAD_uTjWhO7C9gjcprW4.roa
Signing time: Wed 03 Jan 2024 14:18:48 +0000
ROA not before: Wed 03 Jan 2024 14:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:b0:ed:c8:10:04:b9:e1:d2:27:05:e0:fe:19:4c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 14:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92b1c55db621003fee4e35a13bb0bd823729ad6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9d:db:5a:1b:93:e0:04:4e:29:39:3e:c8:2f:
1b:11:94:bf:44:de:dc:f6:92:74:d8:91:67:d0:2d:
a2:0e:e9:de:67:27:eb:77:93:d2:e0:8f:c4:12:b7:
bc:b1:42:14:76:92:9a:26:21:12:49:d9:a5:f7:e7:
62:b6:78:4d:a1:cd:b9:9d:d9:0a:31:24:1a:5c:69:
70:04:41:4e:5e:25:da:79:f7:71:f8:83:c9:8f:14:
dd:db:5c:60:25:8c:a7:cd:b1:54:08:4c:bf:79:7f:
b0:c5:ca:1d:a8:11:59:4d:ad:d0:a0:99:f4:b6:96:
a4:43:60:29:1c:e2:f7:8f:83:d7:45:74:6c:1f:10:
f1:62:be:6e:07:b3:9e:b4:be:46:19:4d:17:d2:92:
5a:43:84:ec:84:d1:da:90:17:f5:94:9a:c8:b5:8c:
6c:5c:0a:94:61:2e:83:e8:c0:cc:78:11:b3:50:bd:
e4:fa:1e:da:a7:97:9b:c0:f3:c6:cd:81:46:07:34:
b1:87:c8:74:52:cd:cd:82:19:f0:e9:12:ab:91:3a:
37:79:1e:77:d0:ae:70:3e:6c:70:e1:9b:85:17:90:
5e:be:43:39:f5:80:55:7c:12:cf:5b:e3:01:df:b1:
ab:2a:39:25:56:a4:8d:92:71:ab:30:cc:2b:28:a9:
f6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B1:C5:5D:B6:21:00:3F:EE:4E:35:A1:3B:B0:BD:82:37:29:AD:6E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/krHFXbYhAD_uTjWhO7C9gjcprW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:88:89:90:2e:41:f1:84:86:8b:4f:d5:9a:fa:4f:61:02:d9:
e3:eb:3a:52:24:0a:08:54:5d:f9:17:bb:fc:99:bd:18:5c:c6:
69:df:d0:b3:6f:fe:18:e5:02:43:d1:a4:e7:a2:37:a9:e1:5e:
76:b1:6a:65:6a:f7:68:ef:3e:f4:d7:4d:da:c8:e0:f8:64:db:
a1:a4:f4:57:e9:10:eb:6f:1c:6f:02:8a:2c:95:ae:51:10:d3:
a9:96:2a:51:19:94:db:cf:9b:6e:09:76:17:9e:16:58:bd:c2:
88:70:c2:8b:14:03:26:f3:4e:2e:4f:ba:ae:93:28:c9:8a:f8:
93:7e:f0:2b:21:b7:d1:55:9e:2b:ec:10:5f:e0:14:48:c6:58:
66:f9:67:12:9f:83:2f:dd:b8:4d:8a:3b:e4:8e:a8:e2:47:cc:
c3:86:9b:84:42:16:72:76:ec:61:d6:14:e5:89:fa:6e:bb:83:
6b:cd:a7:87:31:de:26:48:4d:a9:00:de:c4:e0:6b:67:b5:3e:
4c:60:b8:ac:67:10:b7:da:97:99:95:18:85:36:ed:26:47:98:
72:f5:54:79:64:e8:92:41:92:ed:5b:40:76:e8:c8:ae:b7:8c:
99:c6:c8:35:29:47:7a:80:70:1c:23:98:ff:23:95:19:a3:82:
f4:c8:86:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzPsO3IEAS54dInBeD+GUycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMTQxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmIxYzU1ZGI2MjEwMDNmZWU0ZTM1YTEzYmIwYmQ4MjM3MjlhZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm53bWhuT4AROKTk+yC8bEZS/RN7c
9pJ02JFn0C2iDuneZyfrd5PS4I/EEre8sUIUdpKaJiESSdml9+ditnhNoc25ndkK
MSQaXGlwBEFOXiXaefdx+IPJjxTd21xgJYynzbFUCEy/eX+wxcodqBFZTa3QoJn0
tpakQ2ApHOL3j4PXRXRsHxDxYr5uB7OetL5GGU0X0pJaQ4TshNHakBf1lJrItYxs
XAqUYS6D6MDMeBGzUL3k+h7ap5ebwPPGzYFGBzSxh8h0Us3Nghnw6RKrkTo3eR53
0K5wPmxw4ZuFF5BevkM59YBVfBLPW+MB37GrKjklVqSNknGrMMwrKKn2pwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJKxxV22IQA/7k41oTuwvYI3Ka1uMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva3JIRlhiWWhBRF91VGpXaE83QzlnamNwclc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAISIiZAuQfGEhotP1Zr6
T2EC2ePrOlIkCghUXfkXu/yZvRhcxmnf0LNv/hjlAkPRpOeiN6nhXnaxamVq92jv
PvTXTdrI4Phk26Gk9FfpEOtvHG8CiiyVrlEQ06mWKlEZlNvPm24JdheeFli9wohw
wosUAybzTi5Puq6TKMmK+JN+8Csht9FVnivsEF/gFEjGWGb5ZxKfgy/duE2KO+SO
qOJHzMOGm4RCFnJ27GHWFOWJ+m67g2vNp4cx3iZITakA3sTga2e1PkxguKxnELfa
l5mVGIU27SZHmHL1VHlk6JJBku1bQHboyK63jJnGyDUpR3qAcBwjmP8jlRmjgvTI
hh4=
-----END CERTIFICATE-----
Generated at Wed Jan 3 19:00:49 2024 by rpki-client on console.sobornost.net