Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nRdwq2Uaz1He9loaKkdMDjyolKk.roa
File: nRdwq2Uaz1He9loaKkdMDjyolKk.roa (raw, json)
Hash identifier: FqeVHpHIwhvrpPhJ5+66kt0wXIga7uO05VpWbEQnoUM=
Subject key identifier: 9D:17:70:AB:65:1A:CF:51:DE:F6:5A:1A:2A:47:4C:0E:3C:A8:94:A9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB434581D6E48A0A24646D786E74D18CD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nRdwq2Uaz1He9loaKkdMDjyolKk.roa
Signing time: Fri 29 Dec 2023 06:12:58 +0000
ROA not before: Fri 29 Dec 2023 06:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:34:58:1d:6e:48:a0:a2:46:46:d7:86:e7:4d:18:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 29 06:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d1770ab651acf51def65a1a2a474c0e3ca894a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:96:c6:ce:83:a0:c3:30:c8:07:b2:b1:42:61:
48:63:c4:39:56:c4:74:95:d5:09:68:b2:fa:73:04:
e8:a8:f4:de:6d:5e:82:9c:3c:44:9b:6f:46:19:02:
56:6b:37:35:fb:dd:d6:f0:d6:9b:63:d2:10:20:5d:
c8:ff:d3:61:7e:0e:ed:d4:f8:73:8a:4a:0e:01:b2:
7e:73:75:b8:5b:e2:a4:99:65:54:ad:95:a7:64:98:
11:c3:f0:f7:53:37:b6:b3:7d:e2:66:c4:09:8c:9f:
84:d0:42:a4:89:b1:ea:91:c6:8f:29:f6:f4:70:1a:
90:06:e0:22:3b:b0:5f:f4:01:27:fe:9d:68:9d:6a:
f9:d2:85:da:d3:4d:26:55:8c:0b:34:79:32:9c:82:
2a:e8:a5:31:7e:bf:c3:fa:c7:f5:f0:80:96:47:51:
13:3d:df:72:d9:d5:6c:34:33:98:c1:56:06:04:5e:
c2:c7:d8:af:82:9a:ae:0c:89:ad:d0:c0:14:ae:f8:
9d:4f:21:23:2f:80:f4:6a:82:af:38:c8:75:7e:3b:
e0:e7:b8:90:f9:bc:46:28:15:08:a8:00:aa:c6:59:
0c:92:48:a3:bd:6b:aa:23:8c:48:90:20:5f:6f:ed:
84:95:06:7f:f9:1d:ac:4c:80:52:2f:50:7d:e6:c2:
b7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:17:70:AB:65:1A:CF:51:DE:F6:5A:1A:2A:47:4C:0E:3C:A8:94:A9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nRdwq2Uaz1He9loaKkdMDjyolKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:57:1b:d0:48:e2:f0:c5:23:44:0a:e1:5d:dd:f2:36:fb:c0:
44:5f:6f:b3:f5:48:69:53:12:12:d8:cc:ca:06:ac:57:ad:91:
d4:3c:77:18:99:69:cb:5e:4f:18:97:d5:f1:87:d0:a6:5b:ec:
e3:26:8d:25:94:3e:d0:ae:b7:ce:fd:61:18:c9:64:fe:6b:6c:
a1:31:4a:37:70:12:62:ad:01:03:7b:d1:cb:cf:5d:ae:ae:f5:
29:22:fd:7c:c8:27:c6:4b:db:a1:07:92:c3:a2:a8:79:bb:88:
77:ef:66:0a:1e:b4:3f:72:5a:39:b2:b3:a2:65:1f:48:4f:e5:
f7:88:40:6f:d4:51:4f:6f:1d:d2:5e:44:01:b0:23:5e:e1:7f:
c1:cf:08:c0:85:e9:62:54:7a:d9:67:5e:37:2b:2a:a9:3d:77:
0e:56:78:0b:34:9d:52:35:61:67:2b:2b:4c:ce:79:49:4f:ec:
fd:eb:53:73:d0:61:1e:51:03:34:4a:aa:c7:35:13:57:41:fb:
a0:62:ee:6b:76:c8:0f:f5:99:66:10:19:e8:ad:85:13:4f:a0:
c7:56:59:fd:39:38:5b:4b:b4:71:cd:f0:b3:b4:0b:4f:fd:6b:
08:6f:ff:5c:7f:40:c8:7d:13:8c:52:a4:b1:26:fb:91:7f:da:
db:b9:84:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy0NFgdbkigokZG14bnTRjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI5MDYxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDE3NzBhYjY1MWFjZjUxZGVmNjVhMWEyYTQ3NGMwZTNjYTg5NGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZbGzoOgwzDIB7KxQmFIY8Q5VsR0
ldUJaLL6cwToqPTebV6CnDxEm29GGQJWazc1+93W8NabY9IQIF3I/9Nhfg7t1Phz
ikoOAbJ+c3W4W+KkmWVUrZWnZJgRw/D3Uze2s33iZsQJjJ+E0EKkibHqkcaPKfb0
cBqQBuAiO7Bf9AEn/p1onWr50oXa000mVYwLNHkynIIq6KUxfr/D+sf18ICWR1ET
Pd9y2dVsNDOYwVYGBF7Cx9ivgpquDImt0MAUrvidTyEjL4D0aoKvOMh1fjvg57iQ
+bxGKBUIqACqxlkMkkijvWuqI4xIkCBfb+2ElQZ/+R2sTIBSL1B95sK3mwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ0XcKtlGs9R3vZaGipHTA48qJSpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvblJkd3EyVWF6MUhlOWxvYUtrZE1EanlvbEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA5XG9BI4vDFI0QK4V3d
8jb7wERfb7P1SGlTEhLYzMoGrFetkdQ8dxiZacteTxiX1fGH0KZb7OMmjSWUPtCu
t879YRjJZP5rbKExSjdwEmKtAQN70cvPXa6u9Ski/XzIJ8ZL26EHksOiqHm7iHfv
ZgoetD9yWjmys6JlH0hP5feIQG/UUU9vHdJeRAGwI17hf8HPCMCF6WJUetlnXjcr
Kqk9dw5WeAs0nVI1YWcrK0zOeUlP7P3rU3PQYR5RAzRKqsc1E1dB+6Bi7mt2yA/1
mWYQGeithRNPoMdWWf05OFtLtHHN8LO0C0/9awhv/1x/QMh9E4xSpLEm+5F/2tu5
hPQ=
-----END CERTIFICATE-----
Generated at Fri Dec 29 13:54:07 2023 by rpki-client on console.sobornost.net