Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oZ1WNlI7jXMfLpqXG1lcGMhbh_Q.roa
File: oZ1WNlI7jXMfLpqXG1lcGMhbh_Q.roa (raw, json)
Hash identifier: t7hArENg21o/+2slrbyb+znSMeDt+VYqFBPyz7LJOzo=
Subject key identifier: A1:9D:56:36:52:3B:8D:73:1F:2E:9A:97:1B:59:5C:18:C8:5B:87:F4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBD3778A078E105EE0D21FB78B5E6BADE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oZ1WNlI7jXMfLpqXG1lcGMhbh_Q.roa
Signing time: Sun 31 Dec 2023 00:12:58 +0000
ROA not before: Sun 31 Dec 2023 00:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bd:37:78:a0:78:e1:05:ee:0d:21:fb:78:b5:e6:ba:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 31 00:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a19d5636523b8d731f2e9a971b595c18c85b87f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:27:f5:0c:cd:ca:7e:b4:a8:55:f1:cc:99:
ce:00:da:cb:bf:b2:9f:44:77:7c:00:0f:f0:b1:61:
22:da:22:10:c3:66:3a:c4:66:78:01:19:9c:29:c7:
86:00:71:dc:e7:d1:45:93:27:a5:7e:27:92:37:90:
8e:37:e6:d5:3e:88:01:4a:c1:13:7c:f0:40:7a:bc:
60:0a:7d:9b:2c:22:d9:83:e9:2a:37:6a:d4:76:36:
95:35:e3:e5:7d:61:ea:0a:e0:e8:eb:2b:76:79:ff:
92:04:06:69:d9:0d:18:d3:88:c0:a4:38:d5:0d:ea:
40:77:9e:71:dc:88:14:49:0d:27:f1:90:52:7a:7a:
73:c9:e1:60:82:c7:88:bf:dc:de:46:89:3e:aa:92:
9e:52:0f:15:89:2f:86:50:a6:58:3d:cc:8e:df:4c:
66:96:60:5f:86:35:da:00:78:e0:f1:d2:75:0c:3b:
7f:20:07:a0:0e:91:fc:34:60:82:3c:e5:88:bf:b4:
06:11:e7:15:a8:6e:8c:1a:ca:da:e0:9f:b5:15:9e:
2c:c7:d9:8b:d9:89:5f:bf:5a:ed:e1:61:f9:6c:38:
08:cf:b0:5c:db:33:d3:37:0d:c7:ef:a0:78:ed:aa:
2f:fa:80:ea:5c:ca:fd:46:9f:a0:bc:2e:ee:79:5e:
da:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9D:56:36:52:3B:8D:73:1F:2E:9A:97:1B:59:5C:18:C8:5B:87:F4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oZ1WNlI7jXMfLpqXG1lcGMhbh_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:39:6f:92:30:8d:5c:16:f7:85:a6:5a:e2:72:23:bc:eb:2e:
b1:3a:3e:08:df:42:02:da:7d:71:0c:48:24:f6:d0:69:18:43:
7e:1b:da:1b:ac:78:06:6d:fb:75:d6:ad:ff:27:b7:20:e4:a3:
03:dc:5b:e7:bc:42:cc:76:81:8d:c9:3f:35:5c:21:fc:35:10:
1e:ec:5b:da:64:b7:ea:0d:74:c0:f4:44:da:5a:37:3b:50:1c:
30:9a:fc:cb:35:15:81:36:db:9a:4e:21:8e:67:69:c5:5d:07:
3c:d9:06:b1:dc:7c:58:0c:c6:a4:82:c1:f6:50:5a:df:c1:d6:
6e:7c:3d:21:bf:e3:e3:67:a6:96:2c:03:68:12:79:18:ad:c1:
8c:d6:03:2e:28:f0:4b:6e:b0:f8:6f:d2:93:93:c7:b8:fb:c6:
ae:07:62:67:cd:79:5c:d4:83:e3:b0:b1:30:6a:9c:8b:8e:19:
bf:ca:91:1d:cd:d0:48:3c:11:d4:62:94:4b:a6:b4:81:57:f1:
88:cb:bd:8e:fe:93:5b:1f:48:dc:7a:99:88:50:04:67:b6:64:
3d:c1:12:e0:86:75:ce:e0:85:86:c9:08:52:15:20:19:eb:ea:
71:b6:88:53:d6:6d:51:51:95:ee:a9:d6:58:99:3b:5a:b8:ae:
d2:13:73:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy9N3igeOEF7g0h+3i15rreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMxMDAxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTlkNTYzNjUyM2I4ZDczMWYyZTlhOTcxYjU5NWMxOGM4NWI4N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhAn9QzNyn60qFXxzJnOANrLv7Kf
RHd8AA/wsWEi2iIQw2Y6xGZ4ARmcKceGAHHc59FFkyelfieSN5CON+bVPogBSsET
fPBAerxgCn2bLCLZg+kqN2rUdjaVNePlfWHqCuDo6yt2ef+SBAZp2Q0Y04jApDjV
DepAd55x3IgUSQ0n8ZBSenpzyeFggseIv9zeRok+qpKeUg8ViS+GUKZYPcyO30xm
lmBfhjXaAHjg8dJ1DDt/IAegDpH8NGCCPOWIv7QGEecVqG6MGsra4J+1FZ4sx9mL
2Ylfv1rt4WH5bDgIz7Bc2zPTNw3H76B47aov+oDqXMr9Rp+gvC7ueV7aAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKGdVjZSO41zHy6alxtZXBjIW4f0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvb1oxV05sSTdqWE1mTHBxWEcxbGNHTWhiaF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJg5b5IwjVwW94WmWuJy
I7zrLrE6PgjfQgLafXEMSCT20GkYQ34b2huseAZt+3XWrf8ntyDkowPcW+e8Qsx2
gY3JPzVcIfw1EB7sW9pkt+oNdMD0RNpaNztQHDCa/Ms1FYE225pOIY5nacVdBzzZ
BrHcfFgMxqSCwfZQWt/B1m58PSG/4+NnppYsA2gSeRitwYzWAy4o8EtusPhv0pOT
x7j7xq4HYmfNeVzUg+OwsTBqnIuOGb/KkR3N0Eg8EdRilEumtIFX8YjLvY7+k1sf
SNx6mYhQBGe2ZD3BEuCGdc7ghYbJCFIVIBnr6nG2iFPWbVFRle6p1liZO1q4rtIT
c5c=
-----END CERTIFICATE-----
Generated at Sun Dec 31 03:42:59 2023 by rpki-client on console.sobornost.net