Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/21gKgaEhhacwePmAav7RQB85leQ.roa
File: 21gKgaEhhacwePmAav7RQB85leQ.roa (raw, json)
Hash identifier: T2TffPj+mJEKUNG6gaeJjIfvAISE2IyrqLapy5vmd2g=
Subject key identifier: DB:58:0A:81:A1:21:85:A7:30:78:F9:80:6A:FE:D1:40:1F:39:95:E4
Certificate issuer: /CN=1f528429034dcfba01f7fff5c7cc8856d4d06e1b
Certificate serial: 018570CBF9ACA90B2B67DCCDAFA6D30D0006
Authority key identifier: 1F:52:84:29:03:4D:CF:BA:01:F7:FF:F5:C7:CC:88:56:D4:D0:6E:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/21gKgaEhhacwePmAav7RQB85leQ.roa
Signing time: Mon 02 Jan 2023 04:44:54 +0000
ROA not before: Mon 02 Jan 2023 04:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198143
IP address blocks: 193.150.25.0/24 maxlen: 24
193.150.24.0/24 maxlen: 24
193.150.24.0/23 maxlen: 23
2001:67c:24a0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:f9:ac:a9:0b:2b:67:dc:cd:af:a6:d3:0d:00:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f528429034dcfba01f7fff5c7cc8856d4d06e1b
Validity
Not Before: Jan 2 04:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db580a81a12185a73078f9806afed1401f3995e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:77:00:78:1a:c8:6a:86:db:0e:ae:e3:e8:21:
b4:ee:61:e4:16:4a:cd:f4:aa:30:4b:80:6d:e8:ad:
c3:d3:9e:c0:c1:bf:41:9e:d6:24:af:88:5e:dc:ad:
9e:db:29:9a:fa:22:e8:4e:3c:81:c1:4e:da:2b:1c:
db:8f:a6:4b:43:55:6a:31:7d:21:4c:38:e4:c2:e7:
8c:1e:f2:dd:71:02:50:75:33:df:20:49:c2:1b:5d:
9e:72:a5:45:70:84:90:1b:ec:1d:f6:c2:c8:8d:3c:
3b:e6:ae:5c:c7:a1:55:46:f4:e4:d1:92:6e:9b:a9:
d8:60:cb:e1:e6:57:f9:86:48:84:61:75:f6:e6:92:
57:d8:05:0b:d1:2b:36:12:16:dc:70:a3:a2:ea:49:
cf:b1:11:f5:3f:77:d1:91:29:22:5b:78:da:fd:2b:
ce:61:96:6c:06:0b:d2:90:56:71:bd:ed:f5:86:c5:
f1:e2:61:30:34:52:70:83:cb:97:6c:6d:54:f8:09:
23:02:3c:30:7e:59:ef:7c:0c:19:e4:23:51:5b:24:
fe:9a:5a:2e:1e:25:f3:40:dc:bd:0b:2a:23:3b:63:
72:da:72:f8:a2:b8:7e:10:01:76:4a:e5:28:51:eb:
9f:1f:b2:16:26:e4:91:70:42:7c:3d:41:76:bf:e4:
e6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:58:0A:81:A1:21:85:A7:30:78:F9:80:6A:FE:D1:40:1F:39:95:E4
X509v3 Authority Key Identifier:
keyid:1F:52:84:29:03:4D:CF:BA:01:F7:FF:F5:C7:CC:88:56:D4:D0:6E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/21gKgaEhhacwePmAav7RQB85leQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.24.0/23
IPv6:
2001:67c:24a0::/48
Signature Algorithm: sha256WithRSAEncryption
2e:8a:70:a4:e2:05:aa:19:fa:e6:36:38:da:f5:d2:f2:d5:c3:
62:08:c8:2a:62:4e:68:9b:6e:3f:0b:d1:7f:dc:62:0a:4e:be:
b4:0f:c1:f5:79:18:47:c6:91:2c:4a:7c:e3:bd:f1:cf:07:7e:
d8:0d:8a:99:57:2c:19:5b:88:64:a1:77:ef:70:73:34:25:3a:
06:4c:9c:c8:e0:2f:a8:4e:0f:63:56:36:49:a5:d9:d1:7b:b1:
83:f9:ea:72:0e:6e:39:20:06:cf:f4:8b:cf:a2:d1:6a:79:1f:
7c:e9:51:68:fa:2f:5e:9b:67:56:a3:40:2c:86:77:d3:08:d7:
e0:e7:cc:98:d5:31:e6:b4:cd:6d:3e:71:9e:40:34:7a:a5:c7:
d5:76:01:a5:1d:16:04:b4:ba:3f:fc:f1:ce:db:92:c2:2a:ae:
b0:9d:54:43:c6:cd:51:bc:dd:15:1e:a4:01:a7:07:c8:ff:2b:
66:e7:b5:09:bf:a7:56:44:c7:15:02:26:1a:ef:cd:6a:44:38:
a4:7d:e7:3d:67:51:35:ec:6a:4d:99:68:ae:c6:5b:dc:91:1f:
51:58:0b:23:37:52:bd:ed:d1:18:d4:98:2e:91:13:19:0c:c8:
36:58:64:7f:27:6a:5a:b4:78:c5:64:32:54:40:35:69:a9:d0:
a6:29:49:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwy/msqQsrZ9zNr6bTDQAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNTI4NDI5MDM0ZGNmYmEwMWY3ZmZmNWM3Y2M4ODU2ZDRk
MDZlMWIwHhcNMjMwMTAyMDQ0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjU4MGE4MWExMjE4NWE3MzA3OGY5ODA2YWZlZDE0MDFmMzk5NWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13cAeBrIaobbDq7j6CG07mHkFkrN
9KowS4Bt6K3D057Awb9BntYkr4he3K2e2yma+iLoTjyBwU7aKxzbj6ZLQ1VqMX0h
TDjkwueMHvLdcQJQdTPfIEnCG12ecqVFcISQG+wd9sLIjTw75q5cx6FVRvTk0ZJu
m6nYYMvh5lf5hkiEYXX25pJX2AUL0Ss2EhbccKOi6knPsRH1P3fRkSkiW3ja/SvO
YZZsBgvSkFZxve31hsXx4mEwNFJwg8uXbG1U+AkjAjwwflnvfAwZ5CNRWyT+mlou
HiXzQNy9CyojO2Ny2nL4orh+EAF2SuUoUeufH7IWJuSRcEJ8PUF2v+TmeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNtYCoGhIYWnMHj5gGr+0UAfOZXkMB8GA1UdIwQY
MBaAFB9ShCkDTc+6Aff/9cfMiFbU0G4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC85NzNiYjUtMDY2MS00NTZjLTllMWUt
MjUzYmU5ZjZlZDNkLzEvMjFnS2dhRWhoYWN3ZVBtQWF2N1JRQjg1bGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC85NzNiYjUtMDY2MS00NTZjLTllMWUtMjUzYmU5ZjZlZDNk
LzEvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwZYYMA8E
AgACMAkDBwAgAQZ8JKAwDQYJKoZIhvcNAQELBQADggEBAC6KcKTiBaoZ+uY2ONr1
0vLVw2IIyCpiTmibbj8L0X/cYgpOvrQPwfV5GEfGkSxKfOO98c8HftgNiplXLBlb
iGShd+9wczQlOgZMnMjgL6hOD2NWNkml2dF7sYP56nIObjkgBs/0i8+i0Wp5H3zp
UWj6L16bZ1ajQCyGd9MI1+DnzJjVMea0zW0+cZ5ANHqlx9V2AaUdFgS0uj/88c7b
ksIqrrCdVEPGzVG83RUepAGnB8j/K2bntQm/p1ZExxUCJhrvzWpEOKR95z1nUTXs
ak2ZaK7GW9yRH1FYCyM3Ur3t0RjUmC6RExkMyDZYZH8nalq0eMVkMlRANWmp0KYp
SeI=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:55 2024 by rpki-client on console.sobornost.net