Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7yPqNnDSDLSXAkD5LkObXEacQeU.roa
File: 7yPqNnDSDLSXAkD5LkObXEacQeU.roa (raw, json)
Hash identifier: BbQmcDCS1dZTzTa+obkzt3JMooTp1+PxYrznhWbcItY=
Subject key identifier: EF:23:EA:36:70:D2:0C:B4:97:02:40:F9:2E:43:9B:5C:46:9C:41:E5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA85FC76896EDBB93964D118803EADE8F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7yPqNnDSDLSXAkD5LkObXEacQeU.roa
Signing time: Tue 26 Dec 2023 23:04:58 +0000
ROA not before: Tue 26 Dec 2023 23:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:a85f:27c3/128 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a8:5f:c7:68:96:ed:bb:93:96:4d:11:88:03:ea:de:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 26 23:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef23ea3670d20cb4970240f92e439b5c469c41e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:30:74:4a:db:f9:d1:7b:ef:81:fa:ae:98:02:
5e:73:e1:bf:69:ba:39:af:8e:69:66:31:08:00:08:
6a:0f:8b:f4:1e:04:99:74:20:1c:00:62:5f:b1:c4:
b8:74:8a:a0:a1:4a:b9:2e:4e:a1:b5:b4:e7:a1:15:
3c:a0:4e:56:53:41:4d:8d:f8:51:42:02:ad:29:27:
ea:1d:ef:5f:66:a2:f6:6f:c1:7f:88:02:a8:ed:ff:
e1:f7:06:54:20:6b:7d:c4:56:c6:39:c0:22:33:b2:
1b:92:57:f2:db:0d:c7:cc:ed:aa:ed:7c:71:f3:82:
b1:55:82:69:ae:bc:94:78:49:8d:c7:e5:e8:a4:21:
d9:7d:56:69:3c:22:c9:03:16:09:39:31:5d:2a:95:
00:f0:ac:2f:2c:ff:04:36:63:44:5b:e3:5e:75:14:
9b:90:ec:5a:7b:65:8c:22:d8:76:17:63:3c:09:97:
36:a9:58:e2:79:26:04:6d:31:f8:7a:4b:df:da:ce:
91:2b:4a:0e:c2:f0:47:03:c7:c8:89:6f:96:50:70:
9a:af:85:f2:b6:7b:9f:46:10:5c:65:01:85:fc:6c:
4c:61:f8:6a:04:01:50:49:f6:f9:fa:c1:ce:03:91:
a4:2c:42:0f:c5:95:72:d7:7d:7d:61:51:00:62:e7:
56:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:23:EA:36:70:D2:0C:B4:97:02:40:F9:2E:43:9B:5C:46:9C:41:E5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7yPqNnDSDLSXAkD5LkObXEacQeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:1a:6e:46:77:a5:15:56:ea:31:fb:a6:8c:9e:9c:4f:dd:26:
f6:ed:c1:8c:eb:c7:5f:45:3d:2d:bd:c3:ea:f2:ec:4d:c1:d1:
69:91:17:87:ec:da:9a:68:26:62:8c:19:4d:b3:20:f0:37:fb:
79:2e:34:e8:c3:26:61:ad:9b:98:74:72:8f:a0:54:a6:53:54:
f7:bd:b1:8b:7a:05:22:bf:fc:10:89:2a:63:66:43:29:ae:c9:
dc:55:e9:21:44:92:8a:42:5d:f7:a1:ca:f3:20:ba:5f:6d:a3:
37:93:a7:f7:5d:49:cb:36:11:1f:40:16:3f:3b:5f:b1:ec:6b:
76:0d:c5:0e:25:0b:87:40:42:b1:27:3e:24:af:ff:82:ad:fb:
5c:fa:81:1c:a4:a3:59:f8:fe:dd:9f:e8:cf:b7:99:46:9b:6b:
cf:ab:6c:e4:19:6b:0e:47:db:9a:eb:55:1a:e2:b6:fa:ab:08:
fe:88:39:b0:dd:8d:b9:eb:94:51:05:be:b4:84:f7:d7:a8:6b:
26:61:8e:cc:75:5e:75:b1:80:35:42:47:ed:16:52:04:6d:fe:
48:68:df:9b:d5:24:12:d1:2a:29:b2:85:28:33:87:21:6b:61:
0a:e8:33:d6:27:dd:42:aa:5a:7d:07:f5:69:aa:13:ec:04:21:
5b:1a:88:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyoX8dolu27k5ZNEYgD6t6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI2MjMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjIzZWEzNjcwZDIwY2I0OTcwMjQwZjkyZTQzOWI1YzQ2OWM0MWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDB0Stv50XvvgfqumAJec+G/abo5
r45pZjEIAAhqD4v0HgSZdCAcAGJfscS4dIqgoUq5Lk6htbTnoRU8oE5WU0FNjfhR
QgKtKSfqHe9fZqL2b8F/iAKo7f/h9wZUIGt9xFbGOcAiM7Ibklfy2w3HzO2q7Xxx
84KxVYJprryUeEmNx+XopCHZfVZpPCLJAxYJOTFdKpUA8KwvLP8ENmNEW+NedRSb
kOxae2WMIth2F2M8CZc2qVjieSYEbTH4ekvf2s6RK0oOwvBHA8fIiW+WUHCar4Xy
tnufRhBcZQGF/GxMYfhqBAFQSfb5+sHOA5GkLEIPxZVy1319YVEAYudWSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO8j6jZw0gy0lwJA+S5Dm1xGnEHlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvN3lQcU5uRFNETFNYQWtENUxrT2JYRWFjUWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHsabkZ3pRVW6jH7poye
nE/dJvbtwYzrx19FPS29w+ry7E3B0WmRF4fs2ppoJmKMGU2zIPA3+3kuNOjDJmGt
m5h0co+gVKZTVPe9sYt6BSK//BCJKmNmQymuydxV6SFEkopCXfehyvMgul9tozeT
p/ddScs2ER9AFj87X7Hsa3YNxQ4lC4dAQrEnPiSv/4Kt+1z6gRyko1n4/t2f6M+3
mUaba8+rbOQZaw5H25rrVRritvqrCP6IObDdjbnrlFEFvrSE99eoayZhjsx1XnWx
gDVCR+0WUgRt/kho35vVJBLRKimyhSgzhyFrYQroM9Yn3UKqWn0H9WmqE+wEIVsa
iK4=
Generated at Wed Dec 27 00:27:26 2023 by rpki-client on console.sobornost.net