Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/E3NsQ2jPLJ_wjWwr57G9yOajIPg.roa
File: E3NsQ2jPLJ_wjWwr57G9yOajIPg.roa (raw, json)
Hash identifier: sqlwHLZMsvFPhFoKJMlgkPh61YGvbUm8x7ogZLUhDD8=
Subject key identifier: 13:73:6C:43:68:CF:2C:9F:F0:8D:6C:2B:E7:B1:BD:C8:E6:A3:20:F8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC25DD5F850799BE4EBCD5DED32FC40DD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/E3NsQ2jPLJ_wjWwr57G9yOajIPg.roa
Signing time: Mon 01 Jan 2024 00:12:58 +0000
ROA not before: Mon 01 Jan 2024 00:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:5d:d5:f8:50:79:9b:e4:eb:cd:5d:ed:32:fc:40:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 1 00:12:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13736c4368cf2c9ff08d6c2be7b1bdc8e6a320f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3a:b3:13:e6:22:67:d1:08:b7:e0:50:38:24:
2d:5a:a3:7e:4e:b3:8c:72:4d:6f:ad:33:24:a8:ad:
3f:00:b4:ab:90:26:9c:e3:a1:b3:d1:10:1f:73:01:
5e:57:2d:af:66:2a:8c:99:e6:f2:78:a6:36:5f:5f:
05:36:d4:24:bb:9f:8f:7c:65:94:75:73:7f:be:cb:
4a:3d:c2:98:36:ef:26:f6:1e:d0:cf:d9:67:dc:85:
38:02:3e:34:69:a3:5d:27:93:5c:f2:b6:a9:79:b3:
98:80:5e:9c:da:a5:7f:9d:17:c2:a1:67:b7:2d:74:
95:fa:3c:1e:00:bf:d1:61:f0:b2:08:56:4b:01:0d:
70:81:8c:44:0a:b9:2b:31:f9:51:d6:dc:8b:a3:6f:
93:b4:91:01:86:79:f1:b4:2b:c6:22:90:8b:80:50:
84:cc:91:10:e0:7b:06:a5:8c:c1:7c:2a:6b:f6:da:
72:9b:7c:55:38:c8:92:7e:d8:a3:db:56:a7:4b:ca:
f7:db:05:8e:e6:26:5d:dd:c9:5e:33:70:e3:2a:40:
64:b7:a3:1a:db:16:25:42:f0:b9:0b:d3:9e:97:ff:
db:17:33:db:c3:91:e5:b9:39:ca:81:9b:a5:bf:43:
d8:37:ed:22:8f:e9:42:70:44:44:94:df:86:6b:bf:
4b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:73:6C:43:68:CF:2C:9F:F0:8D:6C:2B:E7:B1:BD:C8:E6:A3:20:F8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/E3NsQ2jPLJ_wjWwr57G9yOajIPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:c1:eb:b6:d3:e0:bc:7a:e8:80:38:da:a7:b8:aa:71:c3:6a:
fe:0b:45:9c:c7:ea:dc:99:d0:ce:d9:4b:b1:4d:f1:c7:25:e5:
c0:9d:72:c2:28:ff:bc:17:38:36:19:0b:4d:1e:5e:d1:00:87:
a2:8b:64:45:8c:56:af:4e:f9:f0:01:fc:05:dd:58:6d:fb:1f:
9c:3f:b6:b7:08:0a:55:cf:b1:b4:0f:3b:cc:c6:b5:c5:71:12:
86:63:04:1a:98:2f:fe:db:03:41:70:63:41:4c:a9:7c:a0:86:
07:b0:8b:e6:c6:b5:2e:59:30:45:08:98:26:66:aa:39:fa:f4:
7d:75:61:8a:68:c4:37:71:38:dc:dd:a2:50:3c:49:66:1f:64:
53:f8:6f:7a:8b:55:63:31:da:e1:7e:dd:1b:2f:5a:c1:cc:b0:
9b:eb:86:fa:ae:bc:da:60:16:e3:37:f5:e9:fd:a1:a7:e1:0d:
80:71:42:8b:af:d9:2c:52:af:00:e1:87:81:2b:cc:d8:30:8d:
c9:65:33:4a:63:a4:1a:dc:1c:dd:0b:07:bc:ae:a8:28:bb:3e:
89:5b:ba:94:87:8d:b1:54:ef:51:77:cc:97:3e:a4:33:e4:1e:
d2:b7:9e:59:ff:9d:e1:e4:8a:88:5e:e9:85:1d:d6:fc:36:01:
d9:e6:48:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCXdX4UHmb5OvNXe0y/EDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAxMDAxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzczNmM0MzY4Y2YyYzlmZjA4ZDZjMmJlN2IxYmRjOGU2YTMyMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTqzE+YiZ9EIt+BQOCQtWqN+TrOM
ck1vrTMkqK0/ALSrkCac46Gz0RAfcwFeVy2vZiqMmebyeKY2X18FNtQku5+PfGWU
dXN/vstKPcKYNu8m9h7Qz9ln3IU4Aj40aaNdJ5Nc8rapebOYgF6c2qV/nRfCoWe3
LXSV+jweAL/RYfCyCFZLAQ1wgYxECrkrMflR1tyLo2+TtJEBhnnxtCvGIpCLgFCE
zJEQ4HsGpYzBfCpr9tpym3xVOMiSftij21anS8r32wWO5iZd3cleM3DjKkBkt6Ma
2xYlQvC5C9Oel//bFzPbw5HluTnKgZulv0PYN+0ij+lCcERElN+Ga79LlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBNzbENozyyf8I1sK+exvcjmoyD4MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRTNOc1EyalBMSl93ald3cjU3Rzl5T2FqSVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEjB67bT4Lx66IA42qe4
qnHDav4LRZzH6tyZ0M7ZS7FN8ccl5cCdcsIo/7wXODYZC00eXtEAh6KLZEWMVq9O
+fAB/AXdWG37H5w/trcIClXPsbQPO8zGtcVxEoZjBBqYL/7bA0FwY0FMqXyghgew
i+bGtS5ZMEUImCZmqjn69H11YYpoxDdxONzdolA8SWYfZFP4b3qLVWMx2uF+3Rsv
WsHMsJvrhvquvNpgFuM39en9oafhDYBxQouv2SxSrwDhh4ErzNgwjcllM0pjpBrc
HN0LB7yuqCi7PolbupSHjbFU71F3zJc+pDPkHtK3nln/neHkiohe6YUd1vw2Adnm
SMM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:53 2024 by rpki-client on console.sobornost.net