Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q1gzhbpGuak7Vd9aVPKdCtkmY2g.roa
File: Q1gzhbpGuak7Vd9aVPKdCtkmY2g.roa (raw, json)
Hash identifier: bmN0D7NIA/x2bx/41G1iZrwHtDC195IbBCVH4pb2D2Q=
Subject key identifier: 43:58:33:85:BA:46:B9:A9:3B:55:DF:5A:54:F2:9D:0A:D9:26:63:68
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD98C1F82B5A2DF483AD2911DE7682C05
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q1gzhbpGuak7Vd9aVPKdCtkmY2g.roa
Signing time: Fri 05 Jan 2024 12:14:48 +0000
ROA not before: Fri 05 Jan 2024 12:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:8c:1f:82:b5:a2:df:48:3a:d2:91:1d:e7:68:2c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 5 12:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43583385ba46b9a93b55df5a54f29d0ad9266368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:58:e6:a8:41:02:8c:4f:55:66:3d:7f:9f:d7:
14:4e:0a:0e:a2:8e:4d:08:e0:1e:1d:c5:bc:95:20:
17:2e:49:0e:08:1a:9d:65:5c:2c:3a:0b:0e:73:3d:
4a:6b:c3:fb:2f:82:6f:bb:e4:50:9d:c4:7f:cc:eb:
7d:32:b2:08:00:f7:cd:fc:62:5e:85:5c:06:94:93:
3c:87:70:d6:26:e1:3c:e8:ca:49:2e:e6:b9:9c:0a:
e0:88:76:e8:c9:bb:c6:a5:f4:9a:87:46:25:7a:68:
25:27:74:4f:10:0f:65:58:4e:5a:d9:75:84:53:65:
7a:76:c0:6d:7c:01:84:6c:6d:15:e8:78:26:b8:ad:
92:26:6c:ea:ee:c0:c5:6c:ab:3f:58:92:34:bc:5b:
29:f9:97:e5:12:d8:7f:aa:e1:68:db:31:1e:f1:7a:
91:5e:c9:75:4e:74:85:9c:b0:f0:ab:00:d4:cf:48:
ae:48:9f:5c:29:13:b0:0b:4c:c2:30:9c:5f:6c:9b:
2f:01:bb:46:33:ef:12:a7:c8:88:88:80:5a:8e:df:
80:f5:55:4b:5b:6a:da:93:24:15:10:83:15:51:67:
b8:be:23:63:55:d5:e6:4d:d2:78:ff:00:ac:7f:ba:
51:cc:3e:81:50:7d:58:76:1d:40:94:f2:86:db:7c:
b4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:58:33:85:BA:46:B9:A9:3B:55:DF:5A:54:F2:9D:0A:D9:26:63:68
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q1gzhbpGuak7Vd9aVPKdCtkmY2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:30:41:ed:39:09:69:1f:b8:e7:24:bf:cf:ed:a5:a4:fe:26:
e2:5d:c9:ad:b9:23:d3:be:b1:a3:a8:cd:10:48:03:f1:4a:a5:
29:30:10:ad:aa:04:96:95:12:02:01:ce:8c:98:33:50:38:41:
6f:32:fb:03:a6:a7:07:04:08:5f:9c:9f:ec:c3:47:46:ed:2a:
18:32:90:ab:61:24:e1:81:a8:e5:6e:5c:a5:54:d9:d6:1d:04:
54:bd:72:27:61:fc:68:11:28:6a:e7:97:67:72:4a:e8:91:dc:
0e:80:2d:e8:e0:94:e5:f3:d0:22:e9:bd:a0:11:2e:8e:26:02:
22:30:ba:c9:40:15:2e:d4:ea:11:87:94:5b:1c:cd:cb:05:a6:
3b:ea:4c:52:12:ee:8c:5d:d9:ad:98:0d:5a:86:4c:1a:bf:d9:
7f:9e:fe:da:57:19:63:3a:00:11:8f:be:9d:3f:27:0f:76:97:
c5:a3:b3:c5:97:89:75:91:56:18:0d:69:f0:2d:92:de:c3:48:
9e:e5:e7:75:99:db:c3:8f:c4:24:7a:6f:8b:b4:0d:77:37:80:
97:9f:93:59:6f:2d:92:d4:13:04:d8:34:97:c0:39:95:34:6e:
0c:ec:e0:ce:6f:3e:a3:22:cc:aa:45:61:04:a8:4b:61:f9:8d:
f0:40:09:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzZjB+CtaLfSDrSkR3naCwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA1MTIxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzU4MzM4NWJhNDZiOWE5M2I1NWRmNWE1NGYyOWQwYWQ5MjY2MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1jmqEECjE9VZj1/n9cUTgoOoo5N
COAeHcW8lSAXLkkOCBqdZVwsOgsOcz1Ka8P7L4Jvu+RQncR/zOt9MrIIAPfN/GJe
hVwGlJM8h3DWJuE86MpJLua5nArgiHboybvGpfSah0YlemglJ3RPEA9lWE5a2XWE
U2V6dsBtfAGEbG0V6HgmuK2SJmzq7sDFbKs/WJI0vFsp+ZflEth/quFo2zEe8XqR
Xsl1TnSFnLDwqwDUz0iuSJ9cKROwC0zCMJxfbJsvAbtGM+8Sp8iIiIBajt+A9VVL
W2rakyQVEIMVUWe4viNjVdXmTdJ4/wCsf7pRzD6BUH1Ydh1AlPKG23y02wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFENYM4W6RrmpO1XfWlTynQrZJmNoMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUTFnemhicEd1YWs3VmQ5YVZQS2RDdGttWTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF0wQe05CWkfuOckv8/t
paT+JuJdya25I9O+saOozRBIA/FKpSkwEK2qBJaVEgIBzoyYM1A4QW8y+wOmpwcE
CF+cn+zDR0btKhgykKthJOGBqOVuXKVU2dYdBFS9cidh/GgRKGrnl2dySuiR3A6A
LejglOXz0CLpvaARLo4mAiIwuslAFS7U6hGHlFsczcsFpjvqTFIS7oxd2a2YDVqG
TBq/2X+e/tpXGWM6ABGPvp0/Jw92l8Wjs8WXiXWRVhgNafAtkt7DSJ7l53WZ28OP
xCR6b4u0DXc3gJefk1lvLZLUEwTYNJfAOZU0bgzs4M5vPqMizKpFYQSoS2H5jfBA
Cco=
-----END CERTIFICATE-----
Generated at Fri Jan 5 16:42:08 2024 by rpki-client on console.sobornost.net