Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QafSTlFMiPYpFk1v8NsqJCNgU0g.roa
File: QafSTlFMiPYpFk1v8NsqJCNgU0g.roa (raw, json)
Hash identifier: KJywR3Pfmj2gdj1bDqE7snuqoBePoJhVQyOnXYyLOTI=
Subject key identifier: 41:A7:D2:4E:51:4C:88:F6:29:16:4D:6F:F0:DB:2A:24:23:60:53:48
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6A9491315AFA65E31EEE4261152F5E84
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QafSTlFMiPYpFk1v8NsqJCNgU0g.roa
Signing time: Sat 23 Mar 2024 09:11:45 +0000
ROA not before: Sat 23 Mar 2024 09:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 23 Mar 2024 10:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6a:94:91:31:5a:fa:65:e3:1e:ee:42:61:15:2f:5e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 09:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41a7d24e514c88f629164d6ff0db2a2423605348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3b:67:ae:b1:b1:e0:b5:ad:d3:d4:89:9c:e4:
b1:fe:c6:f8:f6:9d:77:cd:5d:a8:ba:02:13:36:63:
2f:04:dd:1c:5b:10:b6:b5:cb:1a:5d:fb:af:fd:f0:
6e:22:93:4a:ec:96:ce:7f:96:11:22:5e:f2:39:78:
7e:93:90:14:99:53:e7:03:5f:c8:af:40:4a:4a:c4:
9c:9c:5f:c7:42:04:ae:16:e3:d3:8c:b2:e8:0d:e4:
95:32:99:ff:d7:12:89:1c:eb:e6:de:b2:c2:50:fd:
b2:57:7b:f3:14:2b:70:90:58:81:7f:5d:85:55:3d:
b9:7c:62:6a:d9:5c:e4:c2:31:da:13:ec:52:ce:41:
88:14:13:9c:b7:bb:9e:43:8e:2d:5c:f9:41:22:94:
2a:66:9f:a8:a3:bf:d3:e8:95:da:81:00:a0:42:27:
98:bb:d1:db:e9:98:59:51:29:26:52:ef:6b:2e:e0:
ae:cb:9c:4b:8f:30:5b:e5:c1:45:32:5d:74:d8:b8:
18:74:94:19:0d:a0:3a:55:2f:49:84:c2:63:2f:20:
f5:7b:15:5d:b0:46:5e:af:af:43:2e:da:a7:fd:49:
fd:9c:bd:93:3c:d9:54:cd:92:0f:f5:ab:b2:09:5e:
36:39:d6:5c:42:7e:f7:2f:d2:90:66:2d:52:48:63:
4b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A7:D2:4E:51:4C:88:F6:29:16:4D:6F:F0:DB:2A:24:23:60:53:48
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QafSTlFMiPYpFk1v8NsqJCNgU0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:e2:79:15:02:ac:86:4c:6c:e5:ab:f1:66:16:fb:86:5f:4f:
ce:94:42:09:2e:be:8d:80:ed:25:03:a5:23:93:00:9b:4a:c6:
80:2e:6f:5c:1c:7e:7c:62:12:82:a6:1c:37:60:65:68:35:65:
11:e8:67:65:02:4d:6b:a7:7c:0a:52:ca:f3:b8:72:e3:83:39:
95:c9:87:9f:89:79:71:2c:cf:3e:12:1a:ea:1b:6c:21:91:65:
b0:7a:f4:7d:b5:44:0f:d6:8e:9d:fe:f1:54:46:d8:b3:72:76:
f4:18:49:f1:1c:dd:4c:9f:d8:e2:d6:c1:43:36:f8:c5:c3:75:
e7:03:96:57:30:ec:d4:8f:4a:32:32:ba:17:c7:a2:fc:3a:7f:
97:57:b5:1c:f6:95:49:24:00:4e:a7:f8:93:74:ad:a7:b1:5f:
c6:d9:2a:4d:bf:55:21:fa:69:00:77:47:4f:de:5f:41:15:8f:
e7:37:4f:9d:64:13:8b:4a:41:79:d0:19:07:ff:d7:dd:a6:a0:
f1:e5:10:8f:95:ff:da:3d:fa:e2:c5:9c:79:bb:78:31:5b:29:
41:1a:ac:ef:dc:1b:a7:96:e2:8e:28:c7:c8:94:c6:23:77:fa:
d0:64:40:0c:0d:e3:75:75:79:ba:a2:a9:bd:1b:92:96:4f:26:
18:33:20:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5qlJExWvpl4x7uQmEVL16EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMDkxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE3ZDI0ZTUxNGM4OGY2MjkxNjRkNmZmMGRiMmEyNDIzNjA1MzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDtnrrGx4LWt09SJnOSx/sb49p13
zV2ougITNmMvBN0cWxC2tcsaXfuv/fBuIpNK7JbOf5YRIl7yOXh+k5AUmVPnA1/I
r0BKSsScnF/HQgSuFuPTjLLoDeSVMpn/1xKJHOvm3rLCUP2yV3vzFCtwkFiBf12F
VT25fGJq2VzkwjHaE+xSzkGIFBOct7ueQ44tXPlBIpQqZp+oo7/T6JXagQCgQieY
u9Hb6ZhZUSkmUu9rLuCuy5xLjzBb5cFFMl102LgYdJQZDaA6VS9JhMJjLyD1exVd
sEZer69DLtqn/Un9nL2TPNlUzZIP9auyCV42OdZcQn73L9KQZi1SSGNL4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEGn0k5RTIj2KRZNb/DbKiQjYFNIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUWFmU1RsRk1pUFlwRmsxdjhOc3FKQ05nVTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA7ieRUCrIZMbOWr8WYW
+4ZfT86UQgkuvo2A7SUDpSOTAJtKxoAub1wcfnxiEoKmHDdgZWg1ZRHoZ2UCTWun
fApSyvO4cuODOZXJh5+JeXEszz4SGuobbCGRZbB69H21RA/Wjp3+8VRG2LNydvQY
SfEc3Uyf2OLWwUM2+MXDdecDllcw7NSPSjIyuhfHovw6f5dXtRz2lUkkAE6n+JN0
raexX8bZKk2/VSH6aQB3R0/eX0EVj+c3T51kE4tKQXnQGQf/192moPHlEI+V/9o9
+uLFnHm7eDFbKUEarO/cG6eW4o4ox8iUxiN3+tBkQAwN43V1ebqiqb0bkpZPJhgz
IOA=
-----END CERTIFICATE-----
Generated at Sat Mar 23 14:23:14 2024 by rpki-client on console.sobornost.net