Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QnF3pymyNJ6qYSX9EOz-Iya6kr0.roa
File: QnF3pymyNJ6qYSX9EOz-Iya6kr0.roa (raw, json)
Hash identifier: 9P85tmPCUS/W7GZU+1kRTZFHC1x8kbS1255MvKkDt7c=
Subject key identifier: 42:71:77:A7:29:B2:34:9E:AA:61:25:FD:10:EC:FE:23:26:BA:92:BD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC10CEAA9C40046FC3AD1FF164E9E01F4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QnF3pymyNJ6qYSX9EOz-Iya6kr0.roa
Signing time: Sun 31 Dec 2023 18:04:58 +0000
ROA not before: Sun 31 Dec 2023 18:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:c10c:63fa/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c1:0c:ea:a9:c4:00:46:fc:3a:d1:ff:16:4e:9e:01:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 31 18:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=427177a729b2349eaa6125fd10ecfe2326ba92bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:df:02:5e:7f:c6:02:5e:36:e3:5b:95:07:1b:
9e:8f:1c:f3:e0:c0:61:4b:67:03:91:79:9a:59:e7:
fc:c5:35:5f:49:37:f9:8b:e3:49:79:97:60:29:32:
a5:9d:d4:5c:11:26:01:c8:5e:84:4c:5c:cc:35:3c:
cb:70:24:56:49:1e:5c:63:21:c9:dd:ad:03:3b:cc:
4f:b0:ca:7f:6d:20:00:75:c3:51:fe:c8:f8:61:50:
d6:2b:9d:e4:ec:72:26:bd:06:bd:69:9e:de:d2:cb:
d5:85:d8:a5:58:42:f0:f5:16:2e:f0:4f:b3:85:81:
ac:83:c9:1a:73:7a:2d:94:ff:03:e7:54:30:d1:5a:
fd:c3:dd:ec:d8:bd:3a:5f:cd:51:e0:a5:d7:68:e5:
c0:af:5c:a6:b3:54:00:81:7c:a9:f8:37:68:d7:c7:
6e:68:97:04:bb:a8:6c:d6:72:27:2a:e5:e2:7e:65:
d2:37:5b:63:f2:ca:05:a1:97:33:49:17:22:4e:23:
cb:60:49:75:dd:82:93:fa:57:a8:fd:55:9f:76:26:
39:fb:ea:b4:60:07:a6:63:20:0e:19:e5:c5:ae:9e:
0f:26:44:71:63:19:f5:49:02:a4:3a:ef:54:1f:49:
c0:22:5f:ab:24:49:cc:2c:9d:d6:97:72:db:b2:1b:
49:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:71:77:A7:29:B2:34:9E:AA:61:25:FD:10:EC:FE:23:26:BA:92:BD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QnF3pymyNJ6qYSX9EOz-Iya6kr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:d2:45:48:fd:2b:e8:30:cb:87:f4:e4:18:ae:3d:bb:7a:2c:
77:03:ca:e1:52:a8:e0:29:ab:eb:ac:6c:cb:a9:b2:25:81:91:
25:af:29:e7:b7:56:d7:9d:a6:d4:40:14:55:34:9d:fd:19:ab:
d9:c1:b7:eb:78:38:05:65:ef:66:b6:69:0e:ab:56:8b:92:99:
ee:17:b3:ad:66:b9:a8:65:de:c2:77:25:ea:5a:4d:73:c0:2a:
28:e1:c1:8a:31:20:64:4b:fd:bf:3c:3c:3d:f1:08:ea:dc:6d:
ad:44:c4:c9:51:4b:44:30:03:26:16:6c:f5:73:c3:37:ef:6a:
b0:63:76:df:1f:8f:e1:88:81:9e:9e:88:39:61:99:ef:db:3f:
77:af:48:62:21:3e:8a:c1:25:67:63:a9:4f:f4:a0:82:e8:72:
41:97:8f:22:96:f9:72:a6:3d:3e:5f:04:ef:9f:76:81:8d:a5:
4e:c4:fb:90:e8:9d:e9:b9:01:5e:95:9b:30:20:e0:e0:bb:42:
ba:aa:64:9b:06:7c:c3:aa:20:56:4d:11:96:57:2e:40:4f:dc:
b9:d4:b1:19:db:a6:5e:f3:21:8f:a5:b7:c4:55:00:8c:bd:62:
83:8e:3b:9a:ce:7b:b0:0c:e8:23:ea:af:03:75:1c:9a:ca:33:
b9:27:ee:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzBDOqpxABG/DrR/xZOngH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMxMTgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjcxNzdhNzI5YjIzNDllYWE2MTI1ZmQxMGVjZmUyMzI2YmE5MmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkt8CXn/GAl4241uVBxuejxzz4MBh
S2cDkXmaWef8xTVfSTf5i+NJeZdgKTKlndRcESYByF6ETFzMNTzLcCRWSR5cYyHJ
3a0DO8xPsMp/bSAAdcNR/sj4YVDWK53k7HImvQa9aZ7e0svVhdilWELw9RYu8E+z
hYGsg8kac3otlP8D51Qw0Vr9w93s2L06X81R4KXXaOXAr1yms1QAgXyp+Ddo18du
aJcEu6hs1nInKuXifmXSN1tj8soFoZczSRciTiPLYEl13YKT+leo/VWfdiY5++q0
YAemYyAOGeXFrp4PJkRxYxn1SQKkOu9UH0nAIl+rJEnMLJ3Wl3LbshtJnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEJxd6cpsjSeqmEl/RDs/iMmupK9MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUW5GM3B5bXlOSjZxWVNYOUVPei1JeWE2a3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABHSRUj9K+gwy4f05Biu
Pbt6LHcDyuFSqOApq+usbMupsiWBkSWvKee3VtedptRAFFU0nf0Zq9nBt+t4OAVl
72a2aQ6rVouSme4Xs61muahl3sJ3JepaTXPAKijhwYoxIGRL/b88PD3xCOrcba1E
xMlRS0QwAyYWbPVzwzfvarBjdt8fj+GIgZ6eiDlhme/bP3evSGIhPorBJWdjqU/0
oILockGXjyKW+XKmPT5fBO+fdoGNpU7E+5Donem5AV6VmzAg4OC7QrqqZJsGfMOq
IFZNEZZXLkBP3LnUsRnbpl7zIY+lt8RVAIy9YoOOO5rOe7AM6CPqrwN1HJrKM7kn
7v8=
-----END CERTIFICATE-----
Generated at Sun Dec 31 20:41:33 2023 by rpki-client on console.sobornost.net