Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qUlZpxVlhMZVanQ_xiP5LSJvN9Q.roa
File: qUlZpxVlhMZVanQ_xiP5LSJvN9Q.roa (raw, json)
Hash identifier: dG3TBP+BStw1HqpvTKbV9q9ci6/lpP+gzID5gC8JwVw=
Subject key identifier: A9:49:59:A7:15:65:84:C6:55:6A:74:3F:C6:23:F9:2D:22:6F:37:D4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD0F6DBE5D543CFD051D33C378A21D335
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qUlZpxVlhMZVanQ_xiP5LSJvN9Q.roa
Signing time: Wed 03 Jan 2024 20:14:48 +0000
ROA not before: Wed 03 Jan 2024 20:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:f6:db:e5:d5:43:cf:d0:51:d3:3c:37:8a:21:d3:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 20:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a94959a7156584c6556a743fc623f92d226f37d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3a:65:89:7f:68:7c:5f:c5:f1:89:95:8a:91:
4c:c3:4d:71:1b:14:fd:8f:70:0c:70:ee:ed:dc:ee:
b5:5f:49:e0:3f:e1:68:95:8f:c1:58:c6:b6:9e:97:
26:b4:ad:3e:38:60:49:ec:de:19:72:ab:22:8e:65:
10:1b:f2:68:17:01:83:31:b9:0b:46:94:c8:69:3c:
1a:8e:c6:54:1a:6b:a1:f4:ee:fb:2d:11:9b:91:7a:
ed:d4:2b:ac:46:de:aa:81:e6:84:df:2f:84:b4:c5:
07:d6:57:25:ee:b9:4f:03:e4:a1:b7:98:fb:6c:f6:
17:d7:34:ef:d6:69:7d:bc:44:a7:44:d5:3b:04:4b:
21:c4:70:00:20:82:77:cc:09:01:5c:fe:f7:78:5f:
14:c9:6d:48:2e:40:f8:28:c6:a4:bc:43:9c:67:1b:
3c:2f:bc:ee:7d:2a:ea:85:02:d8:90:d2:53:c3:07:
89:cf:63:af:e9:58:06:01:7f:dc:e7:f6:ae:ea:e9:
57:42:ec:26:f9:61:5d:16:90:8b:a6:9c:08:24:ce:
cd:5d:35:54:c6:b3:88:cf:6d:bb:b7:32:5b:80:73:
5a:23:fa:e0:3d:12:6c:a2:49:94:3c:80:65:a7:b1:
f9:4e:fd:df:f9:a0:d1:31:bc:99:6b:eb:9d:b4:67:
15:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:49:59:A7:15:65:84:C6:55:6A:74:3F:C6:23:F9:2D:22:6F:37:D4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qUlZpxVlhMZVanQ_xiP5LSJvN9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:e8:4b:db:be:da:9d:64:9b:c0:f8:3b:48:65:41:3d:15:00:
80:d4:f1:80:7a:c0:20:e3:63:19:c2:76:e0:67:01:81:b8:73:
6f:92:d2:95:57:d9:71:02:45:9d:4f:e7:f1:00:d2:2a:7b:18:
2d:31:15:03:30:ca:78:79:84:d1:c9:22:6b:d2:bb:46:5c:5f:
46:14:7a:fb:96:2a:f5:90:30:9f:90:11:c9:52:db:ad:3b:ba:
fb:39:13:a6:27:9e:cb:70:37:70:27:ef:79:1d:1b:33:d8:87:
3d:92:6e:da:31:20:c7:06:70:9b:8a:8c:8a:2f:bc:14:f3:33:
81:45:3c:82:1b:c9:e0:d2:27:e4:b9:e3:ac:d2:cd:40:2b:97:
dc:02:9a:f7:d2:4d:0e:64:95:2b:99:4c:81:ba:d5:f0:2a:74:
50:66:14:e1:85:af:1b:d3:2d:f0:6b:e4:7b:74:f7:e6:0f:c9:
8b:d2:82:d9:6f:8c:3f:93:26:6c:7c:39:1c:cf:00:0b:27:71:
5c:b4:6e:b2:f2:03:3f:de:cd:86:6a:9c:e2:2c:0d:34:7d:a5:
a0:eb:35:83:8f:80:bb:1f:4b:a4:6d:15:26:48:f1:ae:7b:05:
b2:86:be:ad:cb:e4:be:d1:3c:9a:80:ad:85:43:dc:1a:42:33:
35:28:bf:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzQ9tvl1UPP0FHTPDeKIdM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMjAxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQ5NTlhNzE1NjU4NGM2NTU2YTc0M2ZjNjIzZjkyZDIyNmYzN2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTpliX9ofF/F8YmVipFMw01xGxT9
j3AMcO7t3O61X0ngP+FolY/BWMa2npcmtK0+OGBJ7N4ZcqsijmUQG/JoFwGDMbkL
RpTIaTwajsZUGmuh9O77LRGbkXrt1CusRt6qgeaE3y+EtMUH1lcl7rlPA+Sht5j7
bPYX1zTv1ml9vESnRNU7BEshxHAAIIJ3zAkBXP73eF8UyW1ILkD4KMakvEOcZxs8
L7zufSrqhQLYkNJTwweJz2Ov6VgGAX/c5/au6ulXQuwm+WFdFpCLppwIJM7NXTVU
xrOIz227tzJbgHNaI/rgPRJsokmUPIBlp7H5Tv3f+aDRMbyZa+udtGcVWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKlJWacVZYTGVWp0P8Yj+S0ibzfUMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcVVsWnB4VmxoTVpWYW5RX3hpUDVMU0p2TjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ/oS9u+2p1km8D4O0hl
QT0VAIDU8YB6wCDjYxnCduBnAYG4c2+S0pVX2XECRZ1P5/EA0ip7GC0xFQMwynh5
hNHJImvSu0ZcX0YUevuWKvWQMJ+QEclS2607uvs5E6YnnstwN3An73kdGzPYhz2S
btoxIMcGcJuKjIovvBTzM4FFPIIbyeDSJ+S546zSzUArl9wCmvfSTQ5klSuZTIG6
1fAqdFBmFOGFrxvTLfBr5Ht09+YPyYvSgtlvjD+TJmx8ORzPAAsncVy0brLyAz/e
zYZqnOIsDTR9paDrNYOPgLsfS6RtFSZI8a57BbKGvq3L5L7RPJqArYVD3BpCMzUo
v44=
Generated at Wed Jan 3 23:28:36 2024 by rpki-client on console.sobornost.net