Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qbWXpjtYxVaO9UnvY-Yo3RgaKbI.roa
File: qbWXpjtYxVaO9UnvY-Yo3RgaKbI.roa (raw, json)
Hash identifier: dLoXQNv4apDoyA4uqON+UZoyg+JEZkFZvmAZNR3yWiI=
Subject key identifier: A9:B5:97:A6:3B:58:C5:56:8E:F5:49:EF:63:E6:28:DD:18:1A:29:B2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD726B846C5822D6EF3CD4AF26DE7E1C1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qbWXpjtYxVaO9UnvY-Yo3RgaKbI.roa
Signing time: Fri 05 Jan 2024 01:04:48 +0000
ROA not before: Fri 05 Jan 2024 01:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:d726:50cc/128 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d7:26:b8:46:c5:82:2d:6e:f3:cd:4a:f2:6d:e7:e1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 5 01:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9b597a63b58c5568ef549ef63e628dd181a29b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d6:c6:fd:c9:ee:90:02:a1:87:6f:6f:c2:37:
fb:b3:bc:29:3a:fc:40:ab:4c:a0:3a:34:e4:27:1d:
67:e9:0e:3a:65:b2:ac:ab:47:6f:e8:36:0e:72:8f:
f9:b8:8e:0f:a3:78:8a:88:fa:6c:b8:d7:d9:c7:fc:
77:7c:33:1d:e8:44:5c:20:41:a6:1a:4d:5a:ec:1b:
9c:00:c2:6a:7c:bb:32:2d:85:a4:af:8d:65:7c:86:
98:85:e6:26:ae:66:34:f6:71:c3:85:38:aa:7e:57:
01:50:67:94:34:a3:0e:3b:80:3f:f6:8d:eb:cb:44:
07:f7:21:88:4d:7d:d1:2c:92:43:e4:a7:78:d2:bf:
4d:77:39:3f:da:13:41:c3:eb:42:2c:62:b9:76:57:
c3:eb:9f:ea:8e:c7:cc:88:9b:2c:fc:5e:99:3c:18:
d3:c2:fa:78:6d:88:51:a9:41:3f:6b:50:4f:ca:71:
43:c1:ec:0e:9e:cb:d2:ff:f7:b6:5d:68:75:ec:f7:
b1:79:f4:1e:95:a9:12:e2:fe:6a:f5:dc:b7:fa:c3:
b4:ec:f1:00:e8:46:5a:5d:26:f9:72:24:19:7f:ae:
38:71:89:c8:a5:37:b4:f1:f3:a9:d6:a2:fd:8f:32:
4f:2b:c7:9c:a5:67:c7:90:39:d6:15:10:5a:a3:7b:
c3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B5:97:A6:3B:58:C5:56:8E:F5:49:EF:63:E6:28:DD:18:1A:29:B2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qbWXpjtYxVaO9UnvY-Yo3RgaKbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:f6:2a:a8:cb:5e:da:1e:e7:5d:88:8d:90:61:66:5c:ba:04:
9e:c3:19:4f:42:8b:bd:8b:4f:71:77:f8:bb:df:1a:42:8f:52:
eb:95:ba:ef:90:28:52:89:2d:83:b5:02:b0:0f:bc:54:fd:2d:
78:ac:18:8a:03:f9:3a:54:0a:0b:5a:12:b2:c1:eb:c8:e7:89:
28:da:08:d8:51:38:6d:38:ce:fc:73:74:62:3f:85:75:61:38:
9a:c7:16:43:ed:dc:d8:0b:1a:35:d7:5a:87:d9:04:42:e5:08:
6e:98:0a:23:b2:92:e1:b0:06:11:90:0a:3d:25:cb:b1:31:3d:
61:b1:d0:77:cb:e8:3f:bc:b3:3d:75:8f:a6:27:19:20:18:d8:
35:2e:e8:a7:11:13:e0:19:42:3f:b2:4b:c4:55:ab:8f:21:24:
92:f7:8c:20:f0:3f:fd:93:c0:35:38:f1:07:8b:45:33:90:f7:
d4:17:62:b5:fd:4d:49:a1:a8:78:75:7e:c7:46:40:78:17:26:
a9:c1:98:3f:c3:c4:1f:1a:6e:34:c1:fe:86:75:99:7d:93:85:
4e:65:da:b5:0a:38:95:f3:10:b6:5d:24:0c:91:49:47:77:5c:
45:e7:cb:eb:b6:6e:a7:38:a5:9e:d5:75:b4:75:c5:76:04:bc:
5f:a1:ef:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzXJrhGxYItbvPNSvJt5+HBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA1MDEwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWI1OTdhNjNiNThjNTU2OGVmNTQ5ZWY2M2U2MjhkZDE4MWEyOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdbG/cnukAKhh29vwjf7s7wpOvxA
q0ygOjTkJx1n6Q46ZbKsq0dv6DYOco/5uI4Po3iKiPpsuNfZx/x3fDMd6ERcIEGm
Gk1a7BucAMJqfLsyLYWkr41lfIaYheYmrmY09nHDhTiqflcBUGeUNKMOO4A/9o3r
y0QH9yGITX3RLJJD5Kd40r9Ndzk/2hNBw+tCLGK5dlfD65/qjsfMiJss/F6ZPBjT
wvp4bYhRqUE/a1BPynFDwewOnsvS//e2XWh17PexefQelakS4v5q9dy3+sO07PEA
6EZaXSb5ciQZf644cYnIpTe08fOp1qL9jzJPK8ecpWfHkDnWFRBao3vDaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKm1l6Y7WMVWjvVJ72PmKN0YGimyMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcWJXWHBqdFl4VmFPOVVudlktWW8zUmdhS2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHn2KqjLXtoe512IjZBh
Zly6BJ7DGU9Ci72LT3F3+LvfGkKPUuuVuu+QKFKJLYO1ArAPvFT9LXisGIoD+TpU
CgtaErLB68jniSjaCNhROG04zvxzdGI/hXVhOJrHFkPt3NgLGjXXWofZBELlCG6Y
CiOykuGwBhGQCj0ly7ExPWGx0HfL6D+8sz11j6YnGSAY2DUu6KcRE+AZQj+yS8RV
q48hJJL3jCDwP/2TwDU48QeLRTOQ99QXYrX9TUmhqHh1fsdGQHgXJqnBmD/DxB8a
bjTB/oZ1mX2ThU5l2rUKOJXzELZdJAyRSUd3XEXny+u2bqc4pZ7VdbR1xXYEvF+h
7w4=
Generated at Fri Jan 5 04:23:59 2024 by rpki-client on console.sobornost.net