Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qhO5yC_dEiheLiy1SxnBq1CN4DU.roa
File: qhO5yC_dEiheLiy1SxnBq1CN4DU.roa (raw, json)
Hash identifier: ajQgs0HX9KerBfWFB1e9lW456+4QDuRnhQDUTkyC9JY=
Subject key identifier: AA:13:B9:C8:2F:DD:12:28:5E:2E:2C:B5:4B:19:C1:AB:50:8D:E0:35
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB207B31139C9C44393310A61D2EFD797
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qhO5yC_dEiheLiy1SxnBq1CN4DU.roa
Signing time: Thu 28 Dec 2023 20:04:58 +0000
ROA not before: Thu 28 Dec 2023 20:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:b207:401/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b2:07:b3:11:39:c9:c4:43:93:31:0a:61:d2:ef:d7:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 28 20:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa13b9c82fdd12285e2e2cb54b19c1ab508de035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1a:0d:81:bd:47:2e:a0:75:4b:26:b9:83:0e:
60:e8:d9:c3:d7:a0:05:b7:a5:18:a2:20:bf:be:e6:
32:79:04:dc:0e:82:55:33:1f:fd:76:0c:e1:db:59:
4b:7b:fc:7a:dd:23:df:e3:93:13:d0:51:a7:6f:c4:
1f:c1:43:cd:ad:bf:12:71:09:ed:fb:06:4d:ad:a6:
e5:c8:f2:f9:be:c5:37:de:5a:d5:d1:ef:83:6e:37:
19:e6:32:60:bd:54:5d:a3:07:e3:18:b7:42:c6:7c:
3e:54:84:f3:34:81:08:14:a3:e3:c1:b8:c8:2e:34:
dd:b3:9d:49:a0:bc:cf:82:a4:a0:a3:41:6e:c9:43:
85:20:4b:21:56:be:18:8b:03:0d:2a:f9:6f:66:5f:
76:5c:9f:c0:ce:a0:29:29:6c:02:09:94:15:a2:c8:
b7:fc:e6:16:7e:4c:43:b2:83:6b:f7:6d:11:60:ff:
b5:09:0f:f6:83:c6:44:ce:2e:8c:e9:91:73:a3:cc:
6a:05:b2:f3:c2:a3:8c:3a:33:ba:26:8c:84:c0:89:
7d:36:47:5c:ec:96:38:d9:85:df:43:d3:b1:1c:b0:
c4:57:fc:4d:4b:e6:70:d8:48:a7:34:7d:80:7d:2d:
98:59:f5:73:c9:79:d8:a0:8b:8d:d7:c2:0e:8a:f1:
78:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:13:B9:C8:2F:DD:12:28:5E:2E:2C:B5:4B:19:C1:AB:50:8D:E0:35
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qhO5yC_dEiheLiy1SxnBq1CN4DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:51:bc:31:99:2d:bb:86:ca:dd:ac:e2:70:46:e1:db:dc:6d:
69:a3:1b:10:40:c4:c0:8f:bb:7f:34:f7:da:83:e4:79:c0:96:
a8:1c:9a:6b:94:9f:6b:86:96:a3:ee:19:46:3e:11:48:94:ac:
87:76:92:4f:42:0c:da:fd:72:77:ed:e4:3a:c1:74:dd:56:52:
f2:f0:44:79:e2:cf:18:f5:e6:73:45:50:88:24:e1:b0:6b:91:
68:b7:b5:52:8c:28:58:92:39:a0:b4:83:08:f5:6d:ab:7f:72:
f7:c1:e3:aa:7f:c3:14:94:b6:03:ea:3e:45:ac:bd:ca:13:fd:
02:9a:06:a0:45:13:07:61:c9:a2:12:16:fc:61:00:38:50:42:
b7:95:4a:d2:2b:0a:f9:ad:2f:7a:08:3b:9e:4e:4d:a9:ef:10:
39:25:e4:b1:bb:15:3f:a2:9b:6c:d6:e8:6d:c6:9e:2f:5b:ba:
84:10:56:81:8b:30:20:a3:c6:7f:a6:78:8d:27:8c:29:db:91:
8e:b1:bc:73:38:1f:89:50:8e:b7:90:1c:e9:7f:bd:4d:64:1d:
fb:85:40:74:43:33:ab:c5:07:47:a0:6e:f5:44:56:c5:84:e6:
b7:65:aa:a8:c5:75:82:d2:95:52:f2:b2:66:45:7f:68:26:96:
6a:d9:d3:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyyB7MROcnEQ5MxCmHS79eXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI4MjAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTEzYjljODJmZGQxMjI4NWUyZTJjYjU0YjE5YzFhYjUwOGRlMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRoNgb1HLqB1Sya5gw5g6NnD16AF
t6UYoiC/vuYyeQTcDoJVMx/9dgzh21lLe/x63SPf45MT0FGnb8QfwUPNrb8ScQnt
+wZNrablyPL5vsU33lrV0e+DbjcZ5jJgvVRdowfjGLdCxnw+VITzNIEIFKPjwbjI
LjTds51JoLzPgqSgo0FuyUOFIEshVr4YiwMNKvlvZl92XJ/AzqApKWwCCZQVosi3
/OYWfkxDsoNr920RYP+1CQ/2g8ZEzi6M6ZFzo8xqBbLzwqOMOjO6JoyEwIl9Nkdc
7JY42YXfQ9OxHLDEV/xNS+Zw2EinNH2AfS2YWfVzyXnYoIuN18IOivF4twIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKoTucgv3RIoXi4stUsZwatQjeA1MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcWhPNXlDX2RFaWhlTGl5MVN4bkJxMUNONERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKdRvDGZLbuGyt2s4nBG
4dvcbWmjGxBAxMCPu38099qD5HnAlqgcmmuUn2uGlqPuGUY+EUiUrId2kk9CDNr9
cnft5DrBdN1WUvLwRHnizxj15nNFUIgk4bBrkWi3tVKMKFiSOaC0gwj1bat/cvfB
46p/wxSUtgPqPkWsvcoT/QKaBqBFEwdhyaISFvxhADhQQreVStIrCvmtL3oIO55O
TanvEDkl5LG7FT+im2zW6G3Gni9buoQQVoGLMCCjxn+meI0njCnbkY6xvHM4H4lQ
jreQHOl/vU1kHfuFQHRDM6vFB0egbvVEVsWE5rdlqqjFdYLSlVLysmZFf2gmlmrZ
00U=
-----END CERTIFICATE-----
Generated at Thu Dec 28 22:47:34 2023 by rpki-client on console.sobornost.net