Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qw7ui7iZFj9ZQDPStTVhNf5jwoM.roa
File: qw7ui7iZFj9ZQDPStTVhNf5jwoM.roa (raw, json)
Hash identifier: 3xW4HG1NPe5d30fqy3D+dc7vDjjk54h2PcGRWuO7ygk=
Subject key identifier: AB:0E:EE:8B:B8:99:16:3F:59:40:33:D2:B5:35:61:35:FE:63:C2:83
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE4AD6F394B146E1E6134771EABC6DC3E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qw7ui7iZFj9ZQDPStTVhNf5jwoM.roa
Signing time: Sun 07 Jan 2024 16:07:00 +0000
ROA not before: Sun 07 Jan 2024 16:07:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:e4aa:e106/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 07 Jan 2024 16:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e4:ad:6f:39:4b:14:6e:1e:61:34:77:1e:ab:c6:dc:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 7 16:07:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab0eee8bb899163f594033d2b5356135fe63c283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:02:c8:fa:d6:6b:52:f9:0f:25:de:8a:0a:18:
1e:2d:c4:e0:2d:9b:ed:7f:8f:e1:97:b5:53:d8:60:
8f:58:5e:d0:4c:86:67:77:d3:75:27:30:71:0f:cd:
d2:92:ff:c6:8d:b7:2f:9c:2e:f2:36:99:d7:6d:5d:
a7:04:54:b5:2b:e8:a7:1e:44:d3:c9:ba:7e:0f:05:
6f:11:e3:ba:26:19:ca:10:02:30:d1:c7:77:92:dc:
a4:ee:57:a9:fc:f9:2d:1d:d7:4d:f8:7b:36:28:37:
58:a3:82:5d:e9:2b:06:8f:5f:20:aa:32:52:aa:bc:
61:f9:56:58:d0:36:f2:5a:d0:1a:25:36:b3:43:f2:
13:b7:6d:34:10:9b:93:06:36:80:a6:5a:06:0f:f2:
15:f5:24:2a:a0:03:1b:c0:91:1b:ae:1f:b4:16:cc:
bb:a1:38:eb:66:af:0b:c2:39:5d:be:07:63:7f:ed:
54:c7:8c:26:b0:be:08:53:f4:31:b1:47:01:b4:cd:
9b:9f:18:6a:6f:cd:a4:d9:6c:aa:d7:4b:a9:ba:58:
bf:48:76:f0:4b:4c:60:75:51:c6:dd:48:bc:cc:5d:
23:75:e8:dc:42:44:8a:8b:ed:cc:b4:51:b9:88:ed:
fe:aa:9b:0c:42:4e:13:53:16:1e:c4:e5:51:5c:51:
75:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:0E:EE:8B:B8:99:16:3F:59:40:33:D2:B5:35:61:35:FE:63:C2:83
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qw7ui7iZFj9ZQDPStTVhNf5jwoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:83:b5:86:84:27:dd:0c:96:e8:b3:21:14:5d:57:c9:5e:87:
40:e3:23:c8:df:d9:1e:47:91:26:fe:97:f4:55:0e:6c:9b:70:
9c:9e:46:93:76:74:bc:42:d7:ad:90:fd:dc:11:10:4e:d0:e8:
1b:9b:29:eb:4b:07:db:b4:2c:6f:64:87:11:d0:bf:f4:ed:04:
ed:92:b4:c6:19:9c:b1:7e:48:6d:a5:1f:0d:94:aa:c1:9f:c1:
dc:ae:1a:b4:c4:64:11:ae:65:82:93:80:93:1c:5b:53:f7:c7:
de:99:9e:d7:56:8a:af:8c:2b:6c:70:7c:7c:d3:7e:24:df:2d:
11:42:e7:22:ad:e0:01:7a:d7:6d:69:ce:17:05:2d:0f:6d:82:
5e:0b:73:a8:41:5b:0f:42:33:e7:41:23:3b:a5:34:cf:ec:bd:
b1:54:a1:37:a3:b0:3a:7f:ee:23:70:7f:0b:b1:c2:f5:06:b8:
84:be:87:dc:b3:70:5f:b5:d0:01:03:53:ea:fd:86:3e:89:bc:
ca:6b:8a:c3:f8:65:f1:79:58:cd:4f:fe:73:22:27:ac:89:99:
46:74:e4:fa:54:0a:92:8e:70:d5:02:77:46:f9:0e:4b:23:f1:
a1:f0:95:b1:f8:a6:b1:89:50:1c:18:f1:99:dc:28:10:41:be:
d9:39:d3:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzkrW85SxRuHmE0dx6rxtw+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA3MTYwNzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjBlZWU4YmI4OTkxNjNmNTk0MDMzZDJiNTM1NjEzNWZlNjNjMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkALI+tZrUvkPJd6KChgeLcTgLZvt
f4/hl7VT2GCPWF7QTIZnd9N1JzBxD83Skv/GjbcvnC7yNpnXbV2nBFS1K+inHkTT
ybp+DwVvEeO6JhnKEAIw0cd3ktyk7lep/PktHddN+Hs2KDdYo4Jd6SsGj18gqjJS
qrxh+VZY0DbyWtAaJTazQ/ITt200EJuTBjaAploGD/IV9SQqoAMbwJEbrh+0Fsy7
oTjrZq8Lwjldvgdjf+1Ux4wmsL4IU/QxsUcBtM2bnxhqb82k2Wyq10upuli/SHbw
S0xgdVHG3Ui8zF0jdejcQkSKi+3MtFG5iO3+qpsMQk4TUxYexOVRXFF1fwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKsO7ou4mRY/WUAz0rU1YTX+Y8KDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcXc3dWk3aVpGajlaUURQU3RUVmhOZjVqd29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH6DtYaEJ90MluizIRRd
V8leh0DjI8jf2R5HkSb+l/RVDmybcJyeRpN2dLxC162Q/dwREE7Q6BubKetLB9u0
LG9khxHQv/TtBO2StMYZnLF+SG2lHw2UqsGfwdyuGrTEZBGuZYKTgJMcW1P3x96Z
ntdWiq+MK2xwfHzTfiTfLRFC5yKt4AF6121pzhcFLQ9tgl4Lc6hBWw9CM+dBIzul
NM/svbFUoTejsDp/7iNwfwuxwvUGuIS+h9yzcF+10AEDU+r9hj6JvMprisP4ZfF5
WM1P/nMiJ6yJmUZ05PpUCpKOcNUCd0b5Dksj8aHwlbH4prGJUBwY8ZncKBBBvtk5
08M=
-----END CERTIFICATE-----
Generated at Sun Jan 7 19:50:03 2024 by rpki-client on console.sobornost.net