Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qxZGA2w6oqiXId4pSc3YWdtuoLQ.roa
File: qxZGA2w6oqiXId4pSc3YWdtuoLQ.roa (raw, json)
Hash identifier: s5JWSkdEtQ27dAlyovsBG6FFqfBi6bkWHY7wQKsBEhs=
Subject key identifier: AB:16:46:03:6C:3A:A2:A8:97:21:DE:29:49:CD:D8:59:DB:6E:A0:B4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E71A94F3C7559A031A238034B7122FBC6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qxZGA2w6oqiXId4pSc3YWdtuoLQ.roa
Signing time: Sun 24 Mar 2024 18:11:45 +0000
ROA not before: Sun 24 Mar 2024 18:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 24 Mar 2024 19:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:71:a9:4f:3c:75:59:a0:31:a2:38:03:4b:71:22:fb:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 24 18:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab1646036c3aa2a89721de2949cdd859db6ea0b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:48:80:aa:25:36:bd:be:30:fa:95:23:49:ee:
34:6e:91:b1:9a:eb:3c:22:40:6b:7d:5e:61:e2:38:
d6:19:42:f0:54:a7:f7:f5:91:d1:00:90:40:46:c3:
cb:f7:f3:53:bb:4c:c7:6e:5e:07:11:70:bd:37:8a:
71:1e:8f:cb:4b:68:61:69:9e:e0:b4:18:5f:a3:bf:
c0:da:84:1c:4f:29:db:db:1a:43:45:3a:3d:ff:ec:
e1:74:48:45:2e:5d:58:62:8c:bc:e1:9a:fb:c0:d9:
65:76:c9:6a:98:92:6f:d6:97:77:f7:9f:ee:65:99:
55:ca:87:2b:14:a0:c2:a4:a2:d3:b3:51:00:7d:2f:
25:0f:c5:9d:2d:61:32:a9:a6:0a:46:d1:d7:05:ce:
5e:ab:24:13:a5:44:d8:5e:8d:a7:f5:7e:1f:67:cb:
72:ba:b9:c7:85:a7:c3:b9:e7:21:b1:86:d6:3b:84:
16:69:9b:7d:50:01:35:15:6b:4b:ad:6a:e2:ac:8a:
07:cd:da:78:45:e9:e0:f7:76:d2:44:31:11:63:b3:
ea:0f:4b:65:06:b4:55:2b:52:08:c1:77:2e:70:b2:
39:2c:f1:56:c3:8b:40:d8:0d:86:53:7b:5a:89:72:
02:55:c6:b0:a4:b1:2a:da:af:df:0a:e6:24:a7:aa:
30:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:16:46:03:6C:3A:A2:A8:97:21:DE:29:49:CD:D8:59:DB:6E:A0:B4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qxZGA2w6oqiXId4pSc3YWdtuoLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:51:04:5d:b5:79:fb:1f:f3:92:e3:77:85:13:60:c2:78:0d:
da:33:1e:7b:0a:08:f7:b3:62:42:56:3e:4f:71:be:f5:49:59:
73:29:04:c7:b2:2d:a1:96:ec:be:b5:f3:fa:6c:8b:20:9b:8f:
0c:42:5c:7d:9d:fe:08:09:b2:e2:7e:35:f4:d6:02:88:50:b6:
88:fd:60:64:68:53:8b:fa:b1:27:5a:6e:bf:e5:68:66:c4:76:
3a:38:c3:1f:80:b8:d4:e1:4e:5d:95:59:58:65:25:9a:0f:2d:
3d:44:3c:2b:87:ab:80:91:93:12:ee:7c:90:a9:1c:94:a1:e4:
bd:0c:7b:d5:c2:71:63:69:d3:7a:ea:5b:c3:42:46:15:5a:c4:
f6:6b:dd:bb:04:b2:49:d2:0a:1b:d3:81:15:fd:b5:2c:55:ec:
74:1c:43:11:3c:8c:c2:f2:cf:fb:c6:b4:3e:9a:66:11:82:26:
65:b1:dd:d2:db:9e:85:c8:de:df:e8:35:85:1f:fa:24:8d:96:
c0:c0:13:71:4e:7c:54:82:8b:22:ab:02:2f:bb:21:7f:9f:83:
d9:5b:b3:6a:d4:b1:99:42:2f:b2:28:80:19:18:83:d1:24:47:
83:62:6f:55:34:6d:84:78:b7:df:81:32:4c:08:ca:fc:75:88:
82:cc:74:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5xqU88dVmgMaI4A0txIvvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI0MTgxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjE2NDYwMzZjM2FhMmE4OTcyMWRlMjk0OWNkZDg1OWRiNmVhMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUiAqiU2vb4w+pUjSe40bpGxmus8
IkBrfV5h4jjWGULwVKf39ZHRAJBARsPL9/NTu0zHbl4HEXC9N4pxHo/LS2hhaZ7g
tBhfo7/A2oQcTynb2xpDRTo9/+zhdEhFLl1YYoy84Zr7wNlldslqmJJv1pd395/u
ZZlVyocrFKDCpKLTs1EAfS8lD8WdLWEyqaYKRtHXBc5eqyQTpUTYXo2n9X4fZ8ty
urnHhafDuechsYbWO4QWaZt9UAE1FWtLrWrirIoHzdp4Reng93bSRDERY7PqD0tl
BrRVK1IIwXcucLI5LPFWw4tA2A2GU3taiXICVcawpLEq2q/fCuYkp6owTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKsWRgNsOqKolyHeKUnN2FnbbqC0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcXhaR0EydzZvcWlYSWQ0cFNjM1lXZHR1b0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI1RBF21efsf85Ljd4UT
YMJ4DdozHnsKCPezYkJWPk9xvvVJWXMpBMeyLaGW7L618/psiyCbjwxCXH2d/ggJ
suJ+NfTWAohQtoj9YGRoU4v6sSdabr/laGbEdjo4wx+AuNThTl2VWVhlJZoPLT1E
PCuHq4CRkxLufJCpHJSh5L0Me9XCcWNp03rqW8NCRhVaxPZr3bsEsknSChvTgRX9
tSxV7HQcQxE8jMLyz/vGtD6aZhGCJmWx3dLbnoXI3t/oNYUf+iSNlsDAE3FOfFSC
iyKrAi+7IX+fg9lbs2rUsZlCL7IogBkYg9EkR4Nib1U0bYR4t9+BMkwIyvx1iILM
dLs=
-----END CERTIFICATE-----
Generated at Sun Mar 24 21:55:47 2024 by rpki-client on console.sobornost.net