Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/fn9lnBii7-sKSsur-6nch0RQMjA.roa
File: fn9lnBii7-sKSsur-6nch0RQMjA.roa (raw, json)
Hash identifier: bwL3HaGqymAUOZFhW68h62eV5nttwAoBAq34idc8QLo=
Subject key identifier: 7E:7F:65:9C:18:A2:EF:EB:0A:4A:CB:AB:FB:A9:DC:87:44:50:32:30
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 01856FF98BD507EA54FAC1EC4F5E838F3D83
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/fn9lnBii7-sKSsur-6nch0RQMjA.roa
Signing time: Mon 02 Jan 2023 00:55:03 +0000
ROA not before: Mon 02 Jan 2023 00:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203723
IP address blocks: 212.36.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:8b:d5:07:ea:54:fa:c1:ec:4f:5e:83:8f:3d:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 00:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e7f659c18a2efeb0a4acbabfba9dc8744503230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ae:0e:a1:cf:50:db:da:8a:3b:a9:c0:6b:64:
17:13:53:09:cd:14:95:36:a3:84:bb:12:0c:67:54:
76:53:80:95:6c:7f:d8:cf:af:9c:58:d5:7d:86:3b:
b4:80:5f:2d:79:5c:84:b4:64:87:93:d4:e4:a5:6e:
1e:67:ee:e2:9e:4e:4f:9e:3d:f5:20:2c:39:fb:35:
94:17:76:c0:39:72:9c:8d:54:73:fa:8e:ac:4d:2d:
9e:28:86:92:54:54:06:14:e5:0f:5f:8c:d3:84:bb:
b2:40:9a:5c:e7:21:d2:be:76:e5:4c:cb:41:3b:83:
fa:3c:7e:c6:8b:1d:b0:18:47:54:f3:5a:7e:54:a5:
fd:0c:47:28:ba:d5:22:6d:69:c2:ff:9b:3c:0b:e4:
be:73:71:3e:3a:06:13:7b:3c:9f:e3:ba:59:99:bc:
5d:25:41:cd:03:6a:35:3d:d2:06:66:50:87:c6:2c:
2a:80:3c:84:f1:29:71:82:e0:13:1d:d5:36:6b:0d:
47:ea:95:90:cd:3c:3e:df:18:4f:35:69:76:7e:21:
be:01:bb:5f:bd:10:15:9e:a9:61:43:9e:ff:a4:ae:
6c:73:8e:44:5f:00:56:aa:18:e1:87:fa:ae:35:06:
2d:94:03:8d:45:35:ec:b6:09:7b:e9:6b:db:10:72:
52:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:7F:65:9C:18:A2:EF:EB:0A:4A:CB:AB:FB:A9:DC:87:44:50:32:30
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/fn9lnBii7-sKSsur-6nch0RQMjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.36.18.0/24
Signature Algorithm: sha256WithRSAEncryption
97:08:83:5d:4b:3c:d5:9d:b5:da:52:79:3b:1b:5d:27:84:bf:
23:1c:18:95:c1:16:3e:fc:d6:2e:06:8e:29:43:27:2c:61:5c:
64:b2:e3:59:77:6f:37:e6:36:90:c4:4f:92:87:19:6c:d2:fd:
36:b9:17:be:b7:03:6e:f2:fb:45:51:6f:6f:a0:7f:bf:3f:06:
ce:26:d7:81:08:b1:3f:f9:d8:b4:60:52:27:12:a9:3d:ca:22:
9a:54:49:59:cf:7b:20:1c:22:0e:71:32:3d:0e:7c:e5:f3:07:
0d:42:19:2a:af:97:73:ee:e1:05:22:e8:c8:35:b0:72:96:9b:
78:db:af:bd:c9:4e:7e:ee:44:9e:79:4c:33:55:c1:d4:ba:ac:
a2:78:e4:66:b3:51:f4:da:c8:c2:00:24:bf:1e:b7:c1:b1:b6:
cf:bb:a6:1a:b0:1a:db:6f:a2:62:53:2f:d6:4f:b4:eb:46:ee:
fd:23:2d:db:13:78:46:d1:99:c2:e6:a6:3d:ef:a8:c4:c0:ab:
16:a1:1c:38:48:57:2d:17:21:3d:0a:06:5f:0d:a8:22:2e:4e:
ed:ab:9d:57:68:7b:be:12:86:fd:fb:e3:fc:5e:c2:d9:10:81:
68:39:86:d1:b2:72:67:3f:b4:f2:a1:cb:51:35:20:b7:ec:f6:
8c:f1:b5:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+YvVB+pU+sHsT16Djz2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMTAyMDA1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTdmNjU5YzE4YTJlZmViMGE0YWNiYWJmYmE5ZGM4NzQ0NTAzMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA064Ooc9Q29qKO6nAa2QXE1MJzRSV
NqOEuxIMZ1R2U4CVbH/Yz6+cWNV9hju0gF8teVyEtGSHk9TkpW4eZ+7ink5Pnj31
ICw5+zWUF3bAOXKcjVRz+o6sTS2eKIaSVFQGFOUPX4zThLuyQJpc5yHSvnblTMtB
O4P6PH7Gix2wGEdU81p+VKX9DEcoutUibWnC/5s8C+S+c3E+OgYTezyf47pZmbxd
JUHNA2o1PdIGZlCHxiwqgDyE8SlxguATHdU2aw1H6pWQzTw+3xhPNWl2fiG+Abtf
vRAVnqlhQ57/pK5sc45EXwBWqhjhh/quNQYtlAONRTXstgl76WvbEHJSDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5/ZZwYou/rCkrLq/up3IdEUDIwMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvZm45bG5CaWk3LXNLU3N1ci02bmNoMFJRTWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1CQSMA0G
CSqGSIb3DQEBCwUAA4IBAQCXCINdSzzVnbXaUnk7G10nhL8jHBiVwRY+/NYuBo4p
QycsYVxksuNZd2835jaQxE+Shxls0v02uRe+twNu8vtFUW9voH+/PwbOJteBCLE/
+di0YFInEqk9yiKaVElZz3sgHCIOcTI9Dnzl8wcNQhkqr5dz7uEFIujINbBylpt4
26+9yU5+7kSeeUwzVcHUuqyieORms1H02sjCACS/HrfBsbbPu6YasBrbb6JiUy/W
T7TrRu79Iy3bE3hG0ZnC5qY976jEwKsWoRw4SFctFyE9CgZfDagiLk7tq51XaHu+
Eob9++P8XsLZEIFoOYbRsnJnP7TyoctRNSC37PaM8bVQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:44 2024 by rpki-client on console-ams.rpki-client.org