Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/9fHEgQoB7lAYWt6q34QAp0YkQmI.roa
File: 9fHEgQoB7lAYWt6q34QAp0YkQmI.roa (raw, json)
Hash identifier: rX6FiVSS1PdS5zaiWgOwrjGfYHhfBggGExEkcsLe01g=
Subject key identifier: F5:F1:C4:81:0A:01:EE:50:18:5A:DE:AA:DF:84:00:A7:46:24:42:62
Certificate issuer: /CN=7c3c39d1899e699bf5177418ee381489edff4380
Certificate serial: 01891C9BA87D05F05F7E7ABA7B5EA4A33926
Authority key identifier: 7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/9fHEgQoB7lAYWt6q34QAp0YkQmI.roa
Signing time: Mon 03 Jul 2023 16:35:10 +0000
ROA not before: Mon 03 Jul 2023 16:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49158
IP address blocks: 212.9.96.0/19 maxlen: 20
212.9.117.0/24 maxlen: 24
2a02:2b90::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:9b:a8:7d:05:f0:5f:7e:7a:ba:7b:5e:a4:a3:39:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3c39d1899e699bf5177418ee381489edff4380
Validity
Not Before: Jul 3 16:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5f1c4810a01ee50185adeaadf8400a746244262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7a:7d:35:5a:8f:77:d6:54:5f:b4:92:8b:63:
9c:ee:82:11:71:eb:e9:13:66:50:d5:d3:f1:18:6a:
ee:d4:31:46:16:33:f1:9c:15:cc:3a:82:37:3e:f4:
12:2c:82:bc:be:21:c5:64:34:72:c3:bd:2f:43:d3:
1d:5d:bb:8d:30:95:fb:c0:f6:84:84:26:a8:15:4e:
0a:6f:8c:ee:b9:32:8f:0a:3f:42:61:ec:6a:87:26:
4d:c4:83:36:e5:37:d6:00:f2:ad:70:fc:ef:09:44:
5c:f4:bf:60:4e:4a:1b:4d:39:26:43:b6:bc:ef:e4:
c2:59:82:73:b2:f3:da:a6:0f:91:f5:17:2f:58:a0:
90:41:fc:3b:5d:85:0b:e0:61:70:3f:bc:39:85:1c:
aa:85:d5:32:3d:33:f1:93:5f:c8:bf:d8:f8:a1:f5:
e7:da:75:ec:80:07:0b:ef:f0:39:f6:e2:9c:a7:1f:
f4:71:b6:36:ce:9b:22:72:bf:90:10:5c:78:17:d4:
fd:a6:dc:75:69:f5:58:ff:13:12:52:36:2c:8e:e5:
e3:cf:3a:30:75:ed:fd:0e:5d:4e:79:ac:ae:32:36:
dd:ec:bd:3e:3a:76:f1:43:7a:54:b0:f2:3f:f7:c4:
3c:83:77:60:4f:69:b1:e6:0f:a5:ff:49:1f:50:a3:
1f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F1:C4:81:0A:01:EE:50:18:5A:DE:AA:DF:84:00:A7:46:24:42:62
X509v3 Authority Key Identifier:
keyid:7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/9fHEgQoB7lAYWt6q34QAp0YkQmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fDw50YmeaZv1F3QY7jgUie3_Q4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.9.96.0/19
IPv6:
2a02:2b90::/29
Signature Algorithm: sha256WithRSAEncryption
5e:d9:a8:b2:06:41:74:25:1e:4f:67:0c:52:2b:be:09:07:59:
33:6e:81:0d:56:94:82:b5:8c:d2:32:8a:85:f0:c5:24:d6:7f:
22:be:a9:33:f5:b3:bd:95:b9:d3:4b:fc:b4:19:d0:e2:8e:d0:
ba:e1:ac:23:60:f1:fd:fa:17:83:56:46:96:2c:d0:c7:3c:48:
00:b4:2b:6a:52:24:ef:c6:b4:be:c5:9a:15:40:e3:9f:a2:b6:
12:8b:b1:67:5c:2b:2c:a8:40:79:43:02:f5:76:4d:4e:ae:8a:
e2:38:61:d3:54:77:f0:7c:7e:7c:f8:7d:b4:4e:0a:25:f8:f6:
eb:f0:88:69:f7:6f:62:01:c3:81:28:c1:99:c9:e4:18:2d:59:
78:5f:4a:9a:08:eb:6e:f7:d7:7e:f8:f5:c7:e0:db:b7:55:24:
ce:96:81:26:3a:0c:5f:92:f8:b9:3a:09:a7:24:ea:ac:dc:c3:
3f:c6:2f:c0:7a:25:71:96:4f:34:a5:1c:14:8c:78:db:96:6c:
e5:13:2d:c3:ac:d5:d1:a7:3d:97:ee:b8:8d:5c:ca:cc:b6:f8:
4c:10:06:a5:f2:2b:0d:ec:eb:d3:1e:2b:49:c7:4e:05:12:ba:
e3:7e:bc:56:68:99:66:d7:a3:b5:65:65:f3:88:7d:67:e1:ec:
ca:a4:59:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkcm6h9BfBffnq6e16kozkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2MzOWQxODk5ZTY5OWJmNTE3NzQxOGVlMzgxNDg5ZWRm
ZjQzODAwHhcNMjMwNzAzMTYzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWYxYzQ4MTBhMDFlZTUwMTg1YWRlYWFkZjg0MDBhNzQ2MjQ0MjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknp9NVqPd9ZUX7SSi2Oc7oIRcevp
E2ZQ1dPxGGru1DFGFjPxnBXMOoI3PvQSLIK8viHFZDRyw70vQ9MdXbuNMJX7wPaE
hCaoFU4Kb4zuuTKPCj9CYexqhyZNxIM25TfWAPKtcPzvCURc9L9gTkobTTkmQ7a8
7+TCWYJzsvPapg+R9RcvWKCQQfw7XYUL4GFwP7w5hRyqhdUyPTPxk1/Iv9j4ofXn
2nXsgAcL7/A59uKcpx/0cbY2zpsicr+QEFx4F9T9ptx1afVY/xMSUjYsjuXjzzow
de39Dl1OeayuMjbd7L0+OnbxQ3pUsPI/98Q8g3dgT2mx5g+l/0kfUKMfuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPXxxIEKAe5QGFreqt+EAKdGJEJiMB8GA1UdIwQY
MBaAFHw8OdGJnmmb9Rd0GO44FInt/0OAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR3NTBZbWVhWnYxRjNRWTdqZ1VpZTNfUTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jODAwYzktNTFiNS00NTg5LTkyNjAt
MDYzZmNkZDNhMDU3LzEvOWZIRWdRb0I3bEFZV3Q2cTM0UUFwMFlrUW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jODAwYzktNTFiNS00NTg5LTkyNjAtMDYzZmNkZDNhMDU3
LzEvZkR3NTBZbWVhWnYxRjNRWTdqZ1VpZTNfUTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1AlgMA0E
AgACMAcDBQMqAiuQMA0GCSqGSIb3DQEBCwUAA4IBAQBe2aiyBkF0JR5PZwxSK74J
B1kzboENVpSCtYzSMoqF8MUk1n8ivqkz9bO9lbnTS/y0GdDijtC64awjYPH9+heD
VkaWLNDHPEgAtCtqUiTvxrS+xZoVQOOforYSi7FnXCssqEB5QwL1dk1OroriOGHT
VHfwfH58+H20Tgol+Pbr8Ihp929iAcOBKMGZyeQYLVl4X0qaCOtu99d++PXH4Nu3
VSTOloEmOgxfkvi5OgmnJOqs3MM/xi/AeiVxlk80pRwUjHjblmzlEy3DrNXRpz2X
7riNXMrMtvhMEAal8isN7OvTHitJx04FErrjfrxWaJlm16O1ZWXziH1n4ezKpFln
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:18 2024 by rpki-client on console-fra.rpki-client.org