Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fFqN9-gtJ9dE4hgjhTtvcTt0xQg.roa
File: fFqN9-gtJ9dE4hgjhTtvcTt0xQg.roa (raw, json)
Hash identifier: R27WRlDG8kRXFQomIMlURnxhDGbFVoRCf4cw17ePcE0=
Subject key identifier: 7C:5A:8D:F7:E8:2D:27:D7:44:E2:18:23:85:3B:6F:71:3B:74:C5:08
Certificate issuer: /CN=7c3c39d1899e699bf5177418ee381489edff4380
Certificate serial: 01856E5416419B01F7F168FDB047140002B5
Authority key identifier: 7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fFqN9-gtJ9dE4hgjhTtvcTt0xQg.roa
Signing time: Sun 01 Jan 2023 17:14:42 +0000
ROA not before: Sun 01 Jan 2023 17:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49158
IP address blocks: 212.9.96.0/19 maxlen: 20
2a02:2b90::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:16:41:9b:01:f7:f1:68:fd:b0:47:14:00:02:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3c39d1899e699bf5177418ee381489edff4380
Validity
Not Before: Jan 1 17:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c5a8df7e82d27d744e21823853b6f713b74c508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:23:00:c7:33:3d:e8:99:94:8e:79:c1:75:f9:
d3:f6:39:b7:e4:f6:c1:6c:0b:25:99:64:b4:5f:b8:
23:40:04:f7:5c:e8:5e:2d:25:a4:3e:52:a0:f1:ff:
44:4a:99:a4:1b:da:db:84:7a:0d:d9:56:58:54:36:
0d:9a:8f:e5:89:26:35:5d:89:78:c5:03:b4:db:74:
68:44:20:2b:be:7e:24:61:d8:b6:1e:47:7e:ca:d7:
ff:d9:39:c4:31:03:0c:60:02:87:ce:17:a1:c9:a2:
98:d4:c6:fb:34:4a:90:f8:45:ca:2e:5e:01:57:e6:
fc:40:cb:a2:91:e9:e1:0e:4b:c6:84:ef:0d:8f:d6:
cf:a1:0d:6d:7b:2c:ae:c0:67:b8:b6:ee:3c:33:e5:
c9:8f:7f:95:99:15:c6:a0:e9:a9:08:96:9d:5f:62:
72:ca:f7:b6:46:8a:1e:49:e6:3b:1c:93:86:9b:58:
90:96:d2:b9:fc:26:f8:88:3d:c2:9a:4a:17:3c:16:
2e:28:2c:09:e6:46:99:2f:f0:ab:13:cf:f3:ee:d3:
37:09:84:5e:7f:60:78:3b:9a:7a:16:9c:41:44:1d:
3a:ca:08:a4:80:e5:48:28:4c:42:93:fa:f6:10:37:
ed:c2:ea:dd:2d:6f:c2:d4:8d:b9:e7:ad:1d:2f:1e:
56:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5A:8D:F7:E8:2D:27:D7:44:E2:18:23:85:3B:6F:71:3B:74:C5:08
X509v3 Authority Key Identifier:
keyid:7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fFqN9-gtJ9dE4hgjhTtvcTt0xQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fDw50YmeaZv1F3QY7jgUie3_Q4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.9.96.0/19
IPv6:
2a02:2b90::/29
Signature Algorithm: sha256WithRSAEncryption
6e:5a:25:f0:91:be:e9:17:f3:76:f9:75:cb:de:ec:90:78:b7:
e8:a0:0b:e9:fc:6b:6d:20:05:39:83:24:41:8a:c5:b0:48:97:
c7:8a:72:bc:bf:fd:10:48:7e:e1:58:72:78:43:66:48:ce:f5:
fe:03:4a:43:3a:af:3a:95:04:40:b3:9b:fd:6e:77:c8:bb:35:
35:be:27:c9:b6:b6:f4:23:06:f9:e6:34:0e:cc:8f:ab:2a:cd:
ef:cc:ba:a5:84:0a:c9:a6:c1:12:f1:13:87:75:58:a6:00:e9:
7f:65:b4:87:ed:e3:19:49:9c:f4:be:dd:b0:34:50:14:31:64:
6f:9c:c1:46:46:89:71:d4:70:9b:3a:32:b8:d5:cd:70:8d:97:
e0:f3:95:f2:43:8a:28:f1:0f:e8:d7:dc:cd:59:41:8a:0e:e3:
7c:e8:5c:1b:71:c8:7a:a8:30:d3:ac:f6:ad:85:29:e5:59:41:
c2:0d:66:72:e6:a3:ac:95:ae:3a:4d:15:73:f0:db:43:93:68:
b2:7a:cc:f4:66:ba:f3:21:00:7f:1d:e9:8a:66:98:57:77:45:
c0:f0:03:ba:1f:28:30:96:f3:c3:bb:71:25:24:e1:ef:de:44:
a5:67:dd:c8:2f:d4:fa:63:79:6a:de:d5:6d:92:e6:bf:cf:64:
2d:aa:ec:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuVBZBmwH38Wj9sEcUAAK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2MzOWQxODk5ZTY5OWJmNTE3NzQxOGVlMzgxNDg5ZWRm
ZjQzODAwHhcNMjMwMTAxMTcxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzVhOGRmN2U4MmQyN2Q3NDRlMjE4MjM4NTNiNmY3MTNiNzRjNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCMAxzM96JmUjnnBdfnT9jm35PbB
bAslmWS0X7gjQAT3XOheLSWkPlKg8f9ESpmkG9rbhHoN2VZYVDYNmo/liSY1XYl4
xQO023RoRCArvn4kYdi2Hkd+ytf/2TnEMQMMYAKHzhehyaKY1Mb7NEqQ+EXKLl4B
V+b8QMuikenhDkvGhO8Nj9bPoQ1teyyuwGe4tu48M+XJj3+VmRXGoOmpCJadX2Jy
yve2RooeSeY7HJOGm1iQltK5/Cb4iD3CmkoXPBYuKCwJ5kaZL/CrE8/z7tM3CYRe
f2B4O5p6FpxBRB06ygikgOVIKExCk/r2EDftwurdLW/C1I25560dLx5WIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHxajffoLSfXROIYI4U7b3E7dMUIMB8GA1UdIwQY
MBaAFHw8OdGJnmmb9Rd0GO44FInt/0OAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR3NTBZbWVhWnYxRjNRWTdqZ1VpZTNfUTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jODAwYzktNTFiNS00NTg5LTkyNjAt
MDYzZmNkZDNhMDU3LzEvZkZxTjktZ3RKOWRFNGhnamhUdHZjVHQweFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jODAwYzktNTFiNS00NTg5LTkyNjAtMDYzZmNkZDNhMDU3
LzEvZkR3NTBZbWVhWnYxRjNRWTdqZ1VpZTNfUTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1AlgMA0E
AgACMAcDBQMqAiuQMA0GCSqGSIb3DQEBCwUAA4IBAQBuWiXwkb7pF/N2+XXL3uyQ
eLfooAvp/GttIAU5gyRBisWwSJfHinK8v/0QSH7hWHJ4Q2ZIzvX+A0pDOq86lQRA
s5v9bnfIuzU1vifJtrb0Iwb55jQOzI+rKs3vzLqlhArJpsES8ROHdVimAOl/ZbSH
7eMZSZz0vt2wNFAUMWRvnMFGRolx1HCbOjK41c1wjZfg85XyQ4oo8Q/o19zNWUGK
DuN86Fwbcch6qDDTrPathSnlWUHCDWZy5qOsla46TRVz8NtDk2iyesz0ZrrzIQB/
HemKZphXd0XA8AO6HygwlvPDu3ElJOHv3kSlZ93IL9T6Y3lq3tVtkua/z2Qtquzz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:31 2023 by rpki-client on console-fra.rpki-client.org