Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/SgV_sq9LrYaSsYyPablT0VtFqcc.roa
File: SgV_sq9LrYaSsYyPablT0VtFqcc.roa (raw, json)
Hash identifier: HZF23p9Z/CUHqSmJAKNjjLy6ggL3VIgWOWYbCskcn9s=
Subject key identifier: 4A:05:7F:B2:AF:4B:AD:86:92:B1:8C:8F:69:B9:53:D1:5B:45:A9:C7
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0187BE69DCCB2EE54CF25CD4C0271577DBD6
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/SgV_sq9LrYaSsYyPablT0VtFqcc.roa
Signing time: Wed 26 Apr 2023 16:33:41 +0000
ROA not before: Wed 26 Apr 2023 16:33:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200598
IP address blocks: 121.127.48.0/20 maxlen: 24
168.75.224.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:be:69:dc:cb:2e:e5:4c:f2:5c:d4:c0:27:15:77:db:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Apr 26 16:33:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a057fb2af4bad8692b18c8f69b953d15b45a9c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2f:73:b4:6c:9e:ea:99:ea:60:5c:48:1b:c2:
c9:3c:17:09:ce:0b:12:f9:48:5b:dd:0b:ef:4b:43:
20:ac:bc:38:ec:79:db:b8:02:2a:a5:b5:57:7e:2a:
11:6e:26:4c:7c:3b:f7:1e:8c:e9:d7:7b:eb:96:0a:
5d:b0:18:6c:9c:49:a7:cf:d4:23:64:c1:76:85:09:
a3:31:29:6e:b8:b9:c1:2a:85:57:3f:4c:a7:c4:61:
47:50:c9:3c:ce:eb:b8:8a:43:df:6b:6f:cf:69:c6:
30:ec:76:8d:6c:6e:14:ce:fe:7f:f2:7f:89:9e:e2:
38:c3:88:fa:a9:23:12:8c:00:f9:50:e8:9d:45:a4:
30:50:2c:7c:06:2d:55:53:50:e2:de:6f:b0:59:02:
37:bd:f7:d9:b5:8f:de:95:33:ea:3d:87:08:f0:5e:
91:8a:65:a2:0b:c4:11:32:a6:61:69:be:75:63:66:
c2:22:97:e9:01:da:a2:d6:3a:02:a0:0d:5a:09:c8:
31:0a:eb:98:b2:cf:81:e2:5f:53:71:03:09:b2:18:
c5:dd:21:50:97:c9:4f:cc:c7:fb:36:47:7f:85:f7:
a1:1a:c3:1a:cd:89:98:8c:cd:59:92:b3:05:e9:c6:
79:3e:b3:35:3f:8a:f4:f4:ef:2b:b5:cc:9c:1a:2a:
c1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:05:7F:B2:AF:4B:AD:86:92:B1:8C:8F:69:B9:53:D1:5B:45:A9:C7
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/SgV_sq9LrYaSsYyPablT0VtFqcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.48.0/20
168.75.224.0/20
Signature Algorithm: sha256WithRSAEncryption
85:7f:df:2f:57:c0:a9:f3:c4:60:ef:61:cb:3e:89:da:7a:4e:
e4:13:92:72:a7:95:36:86:09:6c:0e:e2:90:b9:c0:10:ce:d0:
0b:a9:63:cd:68:92:86:1e:3d:09:17:af:6f:08:a4:0a:1e:d0:
d3:94:eb:e5:a2:4c:5d:7c:71:24:b4:b8:2e:15:db:b9:e6:02:
2c:6d:54:7f:f8:a9:81:f7:fa:c8:ca:de:24:53:28:7e:4a:4f:
a9:79:95:4d:f6:6e:dc:35:cf:25:cc:fa:4c:cb:f8:d5:e7:67:
93:f7:b4:e4:9d:ca:e4:99:b2:73:be:88:a3:cc:0b:ce:e4:0b:
70:47:cf:79:5f:d1:ca:03:11:01:cd:d1:4c:a6:0b:20:96:f7:
e9:82:2c:32:e2:99:a6:d4:06:26:2b:a9:71:f8:50:82:0f:f1:
bd:48:0e:5a:5f:05:99:8c:5b:46:fb:4e:03:65:ac:7a:1f:0d:
bb:b3:a9:44:53:d5:28:48:b8:cd:aa:2a:01:e1:3d:03:ca:19:
53:ff:be:6e:26:4a:7b:16:2a:79:d5:a6:0b:03:0d:00:90:6e:
2a:70:73:c2:87:9d:d9:79:44:1d:13:39:29:52:8b:1b:11:e8:
62:26:15:25:4c:7e:2e:03:76:b2:06:01:4b:68:2b:24:d6:89:
84:d6:9a:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYe+adzLLuVM8lzUwCcVd9vWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjMwNDI2MTYzMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTA1N2ZiMmFmNGJhZDg2OTJiMThjOGY2OWI5NTNkMTViNDVhOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi9ztGye6pnqYFxIG8LJPBcJzgsS
+Uhb3QvvS0MgrLw47HnbuAIqpbVXfioRbiZMfDv3Hozp13vrlgpdsBhsnEmnz9Qj
ZMF2hQmjMSluuLnBKoVXP0ynxGFHUMk8zuu4ikPfa2/PacYw7HaNbG4Uzv5/8n+J
nuI4w4j6qSMSjAD5UOidRaQwUCx8Bi1VU1Di3m+wWQI3vffZtY/elTPqPYcI8F6R
imWiC8QRMqZhab51Y2bCIpfpAdqi1joCoA1aCcgxCuuYss+B4l9TcQMJshjF3SFQ
l8lPzMf7Nkd/hfehGsMazYmYjM1ZkrMF6cZ5PrM1P4r09O8rtcycGirB2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEoFf7KvS62GkrGMj2m5U9FbRanHMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvU2dWX3NxOUxyWWFTc1l5UGFibFQwVnRGcWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEeX8wAwQE
qEvgMA0GCSqGSIb3DQEBCwUAA4IBAQCFf98vV8Cp88Rg72HLPonaek7kE5Jyp5U2
hglsDuKQucAQztALqWPNaJKGHj0JF69vCKQKHtDTlOvlokxdfHEktLguFdu55gIs
bVR/+KmB9/rIyt4kUyh+Sk+peZVN9m7cNc8lzPpMy/jV52eT97TkncrkmbJzvoij
zAvO5AtwR895X9HKAxEBzdFMpgsglvfpgiwy4pmm1AYmK6lx+FCCD/G9SA5aXwWZ
jFtG+04DZax6Hw27s6lEU9UoSLjNqioB4T0DyhlT/75uJkp7Fip51aYLAw0AkG4q
cHPCh53ZeUQdEzkpUosbEehiJhUlTH4uA3ayBgFLaCsk1omE1ppE
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:44 2023 by rpki-client on console-ams.rpki-client.org