Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XxsOij4ct5ECm3mSLCa70nZJ8bc.roa
File: XxsOij4ct5ECm3mSLCa70nZJ8bc.roa (raw, json)
Hash identifier: lkdsnYwMJuFiwNV18PfTupGbGmwlOcngfYFUXfEjtM0=
Subject key identifier: 5F:1B:0E:8A:3E:1C:B7:91:02:9B:79:92:2C:26:BB:D2:76:49:F1:B7
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0187ED4AF7A660BE494CFB588B59D33E48CE
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XxsOij4ct5ECm3mSLCa70nZJ8bc.roa
Signing time: Fri 05 May 2023 19:02:05 +0000
ROA not before: Fri 05 May 2023 19:02:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200598
IP address blocks: 121.127.48.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ed:4a:f7:a6:60:be:49:4c:fb:58:8b:59:d3:3e:48:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: May 5 19:02:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f1b0e8a3e1cb791029b79922c26bbd27649f1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:13:d0:a0:78:67:ea:c2:ba:18:70:59:83:a0:
98:16:a0:55:48:1b:ef:f0:bb:3f:48:67:e8:36:5a:
e9:99:32:a7:4d:76:f0:3c:a8:fd:c4:27:f3:82:4f:
6a:b3:67:c3:fe:9a:3e:a2:76:9f:8a:8b:3d:2d:c8:
15:7d:7a:61:74:75:77:f3:f7:46:ed:e9:30:81:b8:
da:15:6a:10:03:cf:3d:0d:a5:9c:eb:cc:be:fe:28:
c4:76:af:6d:1a:75:f1:47:7e:42:71:49:ae:21:f0:
99:d3:1b:f7:63:5a:c1:6d:56:70:df:07:43:e8:70:
41:82:bf:6b:4f:55:27:a6:1b:47:da:92:f1:58:f5:
9c:2f:bf:45:69:03:3b:5b:40:dc:4c:fd:e5:63:28:
d2:55:b4:7b:81:d4:05:05:30:ed:d6:49:1f:1b:9d:
1e:78:74:8e:13:22:cd:a6:59:07:62:68:29:8c:f0:
76:9b:27:9f:f0:2a:13:fc:49:e3:f2:a0:54:fd:b0:
5b:a8:29:28:ec:43:ef:c0:af:d5:fe:7f:e9:16:c2:
43:a5:fc:c0:68:c0:a9:11:2f:01:cd:e3:a9:fc:3d:
06:78:40:d5:cd:57:e7:7e:2e:ee:dd:74:b8:3f:c1:
7e:25:ca:7e:67:6a:78:3b:ff:6f:5a:6a:a4:a6:1e:
ad:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1B:0E:8A:3E:1C:B7:91:02:9B:79:92:2C:26:BB:D2:76:49:F1:B7
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XxsOij4ct5ECm3mSLCa70nZJ8bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.48.0/20
Signature Algorithm: sha256WithRSAEncryption
7b:46:2b:fb:ae:13:a8:3b:cf:71:a1:74:a0:a9:07:24:d9:c3:
07:11:0e:2c:c4:14:d5:1b:01:f9:de:93:a6:c7:81:e0:28:03:
4f:0f:28:4f:bf:16:70:73:b0:66:f3:c2:18:96:d0:8f:f2:5f:
30:16:91:9c:6d:41:15:57:b2:e3:12:41:d7:d2:64:45:3b:48:
95:7b:a7:f1:b2:7f:a5:e9:34:38:9c:b7:e7:18:e9:d6:cc:90:
00:39:ef:37:ad:47:75:7f:cb:35:c6:f2:d5:37:b1:a6:2f:8c:
0c:49:01:64:34:56:9a:6f:e8:78:2a:31:13:ba:4d:5e:23:15:
d2:25:38:1e:b8:94:ce:66:49:6a:41:af:d9:42:06:c9:ff:f7:
70:f6:b0:2c:ba:26:7d:e7:5c:c3:50:51:de:b6:4a:2a:49:5d:
d0:72:41:d0:16:43:41:a1:8b:43:9a:d2:0b:2c:b3:c8:59:3e:
d0:a9:d3:66:4e:e4:6a:38:54:17:2a:a8:04:9f:56:63:23:6f:
3e:0c:e6:34:05:ea:03:a7:19:4c:7e:2c:f7:c7:63:14:63:84:
f6:d1:bc:4d:fb:01:88:8f:68:e0:0d:8c:1e:29:93:7b:7e:b4:
7e:96:63:57:0b:2d:2f:cd:4e:03:10:45:6d:74:c3:f6:72:d0:
5e:a7:e0:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYftSvemYL5JTPtYi1nTPkjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjMwNTA1MTkwMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFiMGU4YTNlMWNiNzkxMDI5Yjc5OTIyYzI2YmJkMjc2NDlmMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhPQoHhn6sK6GHBZg6CYFqBVSBvv
8Ls/SGfoNlrpmTKnTXbwPKj9xCfzgk9qs2fD/po+onafios9LcgVfXphdHV38/dG
7ekwgbjaFWoQA889DaWc68y+/ijEdq9tGnXxR35CcUmuIfCZ0xv3Y1rBbVZw3wdD
6HBBgr9rT1UnphtH2pLxWPWcL79FaQM7W0DcTP3lYyjSVbR7gdQFBTDt1kkfG50e
eHSOEyLNplkHYmgpjPB2myef8CoT/Enj8qBU/bBbqCko7EPvwK/V/n/pFsJDpfzA
aMCpES8BzeOp/D0GeEDVzVfnfi7u3XS4P8F+Jcp+Z2p4O/9vWmqkph6t6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8bDoo+HLeRApt5kiwmu9J2SfG3MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvWHhzT2lqNGN0NUVDbTNtU0xDYTcwblpKOGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEeX8wMA0G
CSqGSIb3DQEBCwUAA4IBAQB7Riv7rhOoO89xoXSgqQck2cMHEQ4sxBTVGwH53pOm
x4HgKANPDyhPvxZwc7Bm88IYltCP8l8wFpGcbUEVV7LjEkHX0mRFO0iVe6fxsn+l
6TQ4nLfnGOnWzJAAOe83rUd1f8s1xvLVN7GmL4wMSQFkNFaab+h4KjETuk1eIxXS
JTgeuJTOZklqQa/ZQgbJ//dw9rAsuiZ951zDUFHetkoqSV3QckHQFkNBoYtDmtIL
LLPIWT7QqdNmTuRqOFQXKqgEn1ZjI28+DOY0BeoDpxlMfiz3x2MUY4T20bxN+wGI
j2jgDYweKZN7frR+lmNXCy0vzU4DEEVtdMP2ctBep+Ap
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:44 2023 by rpki-client on console-ams.rpki-client.org