Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mDnQ1UqHrm3PsMsn5_YC1EkubmM.roa
File: mDnQ1UqHrm3PsMsn5_YC1EkubmM.roa (raw, json)
Hash identifier: 85rJZPmWlNZgtNDwRSpHu3+5KI1uCm2wiM/yj0sKP1M=
Subject key identifier: 98:39:D0:D5:4A:87:AE:6D:CF:B0:CB:27:E7:F6:02:D4:49:2E:6E:63
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018844A995C7FBFAD7A474439B65EBFDCBB8
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mDnQ1UqHrm3PsMsn5_YC1EkubmM.roa
Signing time: Mon 22 May 2023 18:12:24 +0000
ROA not before: Mon 22 May 2023 18:12:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200598
IP address blocks: 121.127.48.0/20 maxlen: 24
66.9.96.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:44:a9:95:c7:fb:fa:d7:a4:74:43:9b:65:eb:fd:cb:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: May 22 18:12:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9839d0d54a87ae6dcfb0cb27e7f602d4492e6e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ec:94:ea:8b:a5:72:9a:98:da:8b:a8:7a:ad:
11:fe:00:e1:4e:12:1b:4e:a2:aa:65:7e:57:8a:e3:
fb:52:da:47:2f:96:c5:c4:7f:f8:a9:4d:ce:be:33:
d1:d4:39:34:be:51:16:9c:28:a7:9d:e8:31:b2:e7:
6e:86:38:7f:1e:b3:7f:7a:fc:eb:68:8e:ca:26:4c:
06:7c:49:b9:2c:6d:88:75:8d:da:80:b7:3f:19:ae:
2c:9d:a7:2b:79:44:91:b9:04:77:18:9f:90:4f:a4:
f7:10:c4:46:99:7a:a8:bc:b4:d9:24:f9:38:77:58:
07:60:06:e1:a4:8a:71:d0:55:a9:77:d4:7f:65:97:
e9:d5:61:3a:dc:72:67:c6:a8:76:f4:d5:7e:32:52:
a7:6a:62:cd:31:47:f3:ab:5c:be:63:f2:45:9f:ce:
b3:73:78:0f:3a:0c:ec:0e:94:93:e4:b7:e9:7a:0c:
e4:7b:36:c9:b0:89:1d:19:20:d8:b2:e3:41:31:be:
53:bf:9c:18:d7:99:0c:02:22:91:ff:4b:57:dd:cf:
9c:7e:e5:fc:75:5e:73:6a:24:61:71:2b:bd:10:f5:
b2:eb:81:07:b2:9c:21:01:c6:56:bb:1f:00:f4:8d:
66:3a:3e:7a:a0:af:8f:69:59:b3:cc:9c:7d:ca:46:
6a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:39:D0:D5:4A:87:AE:6D:CF:B0:CB:27:E7:F6:02:D4:49:2E:6E:63
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mDnQ1UqHrm3PsMsn5_YC1EkubmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.9.96.0/20
121.127.48.0/20
Signature Algorithm: sha256WithRSAEncryption
0d:39:a9:12:16:76:c0:35:17:d9:ca:20:a2:21:3b:8f:e6:0a:
1b:8c:52:6a:6b:e9:76:9b:a2:b0:79:83:d3:ad:37:de:35:a1:
7b:cf:a1:a9:6f:5d:50:39:4e:ef:03:09:45:d2:3c:81:77:29:
5b:62:bb:d5:ad:34:d5:8d:a1:4b:54:ac:c0:84:c0:56:0f:3c:
ca:77:20:ff:e3:96:0d:cc:30:e7:ea:c2:89:90:e5:59:5b:29:
14:cf:2e:84:5d:17:97:75:cb:b2:e0:8d:a9:0a:b2:7f:f7:95:
0f:26:f1:9b:8c:90:f6:77:0e:21:fc:81:36:5a:a3:82:53:4f:
46:8d:4c:9a:a4:35:94:c4:0a:eb:30:00:62:d6:1c:e3:52:7b:
27:3f:1f:38:43:27:b2:7a:8f:88:a7:4c:b9:35:76:d1:db:c7:
10:bb:bb:83:7f:18:64:6e:1b:d9:f5:73:a5:2a:68:a2:80:4f:
2d:11:a8:2f:1f:62:7b:f7:b3:a9:56:7f:f9:0a:a2:9c:0b:59:
bc:e2:09:63:0a:26:11:11:b4:10:d1:1c:21:a0:20:b1:06:77:
c3:7f:91:23:d1:66:88:f9:d4:39:2e:0e:0a:39:7d:2d:6d:e6:
3c:f6:11:29:60:78:ac:ec:a6:f6:c9:6c:59:a3:b4:d6:91:bc:
bf:a0:41:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhEqZXH+/rXpHRDm2Xr/cu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjMwNTIyMTgxMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM5ZDBkNTRhODdhZTZkY2ZiMGNiMjdlN2Y2MDJkNDQ5MmU2ZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuyU6oulcpqY2ouoeq0R/gDhThIb
TqKqZX5XiuP7UtpHL5bFxH/4qU3OvjPR1Dk0vlEWnCinnegxsuduhjh/HrN/evzr
aI7KJkwGfEm5LG2IdY3agLc/Ga4snacreUSRuQR3GJ+QT6T3EMRGmXqovLTZJPk4
d1gHYAbhpIpx0FWpd9R/ZZfp1WE63HJnxqh29NV+MlKnamLNMUfzq1y+Y/JFn86z
c3gPOgzsDpST5LfpegzkezbJsIkdGSDYsuNBMb5Tv5wY15kMAiKR/0tX3c+cfuX8
dV5zaiRhcSu9EPWy64EHspwhAcZWux8A9I1mOj56oK+PaVmzzJx9ykZq/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJg50NVKh65tz7DLJ+f2AtRJLm5jMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvbURuUTFVcUhybTNQc01zbjVfWUMxRWt1Ym1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEQglgAwQE
eX8wMA0GCSqGSIb3DQEBCwUAA4IBAQANOakSFnbANRfZyiCiITuP5gobjFJqa+l2
m6KweYPTrTfeNaF7z6Gpb11QOU7vAwlF0jyBdylbYrvVrTTVjaFLVKzAhMBWDzzK
dyD/45YNzDDn6sKJkOVZWykUzy6EXReXdcuy4I2pCrJ/95UPJvGbjJD2dw4h/IE2
WqOCU09GjUyapDWUxArrMABi1hzjUnsnPx84Qyeyeo+Ip0y5NXbR28cQu7uDfxhk
bhvZ9XOlKmiigE8tEagvH2J797OpVn/5CqKcC1m84gljCiYREbQQ0RwhoCCxBnfD
f5Ej0WaI+dQ5Lg4KOX0tbeY89hEpYHis7Kb2yWxZo7TWkby/oEF5
Generated at Sun Jul 30 19:21:03 2023 by rpki-client on console-fra.rpki-client.org