Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/trscsYZoCYAYd9o4bEwVqLP-vbg.roa
File: trscsYZoCYAYd9o4bEwVqLP-vbg.roa (raw, json)
Hash identifier: 4Ns26EZ+38b2DpVLj/ctWZDXy2GPhbzjz5m8E3wkZgE=
Subject key identifier: B6:BB:1C:B1:86:68:09:80:18:77:DA:38:6C:4C:15:A8:B3:FE:BD:B8
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 01857169D889C90F8D9E38C5929D56471577
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/trscsYZoCYAYd9o4bEwVqLP-vbg.roa
Signing time: Mon 02 Jan 2023 07:37:20 +0000
ROA not before: Mon 02 Jan 2023 07:37:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9076
IP address blocks: 212.104.0.0/19 maxlen: 19
212.104.32.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:d8:89:c9:0f:8d:9e:38:c5:92:9d:56:47:15:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Jan 2 07:37:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6bb1cb1866809801877da386c4c15a8b3febdb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c9:db:a3:eb:be:f9:48:74:27:9f:36:6c:4f:
bf:6e:5e:cd:43:e3:b2:f6:d0:05:95:bd:a2:8e:24:
28:44:62:2a:e1:74:54:6f:e0:a1:1c:a4:6d:af:15:
75:58:0e:81:64:28:ce:18:08:fa:84:c8:ac:dc:8a:
ad:90:4e:5a:22:99:16:6d:00:41:c8:dc:de:57:8a:
b8:53:11:5d:25:6a:5c:71:58:1d:b0:dd:52:f9:bb:
2c:26:89:a0:92:5c:5d:b5:7b:75:33:2b:6b:5c:dd:
6b:64:5b:98:3a:82:d5:8e:ea:1e:ae:29:fd:6b:86:
21:14:fa:0b:79:79:2c:26:be:70:53:c4:b8:03:79:
7d:93:b1:58:c8:70:6b:c7:26:c0:26:ed:a7:b7:c6:
41:18:3d:c8:20:86:2c:1e:68:cd:4b:d8:de:e7:00:
5d:85:ac:c8:2b:e3:81:6e:37:44:7a:1d:28:a4:20:
e4:a7:f5:40:e0:13:8c:8b:85:d8:4b:34:95:1b:08:
18:64:12:34:cf:5b:d9:3c:60:16:9a:25:a9:7c:5c:
cd:b4:5d:99:aa:1d:e0:46:3c:e5:33:b6:bf:d7:45:
00:ba:8b:a1:9b:db:73:da:ac:0c:42:4b:0a:38:6a:
a3:c9:95:89:22:60:93:e3:cf:ab:46:a3:3e:57:68:
85:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BB:1C:B1:86:68:09:80:18:77:DA:38:6C:4C:15:A8:B3:FE:BD:B8
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/trscsYZoCYAYd9o4bEwVqLP-vbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.0.0-212.104.47.255
Signature Algorithm: sha256WithRSAEncryption
a2:7e:c8:38:30:e5:09:6d:d4:49:eb:46:b0:cc:c2:57:a6:81:
89:eb:7c:f0:1b:2b:67:70:41:59:5f:40:dc:78:6a:19:34:59:
f7:fe:db:ba:2a:99:7a:77:1c:ef:c6:7f:c6:20:14:99:14:d9:
5e:19:ef:d8:a0:b4:e7:b0:73:a2:a7:31:64:47:f3:53:08:fc:
76:ee:2e:f5:a2:63:81:4b:57:88:78:b4:90:c3:b3:b7:78:15:
4c:eb:25:0d:80:65:12:44:4c:0c:b4:46:f5:df:ac:ea:2d:5e:
94:b2:3d:5c:0e:37:c7:ff:58:4f:5a:3f:9c:32:5f:83:ee:6e:
69:2a:da:10:f1:8c:b1:dc:83:f1:2c:62:9b:60:54:aa:f3:b9:
62:24:63:e2:e1:c2:e9:3e:44:d6:be:97:73:ad:b9:7f:2e:42:
b9:4c:0d:ab:35:33:61:9c:d3:0e:25:a2:72:b5:36:fc:ba:0a:
1b:8d:75:45:ff:72:87:e2:4d:8a:9e:ed:50:9b:ef:9d:ee:65:
2c:ce:5a:d3:6f:a1:9d:3e:6c:cb:48:e5:64:70:5e:7b:61:a6:
73:e0:c6:9f:ab:7c:79:c8:43:77:2c:c9:24:90:5e:ba:4b:b0:
62:a6:ec:10:42:98:d9:1d:6f:5c:ee:f4:0b:a8:74:09:bd:5f:
7c:3e:65:e9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVxadiJyQ+NnjjFkp1WRxV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjMwMTAyMDczNzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmJiMWNiMTg2NjgwOTgwMTg3N2RhMzg2YzRjMTVhOGIzZmViZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcnbo+u++Uh0J582bE+/bl7NQ+Oy
9tAFlb2ijiQoRGIq4XRUb+ChHKRtrxV1WA6BZCjOGAj6hMis3IqtkE5aIpkWbQBB
yNzeV4q4UxFdJWpccVgdsN1S+bssJomgklxdtXt1MytrXN1rZFuYOoLVjuoerin9
a4YhFPoLeXksJr5wU8S4A3l9k7FYyHBrxybAJu2nt8ZBGD3IIIYsHmjNS9je5wBd
hazIK+OBbjdEeh0opCDkp/VA4BOMi4XYSzSVGwgYZBI0z1vZPGAWmiWpfFzNtF2Z
qh3gRjzlM7a/10UAuouhm9tz2qwMQksKOGqjyZWJImCT48+rRqM+V2iFBwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFLa7HLGGaAmAGHfaOGxMFaiz/r24MB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvdHJzY3NZWm9DWUFZZDlvNGJFd1ZxTFAtdmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwPUaAME
BNRoIDANBgkqhkiG9w0BAQsFAAOCAQEAon7IODDlCW3USetGsMzCV6aBiet88Bsr
Z3BBWV9A3HhqGTRZ9/7buiqZencc78Z/xiAUmRTZXhnv2KC057BzoqcxZEfzUwj8
du4u9aJjgUtXiHi0kMOzt3gVTOslDYBlEkRMDLRG9d+s6i1elLI9XA43x/9YT1o/
nDJfg+5uaSraEPGMsdyD8Sxim2BUqvO5YiRj4uHC6T5E1r6Xc625fy5CuUwNqzUz
YZzTDiWicrU2/LoKG411Rf9yh+JNip7tUJvvne5lLM5a02+hnT5sy0jlZHBee2Gm
c+DGn6t8echDdyzJJJBeukuwYqbsEEKY2R1vXO70C6h0Cb1ffD5l6Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:24 2023 by rpki-client on console-fra.rpki-client.org