Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/fsSTiOlN739hpZ7kZBF9_aa_yfc.roa
File: fsSTiOlN739hpZ7kZBF9_aa_yfc.roa (raw, json)
Hash identifier: N1rIHK1KKfxSgMf45YOHBJU3jlph+KEj8sT6BzzEQPk=
Subject key identifier: 7E:C4:93:88:E9:4D:EF:7F:61:A5:9E:E4:64:11:7D:FD:A6:BF:C9:F7
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 01889EBBDD020DB591BC6A61756E6B11A542
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/fsSTiOlN739hpZ7kZBF9_aa_yfc.roa
Signing time: Fri 09 Jun 2023 05:58:11 +0000
ROA not before: Fri 09 Jun 2023 05:58:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25091
IP address blocks: 46.20.240.0/20 maxlen: 24
185.60.52.0/22 maxlen: 24
5.144.32.0/21 maxlen: 24
212.102.126.0/24 maxlen: 24
2a02:2528::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9e:bb:dd:02:0d:b5:91:bc:6a:61:75:6e:6b:11:a5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: Jun 9 05:58:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ec49388e94def7f61a59ee464117dfda6bfc9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:25:36:07:ff:33:a0:19:0d:6d:74:a1:a8:ab:
bc:1a:4a:eb:2c:a1:46:7a:9d:af:13:3c:02:bd:37:
cb:fd:96:46:95:d2:d6:b3:0f:bf:9a:70:2c:c3:2e:
99:ee:75:2e:cb:37:2f:b7:99:ed:88:ce:34:ee:f5:
98:56:18:6d:88:28:53:cc:4d:fc:89:fb:aa:bd:4e:
4f:83:8a:df:6d:ae:a7:dd:dc:fe:e4:fa:56:a8:44:
8b:33:c5:09:57:7e:72:9a:97:af:47:12:ad:9f:cf:
2e:c6:a4:0c:c5:ec:f0:66:a1:ef:86:62:ab:aa:9d:
4c:bd:dd:7e:f9:7c:ba:36:6a:e5:82:04:f9:0e:ee:
11:ca:2d:73:57:5d:1f:04:42:7a:5f:6c:96:71:0a:
00:f0:f9:b9:a1:0b:33:58:5f:5e:fe:8c:21:55:8c:
07:4d:b5:d9:57:33:5c:76:b4:3d:65:b3:60:ff:bc:
52:9b:38:e5:e3:a2:ff:de:55:0c:f2:66:e4:2f:b6:
fe:29:7f:85:14:fb:10:a5:d2:a4:5c:c0:f5:d9:a1:
ba:d0:52:2b:35:d8:2f:03:eb:cc:a6:a2:92:dc:0a:
a3:a1:03:7c:7b:c2:09:ae:c8:da:72:b6:99:c4:af:
20:ee:3f:8c:06:0a:cf:0f:e7:c6:a5:e1:c8:20:46:
82:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C4:93:88:E9:4D:EF:7F:61:A5:9E:E4:64:11:7D:FD:A6:BF:C9:F7
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/fsSTiOlN739hpZ7kZBF9_aa_yfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.32.0/21
46.20.240.0/20
185.60.52.0/22
212.102.126.0/24
IPv6:
2a02:2528::/29
Signature Algorithm: sha256WithRSAEncryption
20:0f:05:ba:a9:89:e0:9d:50:f0:41:2c:fb:c6:a1:b8:ea:a6:
dc:3e:ec:f1:6a:d8:f8:73:b5:27:42:23:92:10:b7:d0:09:5e:
1b:45:36:6a:76:49:47:57:85:b6:2a:e0:e3:a2:8a:7d:f5:0a:
c7:2f:21:b4:e9:d0:c3:5e:73:3b:77:df:c4:1c:d1:5f:21:31:
4b:32:e3:f4:c5:0d:4e:9d:e3:bb:f3:b6:a0:2e:15:68:d6:0a:
0b:c8:07:12:1d:20:49:a0:4a:25:97:60:74:b8:05:ac:4e:1d:
4d:5b:5c:76:b1:67:d2:19:ed:ac:99:5e:a0:5e:b3:ef:f1:0d:
ef:8c:a5:38:12:2f:43:d8:31:f9:f7:c1:dd:a4:a7:33:b0:b3:
36:55:18:d4:09:7f:ee:7f:f4:72:40:e7:55:cb:86:b8:28:78:
02:9c:5a:ef:2d:ec:86:a7:11:bb:51:1c:bf:1f:39:c8:2a:38:
dc:5e:19:ba:62:15:ac:4f:c6:74:e3:08:62:3a:c4:4e:71:4b:
f7:24:00:07:49:fe:ad:ff:a3:57:b0:ca:97:f9:78:01:bb:71:
71:01:77:97:2c:0f:ee:19:ba:c5:72:3c:f5:a4:5b:b1:80:c1:
75:11:2f:23:3a:82:4c:b6:d1:75:bd:94:08:e4:09:05:08:3b:
d5:c6:b6:76
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYieu90CDbWRvGphdW5rEaVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjMwNjA5MDU1ODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWM0OTM4OGU5NGRlZjdmNjFhNTllZTQ2NDExN2RmZGE2YmZjOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyU2B/8zoBkNbXShqKu8GkrrLKFG
ep2vEzwCvTfL/ZZGldLWsw+/mnAswy6Z7nUuyzcvt5ntiM407vWYVhhtiChTzE38
ifuqvU5Pg4rfba6n3dz+5PpWqESLM8UJV35ympevRxKtn88uxqQMxezwZqHvhmKr
qp1Mvd1++Xy6NmrlggT5Du4Ryi1zV10fBEJ6X2yWcQoA8Pm5oQszWF9e/owhVYwH
TbXZVzNcdrQ9ZbNg/7xSmzjl46L/3lUM8mbkL7b+KX+FFPsQpdKkXMD12aG60FIr
NdgvA+vMpqKS3AqjoQN8e8IJrsjacraZxK8g7j+MBgrPD+fGpeHIIEaCJwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFH7Ek4jpTe9/YaWe5GQRff2mv8n3MB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvZnNTVGlPbE43MzlocFo3a1pCRjlfYWFfeWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZAgAwQE
LhTwAwQCuTw0AwQA1GZ+MA0EAgACMAcDBQMqAiUoMA0GCSqGSIb3DQEBCwUAA4IB
AQAgDwW6qYngnVDwQSz7xqG46qbcPuzxatj4c7UnQiOSELfQCV4bRTZqdklHV4W2
KuDjoop99QrHLyG06dDDXnM7d9/EHNFfITFLMuP0xQ1OneO787agLhVo1goLyAcS
HSBJoEoll2B0uAWsTh1NW1x2sWfSGe2smV6gXrPv8Q3vjKU4Ei9D2DH598HdpKcz
sLM2VRjUCX/uf/RyQOdVy4a4KHgCnFrvLeyGpxG7URy/HznIKjjcXhm6YhWsT8Z0
4whiOsROcUv3JAAHSf6t/6NXsMqX+XgBu3FxAXeXLA/uGbrFcjz1pFuxgMF1ES8j
OoJMttF1vZQI5AkFCDvVxrZ2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:53 2023 by rpki-client on console-fra.rpki-client.org