Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/lSqY0xG7H9vm3VGjJRxosSbaySI.roa
File: lSqY0xG7H9vm3VGjJRxosSbaySI.roa (raw, json)
Hash identifier: Z6CIZstEBRkZH0A44O1V0m6+jSj1fvL23lSqnKMFs10=
Subject key identifier: 95:2A:98:D3:11:BB:1F:DB:E6:DD:51:A3:25:1C:68:B1:26:DA:C9:22
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 018BF25C5EBD6F7A7D5FEB96ECDD7E32F877
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/lSqY0xG7H9vm3VGjJRxosSbaySI.roa
Signing time: Tue 21 Nov 2023 14:50:21 +0000
ROA not before: Tue 21 Nov 2023 14:50:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56798
IP address blocks: 212.102.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:5c:5e:bd:6f:7a:7d:5f:eb:96:ec:dd:7e:32:f8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: Nov 21 14:50:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=952a98d311bb1fdbe6dd51a3251c68b126dac922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cd:33:1f:73:e8:36:93:3d:af:cc:4a:ca:24:
de:98:29:9c:7c:95:6b:16:31:04:82:12:5f:24:0f:
82:97:85:e9:58:89:70:55:f5:8e:ea:3f:c2:12:14:
57:90:7b:c4:a6:79:ce:57:62:c9:09:9e:fb:2b:6e:
0b:d8:50:bf:0c:a8:19:29:d3:84:8b:af:11:73:e6:
9e:25:d6:2b:be:7d:78:1d:29:a9:b3:f8:40:9a:b0:
48:86:ea:4d:0a:5f:c6:c3:8d:42:5e:cb:77:16:a2:
ed:35:98:9e:01:10:f6:83:ac:50:5d:03:1d:c9:cc:
92:90:01:24:ab:90:b3:09:9d:1b:18:4d:1f:6f:17:
0f:c4:36:3a:8a:5d:80:91:f6:ca:13:79:7b:1e:dc:
03:5b:3f:e8:ed:82:05:fd:7b:93:41:a4:9f:03:85:
58:8f:64:36:29:f1:b1:1e:1d:d5:5f:f3:30:73:df:
1e:2a:e1:ba:71:46:53:e6:33:32:12:a3:77:b9:5d:
74:31:ec:de:13:14:95:4d:c4:ee:ee:e3:e7:2e:f0:
50:14:e3:e9:cb:8d:4d:a1:23:56:f8:d2:2f:09:f1:
b2:bf:05:e3:91:bd:76:e8:06:c5:69:e2:8c:09:51:
25:8c:2e:a1:50:04:c9:07:f8:4a:b0:78:d7:39:cf:
36:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2A:98:D3:11:BB:1F:DB:E6:DD:51:A3:25:1C:68:B1:26:DA:C9:22
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/lSqY0xG7H9vm3VGjJRxosSbaySI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.126.0/24
Signature Algorithm: sha256WithRSAEncryption
66:78:f2:03:29:ff:85:1f:36:07:93:e6:da:68:15:53:d9:48:
74:bb:57:7b:ca:80:e9:03:13:15:ee:06:90:44:2c:76:6f:4e:
ce:15:72:f9:f3:0d:d8:08:60:1c:ad:e0:45:16:9e:77:f5:40:
1a:7f:56:a9:c8:50:c0:af:e1:bf:39:74:c6:52:83:dd:43:72:
08:f9:de:f7:04:1b:27:00:15:36:93:d9:e1:8c:bf:6c:0e:4d:
7f:b4:eb:6a:91:a2:54:04:25:c9:22:b6:c7:30:a7:68:b7:ce:
02:f6:d4:ad:cf:3f:56:b3:43:03:ee:76:c1:0a:4f:dd:7c:71:
1b:71:41:68:40:36:07:26:d6:bd:a8:13:2f:53:3c:5b:d0:18:
e4:fd:ba:7a:83:53:92:5e:4d:53:57:a1:f6:87:83:f0:3a:4c:
1a:85:67:1a:f9:ef:f5:74:eb:81:83:4d:7d:6b:e0:98:68:7c:
24:e2:a4:5a:f0:7c:ca:32:5f:3c:3c:a0:a0:90:1f:5d:a6:97:
8d:e3:fc:f0:4b:ac:64:ff:f7:dd:0a:fd:8f:34:3d:85:36:ca:
0f:e8:d9:c6:78:80:35:6f:2c:ee:74:7e:3c:fb:d3:b4:ee:ab:
f6:ec:e7:d3:20:9c:e9:ef:5e:20:f5:b8:f0:05:34:f1:3e:25:
e5:1e:a9:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvyXF69b3p9X+uW7N1+Mvh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjMxMTIxMTQ1MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTJhOThkMzExYmIxZmRiZTZkZDUxYTMyNTFjNjhiMTI2ZGFjOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs0zH3PoNpM9r8xKyiTemCmcfJVr
FjEEghJfJA+Cl4XpWIlwVfWO6j/CEhRXkHvEpnnOV2LJCZ77K24L2FC/DKgZKdOE
i68Rc+aeJdYrvn14HSmps/hAmrBIhupNCl/Gw41CXst3FqLtNZieARD2g6xQXQMd
ycySkAEkq5CzCZ0bGE0fbxcPxDY6il2AkfbKE3l7HtwDWz/o7YIF/XuTQaSfA4VY
j2Q2KfGxHh3VX/Mwc98eKuG6cUZT5jMyEqN3uV10MezeExSVTcTu7uPnLvBQFOPp
y41NoSNW+NIvCfGyvwXjkb126AbFaeKMCVEljC6hUATJB/hKsHjXOc82VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUqmNMRux/b5t1RoyUcaLEm2skiMB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvbFNxWTB4RzdIOXZtM1ZHakpSeG9zU2JheVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GZ+MA0G
CSqGSIb3DQEBCwUAA4IBAQBmePIDKf+FHzYHk+baaBVT2Uh0u1d7yoDpAxMV7gaQ
RCx2b07OFXL58w3YCGAcreBFFp539UAaf1apyFDAr+G/OXTGUoPdQ3II+d73BBsn
ABU2k9nhjL9sDk1/tOtqkaJUBCXJIrbHMKdot84C9tStzz9Ws0MD7nbBCk/dfHEb
cUFoQDYHJta9qBMvUzxb0Bjk/bp6g1OSXk1TV6H2h4PwOkwahWca+e/1dOuBg019
a+CYaHwk4qRa8HzKMl88PKCgkB9dppeN4/zwS6xk//fdCv2PND2FNsoP6NnGeIA1
byzudH48+9O07qv27OfTIJzp714g9bjwBTTxPiXlHqmu
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:51 2024 by rpki-client on console-fra.rpki-client.org