Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2GQmo-a9TWfdYb4dSQXsWkWgo-8.roa
File: 2GQmo-a9TWfdYb4dSQXsWkWgo-8.roa (raw, json)
Hash identifier: Zc2d8QuucOFjpEFogP5JU/s8c+b1773L2lqUts6Rzjg=
Subject key identifier: D8:64:26:A3:E6:BD:4D:67:DD:61:BE:1D:49:05:EC:5A:45:A0:A3:EF
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A3C29D32A3F6EC604440422A8966F
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2GQmo-a9TWfdYb4dSQXsWkWgo-8.roa
Signing time: Mon 02 Jan 2023 12:34:51 +0000
ROA not before: Mon 02 Jan 2023 12:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137443
IP address blocks: 212.90.100.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 12:15:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:3c:29:d3:2a:3f:6e:c6:04:44:04:22:a8:96:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d86426a3e6bd4d67dd61be1d4905ec5a45a0a3ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7f:3d:c4:03:ea:ed:83:3f:9a:5b:ff:a7:e5:
f2:61:24:4f:e7:1c:17:38:f9:61:4c:74:81:66:5d:
46:53:06:6e:e4:86:91:7a:be:00:4f:2f:e1:5b:75:
b5:0a:97:c3:f0:05:ff:78:b6:5a:5b:a1:cb:71:90:
d5:b7:fc:34:63:a6:82:77:af:fe:26:61:ee:f1:b7:
2b:21:8a:dc:07:3b:6d:01:eb:a4:ff:ec:81:b2:db:
7a:96:f4:74:4a:6b:b1:3a:13:62:a0:4f:d4:db:de:
10:29:71:aa:2a:25:61:bc:0b:9e:44:98:eb:3b:29:
b6:f8:b3:e4:df:00:3c:c5:ae:dc:82:d2:eb:0f:56:
b4:6d:19:88:27:3e:4c:d9:dc:6f:10:ed:00:3e:f0:
81:f9:b3:b2:0d:e6:02:2e:2f:3f:6f:5a:c4:fe:5d:
72:46:b0:eb:cc:d5:58:f4:45:1c:66:7b:08:9e:30:
ad:60:63:94:76:c3:c6:2a:fb:c6:12:71:15:63:c0:
15:7e:0b:fd:28:35:ac:02:cd:99:f8:94:93:b2:34:
43:e9:0d:79:5d:85:c8:28:cd:fd:84:77:03:81:98:
57:3b:d4:1a:f6:f3:cd:54:35:97:31:41:b7:86:e3:
64:11:82:81:c8:1b:02:ec:ae:6a:62:de:7f:1f:d1:
67:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:64:26:A3:E6:BD:4D:67:DD:61:BE:1D:49:05:EC:5A:45:A0:A3:EF
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2GQmo-a9TWfdYb4dSQXsWkWgo-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.90.100.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:a8:11:56:7f:51:e9:ea:9d:c2:ee:9a:9f:03:72:d3:df:c5:
58:a2:c1:a6:54:5a:19:37:cc:3b:a6:c3:32:29:c4:16:88:17:
a6:df:2f:dc:a7:c2:13:7c:f5:83:1a:ad:13:33:83:c4:4e:0d:
4a:b2:1a:b6:a8:cc:9e:dd:8f:11:b3:d7:83:b8:3e:2f:75:fd:
b2:ce:54:19:f8:c3:89:e6:d3:7b:7e:fc:56:18:c0:05:09:dc:
06:93:bc:c9:33:80:09:8b:e7:b6:53:c4:59:88:e3:a8:8d:55:
28:6c:47:48:a6:74:ea:3c:2d:37:c6:fb:d5:6e:92:26:96:87:
39:23:be:be:c9:d5:c9:cd:a2:4c:d6:9b:6c:8f:f7:07:17:2a:
13:b7:c1:f9:64:80:7b:1f:9b:ea:93:12:eb:81:83:47:78:85:
86:b9:c9:4b:71:e1:b9:97:a5:93:f1:d9:2b:d4:49:b2:03:5c:
4a:37:14:53:f3:72:3b:60:3a:92:6b:67:9e:93:f3:cc:91:d1:
61:12:ea:a9:bc:4c:bb:d8:5e:d3:f7:70:40:a7:4d:95:85:35:
58:dd:41:6e:07:4e:eb:c2:0f:98:ed:cf:59:e3:3b:90:91:58:
86:f6:c9:cd:5c:08:bd:8b:0c:a9:50:fd:01:d6:c3:56:40:b1:
bd:37:45:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyejwp0yo/bsYERAQiqJZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODY0MjZhM2U2YmQ0ZDY3ZGQ2MWJlMWQ0OTA1ZWM1YTQ1YTBhM2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1n89xAPq7YM/mlv/p+XyYSRP5xwX
OPlhTHSBZl1GUwZu5IaRer4ATy/hW3W1CpfD8AX/eLZaW6HLcZDVt/w0Y6aCd6/+
JmHu8bcrIYrcBzttAeuk/+yBstt6lvR0SmuxOhNioE/U294QKXGqKiVhvAueRJjr
Oym2+LPk3wA8xa7cgtLrD1a0bRmIJz5M2dxvEO0APvCB+bOyDeYCLi8/b1rE/l1y
RrDrzNVY9EUcZnsInjCtYGOUdsPGKvvGEnEVY8AVfgv9KDWsAs2Z+JSTsjRD6Q15
XYXIKM39hHcDgZhXO9Qa9vPNVDWXMUG3huNkEYKByBsC7K5qYt5/H9FnHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhkJqPmvU1n3WG+HUkF7FpFoKPvMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMkdRbW8tYTlUV2ZkWWI0ZFNRWHNXa1dnby04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1FpkMA0G
CSqGSIb3DQEBCwUAA4IBAQA6qBFWf1Hp6p3C7pqfA3LT38VYosGmVFoZN8w7psMy
KcQWiBem3y/cp8ITfPWDGq0TM4PETg1Kshq2qMye3Y8Rs9eDuD4vdf2yzlQZ+MOJ
5tN7fvxWGMAFCdwGk7zJM4AJi+e2U8RZiOOojVUobEdIpnTqPC03xvvVbpImloc5
I76+ydXJzaJM1ptsj/cHFyoTt8H5ZIB7H5vqkxLrgYNHeIWGuclLceG5l6WT8dkr
1EmyA1xKNxRT83I7YDqSa2eek/PMkdFhEuqpvEy72F7T93BAp02VhTVY3UFuB07r
wg+Y7c9Z4zuQkViG9snNXAi9iwypUP0B1sNWQLG9N0Vi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org