Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7Ksga9cOJsSMJ4rnci-Yh6og5os.roa
File: 7Ksga9cOJsSMJ4rnci-Yh6og5os.roa (raw, json)
Hash identifier: 65f0MEjth7cq6J0pq2plY/vLoHJ6FZSXP9ulzd1dBZk=
Subject key identifier: EC:AB:20:6B:D7:0E:26:C4:8C:27:8A:E7:72:2F:98:87:AA:20:E6:8B
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A34941915BBD26AAAE1296C6934F5
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7Ksga9cOJsSMJ4rnci-Yh6og5os.roa
Signing time: Mon 02 Jan 2023 12:34:49 +0000
ROA not before: Mon 02 Jan 2023 12:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49901
IP address blocks: 212.90.100.0/23 maxlen: 24
46.249.98.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 12:15:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:34:94:19:15:bb:d2:6a:aa:e1:29:6c:69:34:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecab206bd70e26c48c278ae7722f9887aa20e68b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:99:e0:31:a2:93:ad:78:39:1e:ea:fb:47:be:
3a:1d:fc:0c:14:89:72:ee:dd:35:6c:14:e2:7a:08:
20:8d:dc:20:93:06:6d:97:ce:f9:df:a7:82:fd:b2:
27:27:bb:e7:93:37:24:9f:02:4b:ed:16:10:70:88:
de:c9:3a:a2:61:73:43:1f:01:18:37:b7:90:31:36:
0a:07:ea:2a:4a:1f:09:b9:71:44:fd:03:84:23:e3:
ae:d7:ae:65:db:67:bc:27:ea:c7:40:38:f1:1c:5f:
a5:da:4a:e8:c3:cd:5b:77:97:cb:8b:c0:00:24:7b:
c9:2b:b0:67:0f:de:52:e6:f1:5a:35:84:c2:bb:01:
05:0f:c2:d8:e7:d1:78:24:51:8c:ab:59:96:8c:9c:
32:ce:d5:b8:44:6b:73:25:0c:ec:8f:93:bf:65:c3:
a9:29:09:e4:cf:ad:53:74:e6:4d:4f:c3:bf:9f:c1:
06:e1:0a:ca:74:81:12:8d:89:47:3a:9d:9d:6a:32:
90:fc:d5:56:3e:8e:a5:6e:fb:dc:93:5b:07:bd:0f:
01:7f:ef:65:34:c1:63:a5:83:6b:21:a0:db:76:9e:
d6:98:44:f3:9d:43:b0:e2:5c:e4:50:76:ec:73:36:
d0:a3:07:40:c2:be:1d:c3:f6:34:5d:c4:14:5b:ac:
e8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:AB:20:6B:D7:0E:26:C4:8C:27:8A:E7:72:2F:98:87:AA:20:E6:8B
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7Ksga9cOJsSMJ4rnci-Yh6og5os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.98.0/23
212.90.100.0/23
Signature Algorithm: sha256WithRSAEncryption
01:15:7a:11:d2:0d:86:80:27:f3:cd:6c:30:57:c4:e6:33:39:
79:e7:4c:43:b1:48:57:82:22:b7:82:02:2e:f6:cb:77:a8:f6:
86:ef:76:68:a9:5e:32:73:7f:d3:2c:90:84:58:e1:0d:5f:18:
62:01:9b:e5:ee:b3:47:13:87:bb:37:75:51:2d:cd:2d:b4:18:
22:e4:c7:24:02:3e:d7:76:35:7a:99:c6:62:f1:11:00:6c:08:
52:ce:d6:fb:56:a3:09:43:f8:bd:01:cd:4e:08:bd:d0:23:20:
50:db:db:ce:cf:12:ef:63:51:bb:a7:b6:f7:42:aa:52:7c:59:
c8:2c:ee:68:11:c8:72:b6:27:24:e5:4c:37:29:bb:72:77:e9:
4f:e9:f5:16:57:c0:79:3d:84:89:ae:f2:36:29:3b:3b:6c:f6:
5f:e6:62:53:d0:40:80:20:5e:4e:56:79:b9:a5:8a:a3:a6:98:
a4:63:0a:0d:dc:b4:92:e7:03:a1:57:e2:bc:fd:8c:4c:6e:fa:
5d:3b:8e:62:96:0b:b3:99:5f:ee:8d:0e:24:f7:0f:6b:8c:3b:
5c:c4:c1:6b:5c:91:e7:19:21:c7:6a:4f:9d:0c:4c:0f:48:ed:
0e:31:45:9d:8d:77:75:8a:70:ea:66:ef:09:20:38:51:fa:62:
07:1f:e6:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyejSUGRW70mqq4SlsaTT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2FiMjA2YmQ3MGUyNmM0OGMyNzhhZTc3MjJmOTg4N2FhMjBlNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpngMaKTrXg5Hur7R746HfwMFIly
7t01bBTiegggjdwgkwZtl87536eC/bInJ7vnkzcknwJL7RYQcIjeyTqiYXNDHwEY
N7eQMTYKB+oqSh8JuXFE/QOEI+Ou165l22e8J+rHQDjxHF+l2krow81bd5fLi8AA
JHvJK7BnD95S5vFaNYTCuwEFD8LY59F4JFGMq1mWjJwyztW4RGtzJQzsj5O/ZcOp
KQnkz61TdOZNT8O/n8EG4QrKdIESjYlHOp2dajKQ/NVWPo6lbvvck1sHvQ8Bf+9l
NMFjpYNrIaDbdp7WmETznUOw4lzkUHbsczbQowdAwr4dw/Y0XcQUW6zoUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOyrIGvXDibEjCeK53IvmIeqIOaLMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvN0tzZ2E5Y09Kc1NNSjRybmNpLVloNm9nNW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLvliAwQB
1FpkMA0GCSqGSIb3DQEBCwUAA4IBAQABFXoR0g2GgCfzzWwwV8TmMzl550xDsUhX
giK3ggIu9st3qPaG73ZoqV4yc3/TLJCEWOENXxhiAZvl7rNHE4e7N3VRLc0ttBgi
5MckAj7XdjV6mcZi8REAbAhSztb7VqMJQ/i9Ac1OCL3QIyBQ29vOzxLvY1G7p7b3
QqpSfFnILO5oEchytick5Uw3Kbtyd+lP6fUWV8B5PYSJrvI2KTs7bPZf5mJT0ECA
IF5OVnm5pYqjppikYwoN3LSS5wOhV+K8/YxMbvpdO45ilguzmV/ujQ4k9w9rjDtc
xMFrXJHnGSHHak+dDEwPSO0OMUWdjXd1inDqZu8JIDhR+mIHH+YM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org