Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IKmBfmP-yD4MChfQdCZ5bSmSeZ4.roa
File: IKmBfmP-yD4MChfQdCZ5bSmSeZ4.roa (raw, json)
Hash identifier: qV8H96K695+VU+dyTF5uR9eWY/rJBg/PAEuQJJPrhCY=
Subject key identifier: 20:A9:81:7E:63:FE:C8:3E:0C:0A:17:D0:74:26:79:6D:29:92:79:9E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019028349ACA75ED1B16C97E72CAE8FA5CAB
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IKmBfmP-yD4MChfQdCZ5bSmSeZ4.roa
Signing time: Mon 17 Jun 2024 21:57:34 +0000
ROA not before: Mon 17 Jun 2024 21:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40940
IP address blocks: 43.225.88.0/23 maxlen: 24
188.214.236.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 06:46:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:28:34:9a:ca:75:ed:1b:16:c9:7e:72:ca:e8:fa:5c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 17 21:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20a9817e63fec83e0c0a17d07426796d2992799e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a7:ae:74:cd:21:b4:ab:8f:fc:4c:47:e7:ae:
a2:bc:df:9a:82:db:63:ac:40:e8:e7:37:76:5c:98:
9b:59:9d:9f:30:c1:7b:79:5c:f4:e9:97:03:19:8c:
42:bc:cc:50:70:ea:47:af:87:4d:ed:4f:a7:58:11:
96:94:c7:85:2f:c3:b8:9d:87:b6:fe:5f:4d:f6:24:
b8:00:61:78:af:9e:ea:e2:54:f1:fe:62:e5:8d:71:
7f:74:10:1a:d3:fe:3d:45:60:0d:7f:23:d4:7d:c6:
b7:7c:7e:ac:4b:46:20:ea:46:6b:69:2e:be:a6:91:
be:c5:2e:92:98:12:6e:9f:fc:81:80:b9:21:d8:49:
a5:72:58:c9:4d:11:49:b8:65:61:df:70:aa:cb:d1:
bf:46:d8:df:bf:7b:fd:16:d8:7b:9a:28:c0:1e:7e:
48:13:66:5f:94:1f:f9:d5:e1:b4:27:a9:2a:d9:74:
cb:88:d3:54:0e:70:53:e4:bc:60:ed:0f:93:af:9d:
f4:f7:f4:0d:55:9d:a9:3f:60:fa:4f:08:bc:00:70:
da:24:b6:10:17:25:9c:f5:e9:aa:a4:27:3b:ad:1e:
19:77:03:68:a7:fe:9a:d3:81:f6:04:55:c6:de:06:
64:94:11:62:21:4d:48:9c:be:b8:8c:08:3c:6a:92:
48:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A9:81:7E:63:FE:C8:3E:0C:0A:17:D0:74:26:79:6D:29:92:79:9E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IKmBfmP-yD4MChfQdCZ5bSmSeZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.225.88.0/23
188.214.236.0/23
Signature Algorithm: sha256WithRSAEncryption
92:3f:86:87:ef:7e:fa:42:5b:8d:c9:17:9d:26:e6:91:7b:2f:
e6:2d:91:e5:75:9d:bd:d4:9d:03:12:df:0e:77:b5:9a:68:9c:
f2:a6:e9:09:96:7c:58:d6:c0:15:55:6e:85:91:ac:6c:17:32:
38:c8:83:e1:69:89:4a:fe:99:74:a4:00:de:0d:1d:b2:5e:68:
f3:3b:86:34:ca:bf:7f:06:d3:2f:15:16:b5:e3:f4:c3:80:73:
63:22:24:1f:6f:49:32:50:fc:6e:ec:27:fd:3b:a2:80:f0:a8:
71:89:1a:49:de:e8:c2:60:22:e7:42:f4:1d:ab:19:8d:bd:02:
53:d6:73:b4:9d:f0:88:11:42:e2:77:fa:46:98:70:26:48:c3:
5e:c2:56:e7:82:27:09:fe:be:11:76:7c:2f:c6:de:ed:cb:ba:
61:e5:40:dd:c9:2a:fd:60:1c:5d:ba:5a:de:15:bf:6d:64:f1:
ad:6e:7a:42:73:d0:4a:73:17:ec:89:a9:09:5c:73:6e:c5:dc:
b3:9d:2a:7e:98:1f:1d:73:40:fa:1f:05:e7:2c:a0:d2:81:bb:
d0:74:8e:2a:47:1d:c5:05:d3:72:dc:fa:c9:e5:04:67:11:cd:
b2:4c:97:2f:21:80:b7:53:56:c0:f3:c6:97:b8:d6:3a:b6:6e:
0c:2d:37:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAoNJrKde0bFsl+csro+lyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjE3MjE1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGE5ODE3ZTYzZmVjODNlMGMwYTE3ZDA3NDI2Nzk2ZDI5OTI3OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6eudM0htKuP/ExH566ivN+agttj
rEDo5zd2XJibWZ2fMMF7eVz06ZcDGYxCvMxQcOpHr4dN7U+nWBGWlMeFL8O4nYe2
/l9N9iS4AGF4r57q4lTx/mLljXF/dBAa0/49RWANfyPUfca3fH6sS0Yg6kZraS6+
ppG+xS6SmBJun/yBgLkh2EmlcljJTRFJuGVh33Cqy9G/Rtjfv3v9Fth7mijAHn5I
E2ZflB/51eG0J6kq2XTLiNNUDnBT5Lxg7Q+Tr5309/QNVZ2pP2D6Twi8AHDaJLYQ
FyWc9emqpCc7rR4ZdwNop/6a04H2BFXG3gZklBFiIU1InL64jAg8apJIgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCCpgX5j/sg+DAoX0HQmeW0pknmeMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvSUttQmZtUC15RDRNQ2hmUWRDWjViU21TZVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBK+FYAwQB
vNbsMA0GCSqGSIb3DQEBCwUAA4IBAQCSP4aH7376QluNyRedJuaRey/mLZHldZ29
1J0DEt8Od7WaaJzypukJlnxY1sAVVW6FkaxsFzI4yIPhaYlK/pl0pADeDR2yXmjz
O4Y0yr9/BtMvFRa14/TDgHNjIiQfb0kyUPxu7Cf9O6KA8KhxiRpJ3ujCYCLnQvQd
qxmNvQJT1nO0nfCIEULid/pGmHAmSMNewlbngicJ/r4Rdnwvxt7ty7ph5UDdySr9
YBxdulreFb9tZPGtbnpCc9BKcxfsiakJXHNuxdyznSp+mB8dc0D6HwXnLKDSgbvQ
dI4qRx3FBdNy3PrJ5QRnEc2yTJcvIYC3U1bA88aXuNY6tm4MLTdS
-----END CERTIFICATE-----
Generated at Thu Jun 27 12:26:56 2024 by rpki-client on console-ams.rpki-client.org