Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/dH_Y1P7oMIwIF8hjm9fMBQauf4U.roa
File: dH_Y1P7oMIwIF8hjm9fMBQauf4U.roa (raw, json)
Hash identifier: 7pNbZzpWHCPyCw7pHJ4o2/E/yQTNec0bcourlNrQFPo=
Subject key identifier: 74:7F:D8:D4:FE:E8:30:8C:08:17:C8:63:9B:D7:CC:05:06:AE:7F:85
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019028349B4D425055AD54940925E61093F1
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/dH_Y1P7oMIwIF8hjm9fMBQauf4U.roa
Signing time: Mon 17 Jun 2024 21:57:34 +0000
ROA not before: Mon 17 Jun 2024 21:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55933
IP address blocks: 43.225.88.0/23 maxlen: 24
188.214.236.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 06:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:28:34:9b:4d:42:50:55:ad:54:94:09:25:e6:10:93:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 17 21:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=747fd8d4fee8308c0817c8639bd7cc0506ae7f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3c:08:3c:d1:67:1b:7d:95:d3:d5:c7:85:5c:
78:7b:ab:bb:d2:fa:78:42:36:63:b3:d0:f7:4f:15:
9d:e7:37:c7:80:b5:a5:70:be:6f:55:73:b3:c4:b4:
45:02:e3:84:c8:7e:ba:05:07:d0:28:06:e8:7f:05:
7c:c6:26:be:74:c0:18:2a:cf:d9:5c:59:49:02:2e:
d0:29:cc:bc:c0:d0:7d:2c:70:15:bb:2e:52:c5:1b:
58:00:8f:fb:bf:9e:90:cd:9b:10:62:8e:67:96:2c:
c7:d7:be:f9:5d:51:ab:81:7a:4b:34:b9:d6:6d:87:
3c:27:58:0f:ab:69:0a:cb:1e:cb:0b:03:df:1f:9d:
b0:f6:38:7c:e2:2a:23:ec:02:0e:1a:48:16:41:d7:
ef:98:9a:47:43:e5:19:0d:d2:67:1f:1f:0d:6e:07:
9d:a9:60:eb:0a:46:74:b3:8b:09:3c:29:11:88:a5:
b4:84:72:40:25:a6:f1:5d:ca:b6:92:88:28:41:c1:
b8:41:01:60:de:db:72:b4:bf:c8:5f:45:81:1f:ec:
00:50:b8:c6:9d:37:90:31:eb:ac:63:ad:d7:38:11:
af:42:8e:23:96:9f:c6:cc:e1:09:8f:1c:dd:69:22:
49:a3:e0:e5:77:c4:7e:a5:74:f1:de:80:fa:60:01:
8e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7F:D8:D4:FE:E8:30:8C:08:17:C8:63:9B:D7:CC:05:06:AE:7F:85
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/dH_Y1P7oMIwIF8hjm9fMBQauf4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.225.88.0/23
188.214.236.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:48:7d:65:8d:94:bc:3c:57:0a:54:23:fb:41:96:30:c3:0f:
2d:d0:b0:b1:76:0f:c7:23:75:ce:9b:e3:ae:e3:b1:3c:c2:4f:
f5:c0:29:9b:6d:77:46:71:de:65:36:32:23:f3:6c:46:05:1d:
b3:36:af:ad:29:b6:ef:d2:77:5a:cb:a8:fd:fd:1a:67:a4:a4:
43:48:55:a7:c6:6e:74:71:8c:90:9f:85:c0:cb:f0:3c:85:e1:
41:77:7a:17:c3:d5:5a:8e:ed:6e:d0:f8:95:bd:f1:54:1b:d5:
c3:a8:b3:3f:a6:3d:32:a4:f3:d2:09:3c:3e:02:c5:5f:76:d8:
a5:01:98:a5:62:26:60:ac:3e:f3:bd:a4:0b:24:b0:2a:0d:43:
d6:c2:85:cf:00:76:da:1b:f6:e6:c6:14:b8:82:99:4b:05:53:
ce:08:3e:56:4b:38:49:09:b7:0a:33:f4:1a:42:2f:ca:89:a9:
a1:f6:74:e1:28:00:ec:39:15:b0:0a:be:51:7c:8e:7b:49:cc:
18:76:17:88:5a:d8:05:0d:53:bc:98:9b:a8:12:75:45:15:32:
09:35:89:76:ed:16:8f:dd:99:46:a9:63:7a:fe:2d:a9:fa:44:
c7:81:0d:ff:5f:fd:de:c5:7a:9a:3d:42:48:ff:8c:a1:7a:f5:
2b:93:90:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAoNJtNQlBVrVSUCSXmEJPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjE3MjE1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDdmZDhkNGZlZTgzMDhjMDgxN2M4NjM5YmQ3Y2MwNTA2YWU3Zjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TwIPNFnG32V09XHhVx4e6u70vp4
QjZjs9D3TxWd5zfHgLWlcL5vVXOzxLRFAuOEyH66BQfQKAbofwV8xia+dMAYKs/Z
XFlJAi7QKcy8wNB9LHAVuy5SxRtYAI/7v56QzZsQYo5nlizH1775XVGrgXpLNLnW
bYc8J1gPq2kKyx7LCwPfH52w9jh84ioj7AIOGkgWQdfvmJpHQ+UZDdJnHx8Nbged
qWDrCkZ0s4sJPCkRiKW0hHJAJabxXcq2kogoQcG4QQFg3ttytL/IX0WBH+wAULjG
nTeQMeusY63XOBGvQo4jlp/GzOEJjxzdaSJJo+Dld8R+pXTx3oD6YAGOewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHR/2NT+6DCMCBfIY5vXzAUGrn+FMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZEhfWTFQN29NSXdJRjhoam05Zk1CUWF1ZjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBK+FYAwQB
vNbsMA0GCSqGSIb3DQEBCwUAA4IBAQBtSH1ljZS8PFcKVCP7QZYwww8t0LCxdg/H
I3XOm+Ou47E8wk/1wCmbbXdGcd5lNjIj82xGBR2zNq+tKbbv0nday6j9/RpnpKRD
SFWnxm50cYyQn4XAy/A8heFBd3oXw9Vaju1u0PiVvfFUG9XDqLM/pj0ypPPSCTw+
AsVfdtilAZilYiZgrD7zvaQLJLAqDUPWwoXPAHbaG/bmxhS4gplLBVPOCD5WSzhJ
CbcKM/QaQi/Kiamh9nThKADsORWwCr5RfI57ScwYdheIWtgFDVO8mJuoEnVFFTIJ
NYl27RaP3ZlGqWN6/i2p+kTHgQ3/X/3exXqaPUJI/4yhevUrk5Cu
-----END CERTIFICATE-----
Generated at Thu Jun 27 12:26:56 2024 by rpki-client on console-ams.rpki-client.org