Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eKf5O-Gu8YneLtLz7Eh141IPTCU.roa
File: eKf5O-Gu8YneLtLz7Eh141IPTCU.roa (raw, json)
Hash identifier: mOom9pRaA7uGb8DZCSItwZuMFuDF+V+oOA1KRKPWJ2A=
Subject key identifier: 78:A7:F9:3B:E1:AE:F1:89:DE:2E:D2:F3:EC:48:75:E3:52:0F:4C:25
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0190124A41145463FA4A21B8288DB944462D
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eKf5O-Gu8YneLtLz7Eh141IPTCU.roa
Signing time: Thu 13 Jun 2024 15:49:34 +0000
ROA not before: Thu 13 Jun 2024 15:49:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55933
IP address blocks: 43.225.88.0/23 maxlen: 24
188.214.236.0/23 maxlen: 24
188.214.238.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jun 2024 21:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:12:4a:41:14:54:63:fa:4a:21:b8:28:8d:b9:44:46:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 13 15:49:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78a7f93be1aef189de2ed2f3ec4875e3520f4c25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:07:7d:e6:97:19:52:44:a5:c5:f2:a9:6d:c9:
34:0f:37:e1:c1:ba:26:e3:c2:d0:a2:31:6a:6b:98:
ab:b0:a6:0b:ad:03:fd:59:f2:78:8d:57:aa:fd:b9:
4d:fc:e6:1f:35:73:cd:11:f4:0d:0f:1d:9c:a2:45:
f3:d9:df:af:1b:ec:e3:fc:4c:c3:1d:01:18:ab:f0:
46:94:0f:4d:bc:09:8d:b9:41:70:9c:40:7c:b7:bd:
5b:aa:2f:84:03:24:02:3e:a8:fa:9d:dc:d5:b0:4f:
6c:eb:55:f5:71:37:8c:7e:f9:f5:99:95:e6:71:db:
c4:9f:2e:27:f8:ee:b2:4a:2e:4f:4a:d9:34:a6:9e:
b9:72:f5:13:a6:5a:d5:00:06:55:78:42:97:ae:d0:
9c:1a:80:5f:9d:33:70:e5:8b:a8:f4:0c:de:73:2f:
6f:ca:a9:88:11:1d:92:06:b9:d4:fb:32:43:ee:a6:
b0:c2:e9:63:33:03:39:92:b2:ac:fc:b6:5c:92:91:
ce:a9:f4:66:f1:7d:77:59:c5:d5:2f:6f:98:50:de:
1f:d2:5b:2d:ca:2e:f7:bb:51:ba:c7:67:be:a7:e5:
cb:3d:7f:11:d5:ff:09:0f:65:65:8c:b9:db:cd:55:
4a:65:02:45:66:18:c8:b6:c5:2a:87:45:ad:42:22:
fb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A7:F9:3B:E1:AE:F1:89:DE:2E:D2:F3:EC:48:75:E3:52:0F:4C:25
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eKf5O-Gu8YneLtLz7Eh141IPTCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.225.88.0/23
188.214.236.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:59:97:d7:b8:61:9f:4b:6e:a6:88:0f:e5:60:22:29:bd:27:
46:bd:07:54:e1:1a:db:33:0b:ec:3f:26:a0:a7:a2:ed:66:81:
49:62:c6:86:04:98:8d:a3:4c:de:0a:49:1a:d5:a9:e7:50:0f:
d5:6f:09:ec:94:6b:29:39:71:a2:59:90:c9:a6:0a:64:30:99:
c6:9f:34:a9:34:43:e4:da:1f:26:36:1b:2c:3b:94:3c:0b:9e:
73:47:c4:36:fb:e9:b5:00:b4:7b:50:11:f6:39:96:64:4c:64:
a6:b5:c8:50:47:1d:d7:47:ba:f5:78:5f:cf:41:63:59:b7:90:
53:9b:ba:69:b5:01:e0:c8:69:80:47:8b:93:dc:44:f2:f1:25:
9a:b3:c7:25:e4:77:25:73:bd:c1:83:33:ec:83:a5:08:ce:2b:
e5:c2:3d:0b:5c:51:18:b1:cd:26:6f:f7:63:c1:8d:c0:72:f0:
b4:45:43:df:56:b9:b4:74:d2:ab:e6:cf:7c:d2:b2:07:aa:d0:
67:4a:04:ed:8b:67:95:8f:c6:5c:7a:3c:4e:fc:b4:fa:cd:4c:
35:7f:24:88:b1:61:40:bc:a8:f7:8f:58:f6:25:df:0b:01:11:
c3:73:f1:84:76:d2:93:d9:6f:a3:f3:a6:55:3b:19:04:ae:bb:
46:83:13:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZASSkEUVGP6SiG4KI25REYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjEzMTU0OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGE3ZjkzYmUxYWVmMTg5ZGUyZWQyZjNlYzQ4NzVlMzUyMGY0YzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8gd95pcZUkSlxfKpbck0Dzfhwbom
48LQojFqa5irsKYLrQP9WfJ4jVeq/blN/OYfNXPNEfQNDx2cokXz2d+vG+zj/EzD
HQEYq/BGlA9NvAmNuUFwnEB8t71bqi+EAyQCPqj6ndzVsE9s61X1cTeMfvn1mZXm
cdvEny4n+O6ySi5PStk0pp65cvUTplrVAAZVeEKXrtCcGoBfnTNw5Yuo9Azecy9v
yqmIER2SBrnU+zJD7qawwuljMwM5krKs/LZckpHOqfRm8X13WcXVL2+YUN4f0lst
yi73u1G6x2e+p+XLPX8R1f8JD2VljLnbzVVKZQJFZhjItsUqh0WtQiL7dwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHin+TvhrvGJ3i7S8+xIdeNSD0wlMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZUtmNU8tR3U4WW5lTHRMejdFaDE0MUlQVENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBK+FYAwQC
vNbsMA0GCSqGSIb3DQEBCwUAA4IBAQC7WZfXuGGfS26miA/lYCIpvSdGvQdU4Rrb
MwvsPyagp6LtZoFJYsaGBJiNo0zeCkka1annUA/VbwnslGspOXGiWZDJpgpkMJnG
nzSpNEPk2h8mNhssO5Q8C55zR8Q2++m1ALR7UBH2OZZkTGSmtchQRx3XR7r1eF/P
QWNZt5BTm7pptQHgyGmAR4uT3ETy8SWas8cl5Hclc73BgzPsg6UIzivlwj0LXFEY
sc0mb/djwY3AcvC0RUPfVrm0dNKr5s980rIHqtBnSgTti2eVj8ZcejxO/LT6zUw1
fySIsWFAvKj3j1j2Jd8LARHDc/GEdtKT2W+j86ZVOxkErrtGgxMq
-----END CERTIFICATE-----
Generated at Tue Jun 18 00:15:20 2024 by rpki-client on console-fra.rpki-client.org