Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/otSI3qRQidEOZxhMiRR5kBBGuxk.roa
File: otSI3qRQidEOZxhMiRR5kBBGuxk.roa (raw, json)
Hash identifier: qnzw1HsJaVyCi76ESVBmWhOKx1qPhkSbCv27RwWZtI0=
Subject key identifier: A2:D4:88:DE:A4:50:89:D1:0E:67:18:4C:89:14:79:90:10:46:BB:19
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A3E15F2F62D9A0ADAA7800ECD4BF5
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/otSI3qRQidEOZxhMiRR5kBBGuxk.roa
Signing time: Mon 02 Jan 2023 12:34:51 +0000
ROA not before: Mon 02 Jan 2023 12:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147293
IP address blocks: 212.90.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 12:15:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:3e:15:f2:f6:2d:9a:0a:da:a7:80:0e:cd:4b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2d488dea45089d10e67184c891479901046bb19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:35:44:6f:b2:b8:05:24:10:d6:3d:ba:57:c4:
cf:45:28:5b:62:78:18:e2:3a:48:11:58:4c:05:bf:
45:53:f4:0d:c7:a9:03:86:ba:25:09:14:d2:e1:da:
a7:e2:83:bf:c4:93:54:22:05:4d:9d:13:f0:76:64:
38:8f:cd:51:ac:b6:9f:61:6b:2f:7c:9c:3c:51:7c:
18:e7:0d:d9:db:d7:74:cf:bb:a5:5e:90:80:4b:dc:
0a:c1:8e:d6:77:01:9e:40:aa:73:0a:af:4a:69:75:
11:5d:20:ce:db:7d:96:49:c2:ef:e6:73:1c:f2:35:
04:75:80:b1:3c:9c:71:c4:eb:71:bb:fb:7a:3b:97:
dc:41:16:99:ad:bf:4c:ce:72:75:8b:0a:fb:f7:9c:
d1:4e:bc:9a:3f:96:57:1c:22:71:90:3c:4a:91:5b:
31:7e:c1:bb:3a:0a:66:96:27:6c:54:51:e9:28:96:
65:b3:3e:fe:d7:37:c0:04:3d:e4:86:38:7c:53:0c:
60:9b:57:b3:cb:24:72:c7:04:f4:0f:81:c7:81:b8:
6c:47:7b:c0:b0:52:ad:fa:16:88:f3:4c:1a:0d:76:
d0:50:73:c4:01:82:99:1b:af:d3:d4:1c:da:e8:5e:
6b:55:18:ec:62:56:ec:d0:3f:25:63:23:1e:88:e3:
10:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D4:88:DE:A4:50:89:D1:0E:67:18:4C:89:14:79:90:10:46:BB:19
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/otSI3qRQidEOZxhMiRR5kBBGuxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.90.101.0/24
Signature Algorithm: sha256WithRSAEncryption
37:cb:9a:42:ad:22:0f:b5:c9:8e:aa:b6:e7:b1:b8:b2:f1:71:
8e:14:96:19:ab:02:d6:2a:da:43:a9:5a:c3:ee:c4:0e:32:21:
0f:4c:1b:7d:2a:e8:15:95:a8:ff:76:48:7c:fc:e8:f1:b6:6a:
14:8c:e3:cf:6a:fe:05:84:ad:7c:49:10:1d:5e:98:24:1d:20:
8f:5b:39:89:ca:97:4a:18:09:43:15:95:41:0c:00:8e:f2:d3:
52:ca:0b:4a:0d:d9:76:65:0c:a4:80:77:ac:d4:42:57:5b:4d:
79:04:89:0e:86:86:e4:8a:38:31:98:6f:15:6d:e1:fb:d3:9e:
22:37:3a:84:71:92:46:de:e9:d6:79:ed:95:3d:5f:4b:54:be:
be:27:73:3c:8a:7f:db:20:97:2e:92:7b:06:a3:16:62:39:56:
31:a1:6b:8a:a2:c1:a2:27:7b:fd:29:09:cc:ef:67:28:ef:fa:
b8:16:24:88:06:ad:07:1c:99:c7:fb:a0:cd:96:b3:6b:f4:ad:
b7:43:7b:ac:e4:e1:c0:43:32:80:ca:07:84:47:e8:6d:64:01:
46:c6:fd:e8:6e:db:59:50:a0:4e:54:e0:c5:63:ea:50:8f:7e:
83:93:39:2f:29:56:f6:1f:0d:85:84:b6:d9:71:58:a4:14:2a:
97:02:26:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyej4V8vYtmgrap4AOzUv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQ0ODhkZWE0NTA4OWQxMGU2NzE4NGM4OTE0Nzk5MDEwNDZiYjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTVEb7K4BSQQ1j26V8TPRShbYngY
4jpIEVhMBb9FU/QNx6kDhrolCRTS4dqn4oO/xJNUIgVNnRPwdmQ4j81RrLafYWsv
fJw8UXwY5w3Z29d0z7ulXpCAS9wKwY7WdwGeQKpzCq9KaXURXSDO232WScLv5nMc
8jUEdYCxPJxxxOtxu/t6O5fcQRaZrb9MznJ1iwr795zRTryaP5ZXHCJxkDxKkVsx
fsG7OgpmlidsVFHpKJZlsz7+1zfABD3khjh8Uwxgm1ezyyRyxwT0D4HHgbhsR3vA
sFKt+haI80waDXbQUHPEAYKZG6/T1Bza6F5rVRjsYlbs0D8lYyMeiOMQ8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLUiN6kUInRDmcYTIkUeZAQRrsZMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvb3RTSTNxUlFpZEVPWnhoTWlSUjVrQkJHdXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1FplMA0G
CSqGSIb3DQEBCwUAA4IBAQA3y5pCrSIPtcmOqrbnsbiy8XGOFJYZqwLWKtpDqVrD
7sQOMiEPTBt9KugVlaj/dkh8/OjxtmoUjOPPav4FhK18SRAdXpgkHSCPWzmJypdK
GAlDFZVBDACO8tNSygtKDdl2ZQykgHes1EJXW015BIkOhobkijgxmG8VbeH7054i
NzqEcZJG3unWee2VPV9LVL6+J3M8in/bIJcuknsGoxZiOVYxoWuKosGiJ3v9KQnM
72co7/q4FiSIBq0HHJnH+6DNlrNr9K23Q3us5OHAQzKAygeER+htZAFGxv3obttZ
UKBOVODFY+pQj36DkzkvKVb2Hw2FhLbZcVikFCqXAiaT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org