Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/WzlutP-tRr2X_5CpX9_SlSG8Q6I.roa
File: WzlutP-tRr2X_5CpX9_SlSG8Q6I.roa (raw, json)
Hash identifier: 5MoOLum7u1kuMn/2lF2tidvS2BAKIYH3dEdcvEv6KIU=
Subject key identifier: 5B:39:6E:B4:FF:AD:46:BD:97:FF:90:A9:5F:DF:D2:95:21:BC:43:A2
Certificate issuer: /CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Certificate serial: 019266B06340F1153CB9E3E416AA766ECCE4
Authority key identifier: 90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/WzlutP-tRr2X_5CpX9_SlSG8Q6I.roa
Signing time: Mon 07 Oct 2024 11:14:48 +0000
ROA not before: Mon 07 Oct 2024 11:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205544
IP address blocks: 23.106.32.0/21 maxlen: 21
23.106.56.0/21 maxlen: 21
23.106.232.0/21 maxlen: 21
173.208.48.0/21 maxlen: 21
173.234.72.0/21 maxlen: 21
173.234.136.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 07 Oct 2024 14:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:b0:63:40:f1:15:3c:b9:e3:e4:16:aa:76:6e:cc:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Validity
Not Before: Oct 7 11:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b396eb4ffad46bd97ff90a95fdfd29521bc43a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fc:29:a7:21:73:26:c7:cd:93:f5:50:d5:1e:
d7:0d:0e:77:31:59:07:df:7d:3f:13:e0:11:19:98:
50:14:0f:f8:86:10:a6:86:28:f4:d8:9f:d5:3d:64:
41:ea:de:03:e8:90:b0:45:d7:eb:32:4f:e4:59:ff:
1d:bb:65:92:c8:59:62:b2:de:b5:25:d2:88:a8:f4:
a0:9e:24:b1:5f:d3:80:47:cd:b0:62:81:a7:ea:28:
71:27:90:38:a3:76:de:14:2b:9b:14:45:12:ae:76:
86:3a:be:88:21:f1:9f:e6:b6:f2:cb:41:fd:1d:ae:
34:bf:f5:74:f9:44:a8:2c:dd:ae:4c:3d:2f:ca:f3:
4b:c4:01:ea:04:e4:88:c3:e3:df:94:ef:b6:58:72:
78:4a:9c:da:1c:be:b3:a7:2f:d4:89:fa:16:d8:7a:
e4:01:99:67:c9:b5:46:f3:3b:53:70:dd:31:b1:4d:
7b:19:02:fe:b3:1c:c6:6f:6c:ad:fa:90:52:3f:65:
55:2b:6a:46:78:4f:04:f6:a3:3b:51:d2:64:83:e2:
c0:13:37:b7:13:22:b3:57:c1:62:1c:db:70:02:ba:
09:9b:9e:d1:02:4b:38:8f:08:5b:87:3a:2c:23:48:
44:a2:d0:94:1c:61:fb:f5:d9:ae:fc:49:40:68:1f:
df:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:39:6E:B4:FF:AD:46:BD:97:FF:90:A9:5F:DF:D2:95:21:BC:43:A2
X509v3 Authority Key Identifier:
keyid:90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/WzlutP-tRr2X_5CpX9_SlSG8Q6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.106.32.0/21
23.106.56.0/21
23.106.232.0/21
173.208.48.0/21
173.234.72.0/21
173.234.136.0/21
Signature Algorithm: sha256WithRSAEncryption
5d:78:71:5c:0b:1b:cc:b9:9f:bc:cd:d6:e0:40:65:53:9b:43:
ac:d1:7d:f5:8d:ce:fc:36:04:5f:68:44:eb:b2:e2:2e:72:92:
73:76:c4:bc:04:fe:f6:6b:0c:8c:7b:44:c5:e5:fd:ec:7d:e6:
bd:a6:76:a9:5c:c2:4a:73:bd:78:88:92:99:dd:a8:43:97:a0:
29:bc:b8:c4:18:b9:d5:47:2f:44:e2:e8:73:9b:a3:82:ec:e9:
64:db:d2:0e:cf:e0:9a:d6:6f:8c:39:2a:48:b2:b1:f3:d6:9e:
b5:48:f3:e7:f0:f4:77:3c:67:43:2b:63:f9:f4:e1:a2:9e:07:
85:c2:db:7e:ae:cb:56:81:87:dd:ca:33:f1:53:37:70:b4:e3:
dc:62:82:5f:db:a7:f7:a6:71:a4:e9:90:1c:dd:10:3e:b3:0e:
94:13:03:f5:ca:8a:5b:ce:62:12:1f:c7:6e:5e:68:31:ce:74:
02:04:bd:54:d7:73:79:5e:6f:5a:62:69:97:82:e2:8a:2f:c1:
f2:75:82:b4:d3:2b:13:72:aa:df:a5:fa:26:a4:a0:f9:80:7b:
1b:4d:b9:17:30:c6:50:a7:33:f3:bc:3d:65:75:b3:ad:f2:cd:
b3:69:bc:72:c1:08:cb:7a:97:c3:3a:ee:43:c3:e8:d2:fa:8c:
18:af:9f:c5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZJmsGNA8RU8uePkFqp2bszkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZGZmMzFkMWIwNDQ0ZDQyMDRkZTE1ODRkMDBkZGY5Njhk
MGIwMTIwHhcNMjQxMDA3MTExNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjM5NmViNGZmYWQ0NmJkOTdmZjkwYTk1ZmRmZDI5NTIxYmM0M2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfwppyFzJsfNk/VQ1R7XDQ53MVkH
330/E+ARGZhQFA/4hhCmhij02J/VPWRB6t4D6JCwRdfrMk/kWf8du2WSyFlist61
JdKIqPSgniSxX9OAR82wYoGn6ihxJ5A4o3beFCubFEUSrnaGOr6IIfGf5rbyy0H9
Ha40v/V0+USoLN2uTD0vyvNLxAHqBOSIw+PflO+2WHJ4SpzaHL6zpy/UifoW2Hrk
AZlnybVG8ztTcN0xsU17GQL+sxzGb2yt+pBSP2VVK2pGeE8E9qM7UdJkg+LAEze3
EyKzV8FiHNtwAroJm57RAks4jwhbhzosI0hEotCUHGH79dmu/ElAaB/fPwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFs5brT/rUa9l/+QqV/f0pUhvEOiMB8GA1UdIwQY
MBaAFJDf8x0bBETUIE3hWE0A3flo0LASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUt
OWYyMTRkMWJhOTM0LzEvV3psdXRQLXRScjJYXzVDcFg5X1NsU0c4UTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUtOWYyMTRkMWJhOTM0
LzEva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDF2ogAwQD
F2o4AwQDF2roAwQDrdAwAwQDrepIAwQDreqIMA0GCSqGSIb3DQEBCwUAA4IBAQBd
eHFcCxvMuZ+8zdbgQGVTm0Os0X31jc78NgRfaETrsuIucpJzdsS8BP72awyMe0TF
5f3sfea9pnapXMJKc714iJKZ3ahDl6ApvLjEGLnVRy9E4uhzm6OC7Olk29IOz+Ca
1m+MOSpIsrHz1p61SPPn8PR3PGdDK2P59OGingeFwtt+rstWgYfdyjPxUzdwtOPc
YoJf26f3pnGk6ZAc3RA+sw6UEwP1yopbzmISH8duXmgxznQCBL1U13N5Xm9aYmmX
guKKL8HydYK00ysTcqrfpfompKD5gHsbTbkXMMZQpzPzvD1ldbOt8s2zabxywQjL
epfDOu5Dw+jS+owYr5/F
-----END CERTIFICATE-----
Generated at Mon Oct 7 19:10:56 2024 by rpki-client on console-ams.rpki-client.org