Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/rxjTDQBWvh1Ii20kStGYFNlVbL0.roa
File: rxjTDQBWvh1Ii20kStGYFNlVbL0.roa (raw, json)
Hash identifier: dAUxb745vHjZym0JUyehbHOJJBDyFTPtp0CGHSR6lQE=
Subject key identifier: AF:18:D3:0D:00:56:BE:1D:48:8B:6D:24:4A:D1:98:14:D9:55:6C:BD
Certificate issuer: /CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Certificate serial: 01912277D6CD163D0F237933A45E05749B5F
Authority key identifier: 90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/rxjTDQBWvh1Ii20kStGYFNlVbL0.roa
Signing time: Mon 05 Aug 2024 12:16:04 +0000
ROA not before: Mon 05 Aug 2024 12:16:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205544
IP address blocks: 23.106.56.0/21 maxlen: 21
23.106.232.0/21 maxlen: 21
173.234.136.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 08 Aug 2024 11:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:77:d6:cd:16:3d:0f:23:79:33:a4:5e:05:74:9b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Validity
Not Before: Aug 5 12:16:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af18d30d0056be1d488b6d244ad19814d9556cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:12:fa:cc:08:b1:0b:0f:6c:d0:cc:79:7c:22:
af:97:23:8b:16:65:18:c2:69:69:aa:e9:8e:ee:91:
69:1b:02:48:fd:6f:c0:81:52:02:c7:3f:07:7e:0d:
a0:6a:55:30:d9:22:00:c4:46:c5:b8:0c:04:b5:4d:
6c:d4:c5:84:c6:b5:0c:f5:1b:37:9c:b3:ea:3d:6a:
b0:04:6d:71:ab:f2:63:56:d2:4f:dc:1e:2f:4c:5b:
fc:83:f5:f3:9b:80:10:d7:05:f0:90:52:67:11:3c:
14:cd:be:6a:f2:3a:f2:3c:c5:bb:7a:dd:8c:ac:5a:
e4:7f:5a:07:0c:dc:51:93:7c:5a:03:ee:b2:16:58:
83:ad:2f:4c:97:dc:1d:f4:cc:eb:79:71:0a:d3:70:
0f:ab:7d:2b:05:4c:e7:89:00:e7:0b:df:c7:17:da:
b5:79:fe:ce:a7:94:2f:8e:c1:05:f2:c8:de:81:e1:
31:e3:06:9b:69:ab:d2:d9:a6:a0:cc:54:7e:51:48:
cc:15:ad:db:54:fb:a4:51:77:55:3b:40:21:d7:13:
90:f6:18:15:93:a2:47:ac:33:e7:aa:72:ad:a9:fb:
95:88:e8:3d:b9:3d:88:02:1a:dc:3d:54:58:c8:93:
42:d0:49:7f:b1:d1:2c:06:33:0f:7a:7b:19:43:0c:
09:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:18:D3:0D:00:56:BE:1D:48:8B:6D:24:4A:D1:98:14:D9:55:6C:BD
X509v3 Authority Key Identifier:
keyid:90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/rxjTDQBWvh1Ii20kStGYFNlVbL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.106.56.0/21
23.106.232.0/21
173.234.136.0/21
Signature Algorithm: sha256WithRSAEncryption
38:ee:ca:7e:bb:69:83:20:2f:33:3b:a7:9e:7f:e8:e1:e2:e2:
11:84:36:ae:ee:20:19:75:c3:b2:7c:07:12:68:34:95:97:23:
d6:4f:34:6e:c7:f9:e4:e0:93:85:62:ee:a9:38:83:bd:76:46:
4e:54:86:93:a2:7a:24:28:19:e8:9a:f1:3c:68:4c:e8:2f:00:
be:07:30:37:8e:47:1f:16:34:cf:a8:d5:2c:f8:0e:c6:9f:90:
d7:90:e4:c6:de:27:9c:4b:90:03:60:48:ad:80:7d:3c:55:90:
bb:2b:87:9f:3a:d7:20:8c:82:a4:d3:3d:62:bb:c8:ba:ef:a9:
91:47:0a:ca:d5:3c:f3:c3:9a:ef:3d:ab:80:70:96:8f:bf:31:
af:3a:10:18:75:20:9b:0e:27:04:bc:40:06:d2:e0:bb:21:bd:
68:e4:4c:0c:9c:64:04:6e:3c:2d:5f:71:37:97:52:42:b8:4e:
74:e3:25:a4:e3:9c:30:55:34:fb:1d:ec:8a:6a:cd:ef:df:8e:
98:c5:4c:26:b7:a6:27:93:7c:63:d7:3e:22:3d:2b:cc:f4:4e:
3c:72:9c:f6:a8:2b:63:69:db:73:94:2b:03:a5:10:6c:3e:7a:
4d:bc:8d:04:19:23:38:4f:63:f3:95:c1:e5:6f:d7:3e:18:e4:
a9:d2:4b:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEid9bNFj0PI3kzpF4FdJtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZGZmMzFkMWIwNDQ0ZDQyMDRkZTE1ODRkMDBkZGY5Njhk
MGIwMTIwHhcNMjQwODA1MTIxNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjE4ZDMwZDAwNTZiZTFkNDg4YjZkMjQ0YWQxOTgxNGQ5NTU2Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6RL6zAixCw9s0Mx5fCKvlyOLFmUY
wmlpqumO7pFpGwJI/W/AgVICxz8Hfg2galUw2SIAxEbFuAwEtU1s1MWExrUM9Rs3
nLPqPWqwBG1xq/JjVtJP3B4vTFv8g/Xzm4AQ1wXwkFJnETwUzb5q8jryPMW7et2M
rFrkf1oHDNxRk3xaA+6yFliDrS9Ml9wd9MzreXEK03APq30rBUzniQDnC9/HF9q1
ef7Op5QvjsEF8sjegeEx4wabaavS2aagzFR+UUjMFa3bVPukUXdVO0Ah1xOQ9hgV
k6JHrDPnqnKtqfuViOg9uT2IAhrcPVRYyJNC0El/sdEsBjMPensZQwwJywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK8Y0w0AVr4dSIttJErRmBTZVWy9MB8GA1UdIwQY
MBaAFJDf8x0bBETUIE3hWE0A3flo0LASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUt
OWYyMTRkMWJhOTM0LzEvcnhqVERRQld2aDFJaTIwa1N0R1lGTmxWYkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUtOWYyMTRkMWJhOTM0
LzEva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDF2o4AwQD
F2roAwQDreqIMA0GCSqGSIb3DQEBCwUAA4IBAQA47sp+u2mDIC8zO6eef+jh4uIR
hDau7iAZdcOyfAcSaDSVlyPWTzRux/nk4JOFYu6pOIO9dkZOVIaTonokKBnomvE8
aEzoLwC+BzA3jkcfFjTPqNUs+A7Gn5DXkOTG3iecS5ADYEitgH08VZC7K4efOtcg
jIKk0z1iu8i676mRRwrK1Tzzw5rvPauAcJaPvzGvOhAYdSCbDicEvEAG0uC7Ib1o
5EwMnGQEbjwtX3E3l1JCuE504yWk45wwVTT7HeyKas3v346YxUwmt6Ynk3xj1z4i
PSvM9E48cpz2qCtjadtzlCsDpRBsPnpNvI0EGSM4T2PzlcHlb9c+GOSp0kv9
-----END CERTIFICATE-----
Generated at Thu Aug 8 13:04:23 2024 by rpki-client on console-fra.rpki-client.org