Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/u9r9IlFaycuLcf7LKVJD-ra2PrM.roa
File: u9r9IlFaycuLcf7LKVJD-ra2PrM.roa (raw, json)
Hash identifier: 1/n9qLp2GHAdwyxS8ZrwjejM8fl/Fevpb/gSXA1g4KA=
Subject key identifier: BB:DA:FD:22:51:5A:C9:CB:8B:71:FE:CB:29:52:43:FA:B6:B6:3E:B3
Certificate issuer: /CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Certificate serial: 019131A9E9F98E14715C96CE88F6F481D35A
Authority key identifier: 90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/u9r9IlFaycuLcf7LKVJD-ra2PrM.roa
Signing time: Thu 08 Aug 2024 11:05:04 +0000
ROA not before: Thu 08 Aug 2024 11:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205544
IP address blocks: 23.106.56.0/21 maxlen: 21
23.106.232.0/21 maxlen: 21
173.234.72.0/21 maxlen: 21
173.234.136.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 07 Oct 2024 11:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:a9:e9:f9:8e:14:71:5c:96:ce:88:f6:f4:81:d3:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Validity
Not Before: Aug 8 11:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbdafd22515ac9cb8b71fecb295243fab6b63eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ef:90:65:c9:ac:10:d6:ff:d8:95:e7:de:65:
d0:5a:e0:fb:da:7b:3f:31:1c:19:16:a5:33:44:12:
88:08:31:4f:e8:40:54:e6:ec:92:62:ee:ca:2e:37:
0b:4f:96:65:e6:12:57:b9:e5:1f:5f:d6:7e:11:4e:
d1:53:9a:dd:52:57:11:bc:75:d1:3b:70:8f:12:04:
75:5e:cd:26:99:43:a9:77:51:08:a8:df:6e:3f:cf:
74:85:a3:b4:f3:4e:9c:cc:20:00:58:c9:c6:32:b4:
fc:f9:84:8a:cc:0e:05:75:f1:77:74:ac:c9:bf:ec:
09:b9:34:f2:06:e3:fc:5a:87:65:89:12:58:95:db:
bf:16:a1:78:51:c6:0c:67:eb:a4:9e:72:ad:64:08:
a1:f8:5b:e0:7a:23:0d:f4:7a:81:86:5a:39:3d:75:
48:35:69:b8:ae:c7:80:2c:8b:ff:24:23:3f:e1:59:
0d:7f:26:fd:a2:bb:4a:7c:2f:a2:e6:5d:9b:b9:ad:
16:bc:25:d1:2d:55:76:cd:46:3a:ad:c4:65:41:71:
c5:5f:bb:b9:3f:32:74:32:7d:fe:51:3a:c7:9a:83:
6b:f7:44:7b:19:2b:a1:75:cd:c9:a2:a1:4f:0d:27:
fb:6e:23:dd:d7:47:1a:c6:a0:b8:56:14:38:6b:c7:
6c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:DA:FD:22:51:5A:C9:CB:8B:71:FE:CB:29:52:43:FA:B6:B6:3E:B3
X509v3 Authority Key Identifier:
keyid:90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/u9r9IlFaycuLcf7LKVJD-ra2PrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.106.56.0/21
23.106.232.0/21
173.234.72.0/21
173.234.136.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:41:b2:55:2f:f6:ed:6c:f8:d1:7f:8f:2c:74:95:7b:0f:fe:
d7:e1:76:12:7d:53:30:36:a5:4c:5b:06:d9:69:f4:bd:86:52:
ee:62:45:0b:e2:6d:1b:fc:da:8f:fa:2b:74:61:e3:7b:df:cd:
f3:5a:0a:a2:a5:6d:1b:a4:1e:1a:7b:a8:04:e2:af:32:a2:32:
3d:b7:a6:a2:92:25:1e:9e:6f:3e:d8:65:71:7e:94:0f:b8:37:
ab:fd:9c:08:2a:c0:85:6a:ee:0f:c3:fb:13:e8:af:c6:d3:51:
61:26:d6:1f:65:ac:6a:6c:05:b0:1a:8c:af:0c:37:a0:74:b7:
e2:14:47:05:fc:f5:3c:83:3b:22:15:6d:af:82:c3:26:96:0e:
f5:26:56:c3:e5:e4:ec:0f:6a:17:95:ff:d2:d3:96:69:fb:e1:
09:12:5d:1f:6a:45:04:88:65:87:ee:1b:17:b8:13:74:40:3e:
18:5e:46:4a:60:ae:82:37:c3:83:37:86:5c:2b:97:5e:bd:70:
2e:87:1c:d3:1d:8b:87:69:61:92:0d:39:66:e3:52:46:46:f2:
8b:92:89:ff:ad:52:da:c9:48:e1:18:09:f0:4a:ef:d7:18:b6:
fc:4e:b4:f4:cc:c6:b0:7e:11:66:be:ca:ed:ce:b7:81:64:ee:
57:54:63:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZExqen5jhRxXJbOiPb0gdNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZGZmMzFkMWIwNDQ0ZDQyMDRkZTE1ODRkMDBkZGY5Njhk
MGIwMTIwHhcNMjQwODA4MTEwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmRhZmQyMjUxNWFjOWNiOGI3MWZlY2IyOTUyNDNmYWI2YjYzZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu+QZcmsENb/2JXn3mXQWuD72ns/
MRwZFqUzRBKICDFP6EBU5uySYu7KLjcLT5Zl5hJXueUfX9Z+EU7RU5rdUlcRvHXR
O3CPEgR1Xs0mmUOpd1EIqN9uP890haO0806czCAAWMnGMrT8+YSKzA4FdfF3dKzJ
v+wJuTTyBuP8WodliRJYldu/FqF4UcYMZ+uknnKtZAih+FvgeiMN9HqBhlo5PXVI
NWm4rseALIv/JCM/4VkNfyb9ortKfC+i5l2bua0WvCXRLVV2zUY6rcRlQXHFX7u5
PzJ0Mn3+UTrHmoNr90R7GSuhdc3JoqFPDSf7biPd10caxqC4VhQ4a8dsoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLva/SJRWsnLi3H+yylSQ/q2tj6zMB8GA1UdIwQY
MBaAFJDf8x0bBETUIE3hWE0A3flo0LASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUt
OWYyMTRkMWJhOTM0LzEvdTlyOUlsRmF5Y3VMY2Y3TEtWSkQtcmEyUHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUtOWYyMTRkMWJhOTM0
LzEva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDF2o4AwQD
F2roAwQDrepIAwQDreqIMA0GCSqGSIb3DQEBCwUAA4IBAQCbQbJVL/btbPjRf48s
dJV7D/7X4XYSfVMwNqVMWwbZafS9hlLuYkUL4m0b/NqP+it0YeN7383zWgqipW0b
pB4ae6gE4q8yojI9t6aikiUenm8+2GVxfpQPuDer/ZwIKsCFau4Pw/sT6K/G01Fh
JtYfZaxqbAWwGoyvDDegdLfiFEcF/PU8gzsiFW2vgsMmlg71JlbD5eTsD2oXlf/S
05Zp++EJEl0fakUEiGWH7hsXuBN0QD4YXkZKYK6CN8ODN4ZcK5devXAuhxzTHYuH
aWGSDTlm41JGRvKLkon/rVLayUjhGAnwSu/XGLb8TrT0zMawfhFmvsrtzreBZO5X
VGOy
-----END CERTIFICATE-----
Generated at Mon Oct 7 16:59:06 2024 by rpki-client on console-fra.rpki-client.org