Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/zl41ONNqru8P4IUYjryzBnFfinE.roa
File: zl41ONNqru8P4IUYjryzBnFfinE.roa (raw, json)
Hash identifier: 74NdLP7qJdRw5L7tcLgrg86nJM5a9kuZyw6AW+dGVbk=
Subject key identifier: CE:5E:35:38:D3:6A:AE:EF:0F:E0:85:18:8E:BC:B3:06:71:5F:8A:71
Certificate issuer: /CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Certificate serial: 019121ABAD289F905096BF40B5EBBE9CC28A
Authority key identifier: 90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/zl41ONNqru8P4IUYjryzBnFfinE.roa
Signing time: Mon 05 Aug 2024 08:33:04 +0000
ROA not before: Mon 05 Aug 2024 08:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205544
IP address blocks: 23.106.56.0/21 maxlen: 21
173.234.136.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 05 Aug 2024 12:16:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:21:ab:ad:28:9f:90:50:96:bf:40:b5:eb:be:9c:c2:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Validity
Not Before: Aug 5 08:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce5e3538d36aaeef0fe085188ebcb306715f8a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:06:bf:14:7d:a3:88:21:b3:86:bb:6b:2c:0e:
02:7f:73:b5:a2:2a:1e:ec:a4:68:95:73:43:d4:22:
65:d2:01:36:68:72:19:eb:1f:af:10:93:65:f5:ea:
f5:9c:ff:31:c8:f9:8f:ab:ca:fb:e4:9f:37:bb:cb:
73:9f:17:e1:62:80:96:c9:49:45:0e:97:6c:a5:be:
62:03:11:60:27:7f:60:c9:f4:37:e5:fd:ae:c6:db:
44:b0:49:ac:ea:ec:6d:62:45:ab:85:79:21:f6:d9:
77:62:0c:48:42:ac:f9:56:8e:1c:68:8d:a3:55:00:
60:4f:de:b5:7a:e0:a7:f5:9b:18:29:ab:bc:27:a6:
bd:bf:03:ef:d4:82:44:3d:92:fd:c5:b4:3d:e3:42:
d9:a9:dc:f9:4a:9b:10:02:cd:fc:0a:78:61:76:f5:
cc:a7:8e:5f:b3:f8:51:b0:e9:4f:36:e8:6c:54:23:
2c:63:5f:3a:41:64:54:3a:9a:b6:87:52:b5:61:a2:
2f:2a:db:a8:a8:0a:c0:6c:db:9b:6f:82:e6:23:9e:
a4:9f:58:f2:bf:5f:33:f2:ce:ea:1b:8e:87:54:aa:
f8:6e:94:90:1b:86:53:cb:6f:f5:da:fc:e6:34:76:
e3:e2:7d:c0:c5:5d:0a:10:6c:02:7e:ad:b5:ab:7e:
53:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5E:35:38:D3:6A:AE:EF:0F:E0:85:18:8E:BC:B3:06:71:5F:8A:71
X509v3 Authority Key Identifier:
keyid:90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/zl41ONNqru8P4IUYjryzBnFfinE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.106.56.0/21
173.234.136.0/21
Signature Algorithm: sha256WithRSAEncryption
00:a6:ce:6b:56:78:a1:ba:a5:82:16:6d:a1:5c:40:15:93:e2:
09:f9:e7:0e:20:55:90:c5:6b:c2:c8:18:5f:47:98:1d:96:44:
56:28:3b:12:94:77:f8:c2:a4:f9:f0:62:a8:b7:91:83:41:84:
60:f2:31:f9:f3:78:d0:b0:48:16:b0:9e:8f:ac:77:70:c3:a5:
24:7c:76:29:c0:2b:59:0f:6b:37:6f:73:5d:dc:dd:59:00:84:
5a:53:f0:44:fd:fd:11:9a:ff:2b:e7:00:a9:93:0d:3d:05:ab:
0c:3e:c5:53:49:c8:81:da:c7:14:5c:8b:f4:2e:db:20:b3:91:
d5:3f:69:bb:dc:3d:3b:94:b2:b6:7e:52:d7:1c:f4:8a:31:b3:
ac:ec:7d:c9:25:fc:99:89:d5:9c:c5:d9:b9:f2:ae:d4:ae:82:
e3:36:b7:02:49:f3:26:1c:57:b4:b2:3c:85:d6:74:3c:a7:77:
e3:ab:4e:71:c5:19:a6:6b:f5:06:56:ea:ae:51:c8:f4:df:d4:
e2:39:a5:5e:d6:9a:a2:8b:c7:de:1f:99:c2:7d:ba:f0:7c:67:
67:80:ea:8e:a4:8a:7a:de:13:58:1f:76:6b:94:e7:07:49:01:
c5:9b:94:0e:20:06:0f:75:0b:52:31:59:f2:d3:88:b1:b4:93:
7f:b8:67:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEhq60on5BQlr9Ateu+nMKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZGZmMzFkMWIwNDQ0ZDQyMDRkZTE1ODRkMDBkZGY5Njhk
MGIwMTIwHhcNMjQwODA1MDgzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTVlMzUzOGQzNmFhZWVmMGZlMDg1MTg4ZWJjYjMwNjcxNWY4YTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ga/FH2jiCGzhrtrLA4Cf3O1oioe
7KRolXND1CJl0gE2aHIZ6x+vEJNl9er1nP8xyPmPq8r75J83u8tznxfhYoCWyUlF
Dpdspb5iAxFgJ39gyfQ35f2uxttEsEms6uxtYkWrhXkh9tl3YgxIQqz5Vo4caI2j
VQBgT961euCn9ZsYKau8J6a9vwPv1IJEPZL9xbQ940LZqdz5SpsQAs38CnhhdvXM
p45fs/hRsOlPNuhsVCMsY186QWRUOpq2h1K1YaIvKtuoqArAbNubb4LmI56kn1jy
v18z8s7qG46HVKr4bpSQG4ZTy2/12vzmNHbj4n3AxV0KEGwCfq21q35TsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM5eNTjTaq7vD+CFGI68swZxX4pxMB8GA1UdIwQY
MBaAFJDf8x0bBETUIE3hWE0A3flo0LASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUt
OWYyMTRkMWJhOTM0LzEvemw0MU9OTnFydThQNElVWWpyeXpCbkZmaW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUtOWYyMTRkMWJhOTM0
LzEva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDF2o4AwQD
reqIMA0GCSqGSIb3DQEBCwUAA4IBAQAAps5rVnihuqWCFm2hXEAVk+IJ+ecOIFWQ
xWvCyBhfR5gdlkRWKDsSlHf4wqT58GKot5GDQYRg8jH583jQsEgWsJ6PrHdww6Uk
fHYpwCtZD2s3b3Nd3N1ZAIRaU/BE/f0Rmv8r5wCpkw09BasMPsVTSciB2scUXIv0
Ltsgs5HVP2m73D07lLK2flLXHPSKMbOs7H3JJfyZidWcxdm58q7UroLjNrcCSfMm
HFe0sjyF1nQ8p3fjq05xxRmma/UGVuquUcj039TiOaVe1pqii8feH5nCfbrwfGdn
gOqOpIp63hNYH3ZrlOcHSQHFm5QOIAYPdQtSMVny04ixtJN/uGdm
-----END CERTIFICATE-----
Generated at Mon Aug 5 15:20:47 2024 by rpki-client on console-ams.rpki-client.org