Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/MlP9T8zUCiiXStDeEy-iAfnDXzY.roa
File: MlP9T8zUCiiXStDeEy-iAfnDXzY.roa (raw, json)
Hash identifier: P63oFkW0RqGMx6KK5TfkkcSvOWfYoGGDGIV0sU23fDo=
Subject key identifier: 32:53:FD:4F:CC:D4:0A:28:97:4A:D0:DE:13:2F:A2:01:F9:C3:5F:36
Certificate issuer: /CN=1003cd25315330350d73f2a3579aa95e052b718d
Certificate serial: 018CC79574D95BB8F4FECAB78DEC5C8461F7
Authority key identifier: 10:03:CD:25:31:53:30:35:0D:73:F2:A3:57:9A:A9:5E:05:2B:71:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EAPNJTFTMDUNc_KjV5qpXgUrcY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/MlP9T8zUCiiXStDeEy-iAfnDXzY.roa
Signing time: Tue 02 Jan 2024 00:31:49 +0000
ROA not before: Tue 02 Jan 2024 00:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16116
IP address blocks: 212.90.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 20 Jun 2024 07:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:74:d9:5b:b8:f4:fe:ca:b7:8d:ec:5c:84:61:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1003cd25315330350d73f2a3579aa95e052b718d
Validity
Not Before: Jan 2 00:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3253fd4fccd40a28974ad0de132fa201f9c35f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b4:19:7b:28:bc:b2:6e:d2:0f:41:1f:43:c8:
70:50:f4:dd:8a:b5:44:45:eb:2e:7e:b5:bf:89:8d:
b2:5f:20:a3:92:c0:96:99:2e:f1:30:2c:07:9f:aa:
e5:7c:a8:2a:4a:0c:f0:68:8b:73:83:83:a4:80:c9:
a5:1d:ad:01:0d:f6:30:27:95:5e:67:b3:77:94:1c:
84:67:a0:36:e5:40:da:7f:c0:c8:5a:67:32:ff:41:
28:ec:5d:32:6b:59:e7:8e:9b:10:ba:5f:bd:a7:13:
2b:ad:cc:9b:7f:aa:69:c1:ba:f1:5a:41:c1:9d:27:
ee:dd:63:2b:b9:79:ad:70:47:e9:ef:a4:57:30:47:
1d:56:3f:81:7a:00:cd:b6:d9:20:67:89:bc:9f:57:
c7:86:ea:39:28:22:02:11:45:ba:0c:26:c4:6e:61:
f8:cf:c2:70:0d:57:3d:cf:e9:e7:92:f9:0e:9c:3a:
8d:8d:c1:70:9b:d6:c1:ca:ab:d0:d4:02:a8:41:5e:
ca:79:82:69:c5:41:a5:c1:45:5b:d7:71:31:df:f8:
6b:b0:02:f6:fc:b0:27:79:b4:3b:67:fa:16:92:6c:
23:13:3e:70:ce:26:07:a8:32:2f:7a:3b:32:e7:d0:
41:f3:be:43:11:dc:ad:6d:65:0e:b1:24:da:fb:4f:
d3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:53:FD:4F:CC:D4:0A:28:97:4A:D0:DE:13:2F:A2:01:F9:C3:5F:36
X509v3 Authority Key Identifier:
keyid:10:03:CD:25:31:53:30:35:0D:73:F2:A3:57:9A:A9:5E:05:2B:71:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAPNJTFTMDUNc_KjV5qpXgUrcY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/MlP9T8zUCiiXStDeEy-iAfnDXzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/EAPNJTFTMDUNc_KjV5qpXgUrcY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.90.108.0/22
Signature Algorithm: sha256WithRSAEncryption
28:a7:63:14:5b:f1:47:45:1c:7e:6f:50:d7:a2:72:b9:4f:26:
99:ca:89:c2:1d:91:be:3d:93:1a:b6:bf:b1:a2:99:2e:e3:db:
a0:c5:e4:ee:23:bc:b2:cc:9a:26:71:9c:c6:7a:a5:b3:44:a2:
cf:a2:77:fe:47:3f:8d:3c:76:94:ff:bc:fc:5f:5e:02:e8:15:
34:3c:dc:b9:ed:66:24:b9:d7:8d:7a:e7:db:85:2a:4a:e2:24:
e0:ee:db:d1:0c:03:30:5e:cd:84:f9:2f:06:38:0f:49:09:44:
14:6a:b7:54:fc:37:73:50:fa:ad:2c:53:f3:25:14:92:a4:87:
cc:14:1f:8d:74:bf:4a:1a:0f:c5:1f:1a:e9:bd:61:9d:7d:93:
a0:4d:f7:b7:a6:ce:e4:71:3f:49:32:d2:9b:cb:98:83:96:58:
92:e7:ce:6c:fd:b6:8e:67:72:5f:48:11:ff:23:01:0e:58:98:
35:af:38:54:79:b8:89:a3:3e:c7:1f:68:83:27:b2:6f:ab:e0:
ac:30:f7:0b:81:12:62:40:90:9b:b7:f2:c2:60:47:19:72:1b:
20:e9:84:88:9b:5c:a6:ee:56:12:8a:48:76:f8:69:72:2a:e2:
bf:8b:d1:70:46:a7:02:79:70:61:e0:2f:cc:41:1a:da:be:92:
bd:6a:9b:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlXTZW7j0/sq3jexchGH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDNjZDI1MzE1MzMwMzUwZDczZjJhMzU3OWFhOTVlMDUy
YjcxOGQwHhcNMjQwMTAyMDAzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjUzZmQ0ZmNjZDQwYTI4OTc0YWQwZGUxMzJmYTIwMWY5YzM1ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7QZeyi8sm7SD0EfQ8hwUPTdirVE
ResufrW/iY2yXyCjksCWmS7xMCwHn6rlfKgqSgzwaItzg4OkgMmlHa0BDfYwJ5Ve
Z7N3lByEZ6A25UDaf8DIWmcy/0Eo7F0ya1nnjpsQul+9pxMrrcybf6ppwbrxWkHB
nSfu3WMruXmtcEfp76RXMEcdVj+BegDNttkgZ4m8n1fHhuo5KCICEUW6DCbEbmH4
z8JwDVc9z+nnkvkOnDqNjcFwm9bByqvQ1AKoQV7KeYJpxUGlwUVb13Ex3/hrsAL2
/LAnebQ7Z/oWkmwjEz5wziYHqDIvejsy59BB875DEdytbWUOsSTa+0/TpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJT/U/M1Aool0rQ3hMvogH5w182MB8GA1UdIwQY
MBaAFBADzSUxUzA1DXPyo1eaqV4FK3GNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFQTkpURlRNRFVOY19LalY1cXBYZ1VyY1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81OTcyMzItZjg0Ni00ZmQ3LWJjYzIt
NmFmZWY1ZDBkYWE2LzEvTWxQOVQ4elVDaWlYU3REZUV5LWlBZm5EWHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81OTcyMzItZjg0Ni00ZmQ3LWJjYzItNmFmZWY1ZDBkYWE2
LzEvRUFQTkpURlRNRFVOY19LalY1cXBYZ1VyY1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1FpsMA0G
CSqGSIb3DQEBCwUAA4IBAQAop2MUW/FHRRx+b1DXonK5TyaZyonCHZG+PZMatr+x
opku49ugxeTuI7yyzJomcZzGeqWzRKLPonf+Rz+NPHaU/7z8X14C6BU0PNy57WYk
udeNeufbhSpK4iTg7tvRDAMwXs2E+S8GOA9JCUQUardU/DdzUPqtLFPzJRSSpIfM
FB+NdL9KGg/FHxrpvWGdfZOgTfe3ps7kcT9JMtKby5iDlliS585s/baOZ3JfSBH/
IwEOWJg1rzhUebiJoz7HH2iDJ7Jvq+CsMPcLgRJiQJCbt/LCYEcZchsg6YSIm1ym
7lYSikh2+GlyKuK/i9FwRqcCeXBh4C/MQRravpK9apsO
-----END CERTIFICATE-----
Generated at Thu Jun 20 12:17:55 2024 by rpki-client on console-ams.rpki-client.org