Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/8Q2Sp5YF49qrhlAbdp4NybRiO-A.roa
File: 8Q2Sp5YF49qrhlAbdp4NybRiO-A.roa (raw, json)
Hash identifier: 2EaHU4iTBA4qra45QqrEcKSSvDkeeTp32tEDqWS6cfk=
Subject key identifier: F1:0D:92:A7:96:05:E3:DA:AB:86:50:1B:76:9E:0D:C9:B4:62:3B:E0
Certificate issuer: /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial: 01856FD4FA36DFD00455CE463F8C999FD4DE
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/8Q2Sp5YF49qrhlAbdp4NybRiO-A.roa
Signing time: Mon 02 Jan 2023 00:15:06 +0000
ROA not before: Mon 02 Jan 2023 00:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135377
IP address blocks: 23.90.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:fa:36:df:d0:04:55:ce:46:3f:8c:99:9f:d4:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Validity
Not Before: Jan 2 00:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f10d92a79605e3daab86501b769e0dc9b4623be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a6:38:f2:f1:31:e4:01:03:f1:ec:f7:e9:d1:
dd:5e:a9:4c:a5:8e:45:92:2a:5f:15:66:ca:ba:93:
d2:83:c2:b6:8d:53:9c:43:68:ea:dc:30:48:ff:d0:
f1:90:fa:a2:fe:f0:c3:62:f6:a6:41:04:ec:5b:62:
8d:eb:55:72:39:38:0a:0b:62:6a:13:3c:4a:d1:62:
46:f4:ba:fe:e4:1b:1c:82:3c:1c:4f:3b:9e:17:94:
6f:96:e9:32:4c:4e:d9:33:f8:49:43:3a:09:59:04:
a6:d8:a7:23:89:6d:8d:b5:53:7b:06:81:03:a0:91:
17:2f:8b:57:d6:d9:1b:e0:0c:02:31:fa:e1:d7:3c:
b1:48:ae:30:d0:e1:45:e3:da:a5:8c:57:70:f9:06:
11:fe:2f:62:69:6d:b1:e8:c4:05:12:ac:5c:f9:11:
2c:bb:7d:45:6f:32:78:23:76:e1:98:6f:e3:8f:c1:
e6:64:68:b7:fd:0f:3b:01:0a:42:32:67:05:3a:9f:
5a:f3:d6:15:4b:1d:fc:45:9b:ea:bd:d5:d3:ec:28:
0d:95:82:68:10:76:b5:4d:ef:5b:82:5c:a5:30:6e:
39:3f:46:17:93:15:4e:00:a7:99:4c:84:1c:8a:04:
fa:bb:6a:db:43:0c:a2:22:95:90:a8:ed:c1:b3:13:
64:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:0D:92:A7:96:05:E3:DA:AB:86:50:1B:76:9E:0D:C9:B4:62:3B:E0
X509v3 Authority Key Identifier:
keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/8Q2Sp5YF49qrhlAbdp4NybRiO-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.90.156.0/24
Signature Algorithm: sha256WithRSAEncryption
94:98:9c:c5:12:fe:fb:f3:08:3b:2c:64:2f:f8:ef:b1:51:df:
72:3f:5a:ea:b9:dc:1f:36:50:f7:81:29:52:a0:d7:de:c4:9a:
c3:5c:f6:5a:5b:be:b5:13:f9:b9:4b:6a:40:d6:b4:10:43:2e:
4a:41:9d:68:61:14:d1:89:ba:d3:2a:de:84:12:5f:6f:61:b5:
98:d3:fa:e5:13:3f:c6:14:f0:57:2b:97:32:aa:75:74:73:b1:
b4:f0:2a:00:59:47:6f:8c:32:0c:79:1f:88:c5:43:e7:ec:d1:
f9:cd:34:f5:da:10:ac:55:09:a9:af:18:d4:cd:a6:9b:80:60:
3b:ee:92:0c:61:04:47:6a:70:a5:76:8a:fe:23:ba:80:95:65:
4a:f1:30:73:c9:cb:1e:a2:5c:7f:0d:04:7f:19:59:88:de:4b:
01:e5:95:82:fc:f9:27:c2:a5:9a:f9:39:ea:1e:88:58:bf:eb:
73:44:9d:73:be:31:d3:32:f0:d7:41:10:fb:9b:e7:5a:93:00:
63:ac:7e:c1:9a:3e:40:91:b9:4c:55:d6:3f:fd:e0:dd:a3:bb:
33:b4:ec:4a:b6:34:41:db:fd:ac:12:93:6d:d7:19:46:0f:65:
bf:23:82:9d:48:d6:d0:b0:e4:b3:6a:f2:e9:a6:7e:dd:b1:3f:
d2:eb:a9:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1Po239AEVc5GP4yZn9TeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Nzc2Yzc3ZjhlYmU3MDk0Y2EwMDdhY2UxYTljMGJmZGMy
YjNhZWMwHhcNMjMwMTAyMDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTBkOTJhNzk2MDVlM2RhYWI4NjUwMWI3NjllMGRjOWI0NjIzYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaY48vEx5AED8ez36dHdXqlMpY5F
kipfFWbKupPSg8K2jVOcQ2jq3DBI/9DxkPqi/vDDYvamQQTsW2KN61VyOTgKC2Jq
EzxK0WJG9Lr+5BscgjwcTzueF5RvlukyTE7ZM/hJQzoJWQSm2KcjiW2NtVN7BoED
oJEXL4tX1tkb4AwCMfrh1zyxSK4w0OFF49qljFdw+QYR/i9iaW2x6MQFEqxc+REs
u31FbzJ4I3bhmG/jj8HmZGi3/Q87AQpCMmcFOp9a89YVSx38RZvqvdXT7CgNlYJo
EHa1Te9bglylMG45P0YXkxVOAKeZTIQcigT6u2rbQwyiIpWQqO3BsxNk+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPENkqeWBePaq4ZQG3aeDcm0YjvgMB8GA1UdIwQY
MBaAFCV3bHf46+cJTKAHrOGpwL/cKzrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQt
ZTdkYWVjMTk0YTY5LzEvOFEyU3A1WUY0OXFyaGxBYmRwNE55YlJpTy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQtZTdkYWVjMTk0YTY5
LzEvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAF1qcMA0G
CSqGSIb3DQEBCwUAA4IBAQCUmJzFEv778wg7LGQv+O+xUd9yP1rqudwfNlD3gSlS
oNfexJrDXPZaW761E/m5S2pA1rQQQy5KQZ1oYRTRibrTKt6EEl9vYbWY0/rlEz/G
FPBXK5cyqnV0c7G08CoAWUdvjDIMeR+IxUPn7NH5zTT12hCsVQmprxjUzaabgGA7
7pIMYQRHanCldor+I7qAlWVK8TBzycseolx/DQR/GVmI3ksB5ZWC/PknwqWa+Tnq
HohYv+tzRJ1zvjHTMvDXQRD7m+dakwBjrH7Bmj5AkblMVdY//eDdo7sztOxKtjRB
2/2sEpNt1xlGD2W/I4KdSNbQsOSzavLppn7dsT/S66mW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:50 2024 by rpki-client on console-ams.rpki-client.org