Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/94fZaIDiqGT4oJjomzXm-L0WiNE.roa
File: 94fZaIDiqGT4oJjomzXm-L0WiNE.roa (raw, json)
Hash identifier: loaEAns6AZg793SPdp2fIkL/c2uRXx7rKRgI3s1/2Rs=
Subject key identifier: F7:87:D9:68:80:E2:A8:64:F8:A0:98:E8:9B:35:E6:F8:BD:16:88:D1
Certificate issuer: /CN=64b59ae521952da55e03f779b885031c0c809cf9
Certificate serial: 0193E432944918C4204C048F10C9E25D54F5
Authority key identifier: 64:B5:9A:E5:21:95:2D:A5:5E:03:F7:79:B8:85:03:1C:0C:80:9C:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/94fZaIDiqGT4oJjomzXm-L0WiNE.roa
Signing time: Fri 20 Dec 2024 13:12:19 +0000
ROA not before: Fri 20 Dec 2024 13:12:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210897
IP address blocks: 103.56.172.0/24 maxlen: 24
193.23.125.0/24 maxlen: 24
194.8.135.0/24 maxlen: 24
2a11:2b80::/48 maxlen: 48
2a11:2b80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e4:32:94:49:18:c4:20:4c:04:8f:10:c9:e2:5d:54:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64b59ae521952da55e03f779b885031c0c809cf9
Validity
Not Before: Dec 20 13:12:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f787d96880e2a864f8a098e89b35e6f8bd1688d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e9:01:4c:2d:61:52:dd:fc:ab:08:7a:ed:ca:
06:9e:92:ae:3e:85:5c:59:1d:4a:26:59:9c:de:32:
2f:84:02:e4:31:d4:ba:c0:95:cb:60:98:6e:6d:cf:
56:69:f8:b0:98:92:83:e7:69:9d:dd:98:b7:49:32:
4f:5e:96:94:be:9d:38:97:03:f6:2c:db:bf:ca:95:
6a:23:ea:97:5f:d1:80:ff:ce:e5:5f:dc:1a:6c:f9:
f7:72:c5:e9:da:b4:89:7b:6d:c9:be:d5:cb:b2:06:
fc:c0:eb:6e:d0:3c:15:e9:5e:7f:ea:a0:c9:a9:40:
94:ac:f1:09:3f:a2:fb:cc:48:35:2f:39:f7:77:87:
40:d8:8b:1a:8e:7a:8c:e0:fb:a7:49:0a:1c:cf:62:
b3:0b:37:99:92:42:2d:bb:0f:2b:b3:18:dd:d5:06:
fb:a2:8f:06:45:63:ce:27:9c:c4:da:ca:44:3f:bb:
1a:f9:bb:63:04:b6:b6:05:d8:9b:88:21:c9:20:8a:
47:a1:f4:67:a6:f9:af:87:c9:c2:fc:d0:04:e3:bc:
61:99:0d:06:59:03:47:33:73:9a:b0:27:c9:3c:b8:
f4:2b:fe:d7:ef:17:98:1d:89:e2:88:2e:ec:76:9a:
cf:b2:96:27:ae:8d:f1:37:e7:e6:ba:53:08:97:33:
9c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:87:D9:68:80:E2:A8:64:F8:A0:98:E8:9B:35:E6:F8:BD:16:88:D1
X509v3 Authority Key Identifier:
keyid:64:B5:9A:E5:21:95:2D:A5:5E:03:F7:79:B8:85:03:1C:0C:80:9C:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/94fZaIDiqGT4oJjomzXm-L0WiNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.56.172.0/24
193.23.125.0/24
194.8.135.0/24
IPv6:
2a11:2b80::/47
Signature Algorithm: sha256WithRSAEncryption
55:e4:a7:cd:9c:e7:5d:71:3e:0f:1b:d7:9e:a5:73:cb:72:5f:
c6:3f:8b:4b:de:1e:8b:99:93:19:b7:ea:e2:c4:07:c5:e7:14:
27:71:5d:e7:70:fe:04:fb:b9:29:38:e1:a8:e8:7f:51:fd:e8:
63:6b:42:73:04:80:ac:cf:e3:c0:02:c3:28:8d:02:a9:55:71:
d9:82:b3:1b:15:41:0a:8f:02:b8:fd:82:a3:22:71:ce:71:e2:
c9:c3:5a:5d:82:f5:71:33:05:40:ce:51:7a:02:f6:68:00:51:
da:d4:13:13:e5:55:06:c7:c5:33:f0:a6:42:bc:40:e1:92:6e:
78:f1:60:5d:d5:96:61:14:cd:a0:74:ea:e2:88:cf:21:6d:14:
50:20:5b:31:c6:87:71:58:4f:dc:22:0d:7c:22:e4:81:84:fc:
4c:03:f6:9a:2d:e8:37:f7:e4:fe:8c:a7:01:18:71:20:de:55:
26:2a:5e:51:7d:eb:73:e6:be:99:18:d8:7f:0b:ad:8f:e9:07:
57:b6:f5:a7:46:e7:f2:de:13:d1:45:6f:eb:d1:c0:37:5a:fa:
41:da:4f:a6:1a:2c:d1:bf:7a:47:e3:b8:9d:ab:58:9c:bb:57:
9f:b4:2d:be:65:5d:2c:3d:48:35:53:42:d0:51:58:82:07:41:
8b:36:24:20
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZPkMpRJGMQgTASPEMniXVT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjU5YWU1MjE5NTJkYTU1ZTAzZjc3OWI4ODUwMzFjMGM4
MDljZjkwHhcNMjQxMjIwMTMxMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzg3ZDk2ODgwZTJhODY0ZjhhMDk4ZTg5YjM1ZTZmOGJkMTY4OGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvekBTC1hUt38qwh67coGnpKuPoVc
WR1KJlmc3jIvhALkMdS6wJXLYJhubc9WafiwmJKD52md3Zi3STJPXpaUvp04lwP2
LNu/ypVqI+qXX9GA/87lX9wabPn3csXp2rSJe23JvtXLsgb8wOtu0DwV6V5/6qDJ
qUCUrPEJP6L7zEg1Lzn3d4dA2IsajnqM4PunSQocz2KzCzeZkkItuw8rsxjd1Qb7
oo8GRWPOJ5zE2spEP7sa+btjBLa2BdibiCHJIIpHofRnpvmvh8nC/NAE47xhmQ0G
WQNHM3OasCfJPLj0K/7X7xeYHYniiC7sdprPspYnro3xN+fmulMIlzOcYQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPeH2WiA4qhk+KCY6Js15vi9FojRMB8GA1UdIwQY
MBaAFGS1muUhlS2lXgP3ebiFAxwMgJz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxXYTVTR1ZMYVZlQV9kNXVJVURIQXlBblBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82YTZiMjItZmU2Ny00MjAyLWFjOTQt
NTFhZDAwZTU0MzMyLzEvOTRmWmFJRGlxR1Q0b0pqb216WG0tTDBXaU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82YTZiMjItZmU2Ny00MjAyLWFjOTQtNTFhZDAwZTU0MzMy
LzEvWkxXYTVTR1ZMYVZlQV9kNXVJVURIQXlBblBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAZzisAwQA
wRd9AwQAwgiHMA8EAgACMAkDBwEqESuAAAAwDQYJKoZIhvcNAQELBQADggEBAFXk
p82c511xPg8b156lc8tyX8Y/i0veHouZkxm36uLEB8XnFCdxXedw/gT7uSk44ajo
f1H96GNrQnMEgKzP48ACwyiNAqlVcdmCsxsVQQqPArj9gqMicc5x4snDWl2C9XEz
BUDOUXoC9mgAUdrUExPlVQbHxTPwpkK8QOGSbnjxYF3VlmEUzaB06uKIzyFtFFAg
WzHGh3FYT9wiDXwi5IGE/EwD9pot6Df35P6MpwEYcSDeVSYqXlF963PmvpkY2H8L
rY/pB1e29adG5/LeE9FFb+vRwDda+kHaT6YaLNG/ekfjuJ2rWJy7V5+0Lb5lXSw9
SDVTQtBRWIIHQYs2JCA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:23:11 2025 by rpki-client