Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/qSrzo3qVMqj4zaq3u543pwIf08Y.roa
File: qSrzo3qVMqj4zaq3u543pwIf08Y.roa (raw, json)
Hash identifier: LYDeTwI3zBr3GGuj0jn/1OKRjRztVtLLntLWS/D/ipc=
Subject key identifier: A9:2A:F3:A3:7A:95:32:A8:F8:CD:AA:B7:BB:9E:37:A7:02:1F:D3:C6
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 01977CFC488715C55EB158188B9917E2C12D
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/qSrzo3qVMqj4zaq3u543pwIf08Y.roa
Signing time: Tue 17 Jun 2025 08:23:17 +0000
ROA not before: Tue 17 Jun 2025 08:23:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 103.216.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Jun 2025 19:46:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7c:fc:48:87:15:c5:5e:b1:58:18:8b:99:17:e2:c1:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Jun 17 08:23:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a92af3a37a9532a8f8cdaab7bb9e37a7021fd3c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:60:0e:a4:41:a7:28:b9:16:33:72:98:9f:7b:
43:a1:8d:c3:da:f3:d5:ae:46:48:9e:2b:7d:8d:ed:
10:45:71:17:30:03:15:b7:a0:22:d7:a3:52:eb:07:
db:d2:90:5e:69:a3:49:29:95:3b:b6:f7:db:d7:82:
f9:d7:e3:ed:8b:1c:ce:18:de:f7:38:61:b8:50:49:
3a:c1:5b:ac:31:05:92:25:bf:60:8f:0e:30:a9:cb:
c6:fd:b9:1a:25:b7:b1:cf:5f:a6:a7:ea:1a:9f:c4:
59:fb:a8:28:63:6c:b5:b6:d1:0b:a8:40:2b:14:62:
1d:d3:f1:0b:0e:bf:e6:20:9a:22:65:19:02:7d:44:
51:d3:18:66:95:35:85:fc:f2:c0:d4:a6:2d:a0:5a:
e5:61:a4:29:b7:98:97:26:62:1f:bb:96:a9:55:9e:
75:0e:e2:e9:50:d6:5f:e6:ff:17:48:c1:01:91:90:
0d:50:2d:55:31:ad:8d:ea:f6:4e:5b:c2:aa:52:14:
3c:9e:3c:9c:db:52:35:fd:77:31:da:a2:57:6f:ed:
c2:fa:2b:81:0d:b7:59:e9:5d:0b:a7:a8:5d:d0:d5:
63:33:9a:c0:d0:0f:e5:b8:63:79:61:b1:3b:6f:98:
9b:84:27:30:94:fe:db:79:a3:b3:1d:7f:61:ef:8a:
21:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:2A:F3:A3:7A:95:32:A8:F8:CD:AA:B7:BB:9E:37:A7:02:1F:D3:C6
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/qSrzo3qVMqj4zaq3u543pwIf08Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.216.173.0/24
Signature Algorithm: sha256WithRSAEncryption
45:30:47:b5:02:51:3c:a4:8e:20:3a:a7:1c:bc:2d:96:5a:14:
2d:0e:b5:13:ee:a8:47:c9:c6:56:98:7e:c7:d2:28:3f:f8:cf:
cd:7f:c2:70:f8:c3:09:f3:d4:40:a5:92:6d:70:04:2b:ab:cd:
c9:d8:0f:1f:37:25:b2:01:bd:41:34:af:81:15:84:b1:cf:f6:
be:de:7f:64:e7:c0:f3:b2:78:9a:0d:4e:25:4a:70:0d:54:a2:
fb:82:93:6a:fd:5d:66:19:27:d1:54:be:63:e9:a6:65:d4:20:
40:b0:02:92:12:1d:9f:e5:e6:aa:a7:2f:5e:50:34:0c:e0:bd:
8d:e9:38:a9:48:c8:07:3b:77:92:9e:b0:3e:16:4b:d8:ed:e6:
c4:25:8f:e1:87:e3:d3:8e:93:92:b5:9a:6c:26:98:36:f7:f2:
56:10:9c:83:2b:2e:36:fe:76:9a:bb:89:8b:35:27:33:8b:49:
38:eb:06:cb:fd:1d:4e:af:06:9a:1d:ca:3b:b3:3b:24:c5:c6:
5b:19:38:5e:00:8f:7d:72:4e:17:c1:97:90:22:d7:ac:7b:a3:
e9:d4:0f:63:c1:3a:5a:2d:c5:dc:e3:4a:3e:78:f4:b3:b7:fb:
6f:31:81:41:89:39:e0:53:65:f2:27:4e:03:59:f0:ef:39:d7:
6e:5e:30:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZd8/EiHFcVesVgYi5kX4sEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjUwNjE3MDgyMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTJhZjNhMzdhOTUzMmE4ZjhjZGFhYjdiYjllMzdhNzAyMWZkM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumAOpEGnKLkWM3KYn3tDoY3D2vPV
rkZInit9je0QRXEXMAMVt6Ai16NS6wfb0pBeaaNJKZU7tvfb14L51+PtixzOGN73
OGG4UEk6wVusMQWSJb9gjw4wqcvG/bkaJbexz1+mp+oan8RZ+6goY2y1ttELqEAr
FGId0/ELDr/mIJoiZRkCfURR0xhmlTWF/PLA1KYtoFrlYaQpt5iXJmIfu5apVZ51
DuLpUNZf5v8XSMEBkZANUC1VMa2N6vZOW8KqUhQ8njyc21I1/Xcx2qJXb+3C+iuB
DbdZ6V0Lp6hd0NVjM5rA0A/luGN5YbE7b5ibhCcwlP7beaOzHX9h74ohGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKkq86N6lTKo+M2qt7ueN6cCH9PGMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvcVNyem8zcVZNcWo0emFxM3U1NDNwd0lmMDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ9itMA0G
CSqGSIb3DQEBCwUAA4IBAQBFMEe1AlE8pI4gOqccvC2WWhQtDrUT7qhHycZWmH7H
0ig/+M/Nf8Jw+MMJ89RApZJtcAQrq83J2A8fNyWyAb1BNK+BFYSxz/a+3n9k58Dz
sniaDU4lSnANVKL7gpNq/V1mGSfRVL5j6aZl1CBAsAKSEh2f5eaqpy9eUDQM4L2N
6TipSMgHO3eSnrA+FkvY7ebEJY/hh+PTjpOStZpsJpg29/JWEJyDKy42/naau4mL
NSczi0k46wbL/R1OrwaaHco7szskxcZbGTheAI99ck4XwZeQItese6Pp1A9jwTpa
LcXc40o+ePSzt/tvMYFBiTngU2XyJ04DWfDvOdduXjCJ
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:00:38 2025 by rpki-client