Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3SWX-6aKTG6yrPfSp8tqTwytnT0.roa
File: 3SWX-6aKTG6yrPfSp8tqTwytnT0.roa (raw, json)
Hash identifier: Kw9zjKYg6hKVcNsIx5Gia28h+vm9ms12Fy1a/n7QUW8=
Subject key identifier: DD:25:97:FB:A6:8A:4C:6E:B2:AC:F7:D2:A7:CB:6A:4F:0C:AD:9D:3D
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018B71229E5E49B1F535B9DA3B7FC15508C7
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3SWX-6aKTG6yrPfSp8tqTwytnT0.roa
Signing time: Fri 27 Oct 2023 12:36:16 +0000
ROA not before: Fri 27 Oct 2023 12:36:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 202.133.90.0/23 maxlen: 24
103.25.86.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:22:9e:5e:49:b1:f5:35:b9:da:3b:7f:c1:55:08:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 27 12:36:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd2597fba68a4c6eb2acf7d2a7cb6a4f0cad9d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5c:e5:f3:9d:cb:c5:74:dd:6c:c3:5c:57:79:
f9:9e:91:15:bc:e9:58:60:71:c4:65:d8:4a:bf:fa:
da:38:8e:55:92:39:0a:3d:d4:62:71:27:d8:c2:f8:
c3:90:7a:cf:35:e4:54:60:a4:a7:c9:00:ac:5b:8a:
2c:07:2c:0f:61:0b:36:97:d6:14:bd:90:2e:71:84:
7f:73:94:87:c6:4a:bc:8d:87:7e:54:01:23:c3:5c:
9d:d4:42:c3:ea:ba:e7:97:f4:fe:ba:34:9d:6a:8d:
58:1c:da:cc:2b:b8:35:84:3d:c9:09:05:09:f0:e6:
29:12:98:7c:f2:c0:37:5d:9f:eb:ca:74:dc:8b:3a:
82:6e:f7:76:16:7a:3f:75:bf:02:ea:a6:69:74:3d:
43:2c:cc:31:8a:a3:1b:b2:3f:13:43:b8:be:95:a4:
8d:18:02:8c:78:ab:be:11:f8:a5:70:74:47:e9:f7:
1b:ae:5d:20:8d:1a:a6:31:c9:94:02:1e:02:b6:5b:
80:04:a5:4e:87:77:7f:18:eb:4e:a2:c6:df:ba:b7:
b7:f6:1c:2b:c8:3a:91:64:51:43:2a:d5:3d:02:da:
2f:02:27:c9:e9:d4:e4:e5:62:6f:65:0d:e2:c9:01:
a0:83:dc:6d:ef:29:f5:91:a1:ac:8f:b1:55:2b:2d:
11:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:25:97:FB:A6:8A:4C:6E:B2:AC:F7:D2:A7:CB:6A:4F:0C:AD:9D:3D
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3SWX-6aKTG6yrPfSp8tqTwytnT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.25.86.0/23
202.133.90.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:13:43:9d:88:96:87:70:23:a0:95:47:70:8a:a8:d2:f8:3a:
db:0e:e7:f0:78:fe:8a:ff:0e:bd:c5:ff:c9:ce:ae:9e:5a:b7:
6e:fa:3f:a8:d5:7c:d0:43:37:6c:34:93:e1:d2:1c:e2:96:0e:
82:98:5c:7b:a4:c9:eb:45:8b:14:b4:9b:b5:43:fd:c1:3b:89:
d3:56:bc:50:96:cd:f4:e4:88:73:04:88:d1:64:58:96:6c:37:
f6:6b:76:79:b4:fa:d3:b4:bd:a3:1e:18:50:25:fd:fe:86:96:
55:2c:bf:2d:4a:5c:a9:f6:95:4f:64:3b:c4:d1:85:76:57:41:
ac:a9:47:bf:b7:71:ec:fb:c6:e1:76:65:1b:1d:cc:82:d5:ad:
37:6e:e5:3a:02:99:93:07:1f:7c:2f:a0:0d:a2:05:99:21:cd:
12:65:4f:a4:f3:bf:ad:0e:3e:c8:68:ec:f9:3f:bd:ec:14:b2:
c8:7e:e0:bc:8d:fc:29:01:b2:30:00:df:e2:b4:e0:97:ad:ff:
c7:ca:78:5f:22:c9:58:84:be:c0:79:2c:b5:6b:60:d0:c8:db:
d4:bc:1a:c4:0b:98:5e:1c:af:ea:a9:12:f9:5c:7e:7d:81:00:
46:3d:fd:a5:bf:38:e7:93:2d:20:f0:8a:c5:d0:6f:3f:a2:9b:
4e:d5:31:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtxIp5eSbH1NbnaO3/BVQjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMDI3MTIzNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDI1OTdmYmE2OGE0YzZlYjJhY2Y3ZDJhN2NiNmE0ZjBjYWQ5ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlzl853LxXTdbMNcV3n5npEVvOlY
YHHEZdhKv/raOI5VkjkKPdRicSfYwvjDkHrPNeRUYKSnyQCsW4osBywPYQs2l9YU
vZAucYR/c5SHxkq8jYd+VAEjw1yd1ELD6rrnl/T+ujSdao1YHNrMK7g1hD3JCQUJ
8OYpEph88sA3XZ/rynTcizqCbvd2Fno/db8C6qZpdD1DLMwxiqMbsj8TQ7i+laSN
GAKMeKu+EfilcHRH6fcbrl0gjRqmMcmUAh4CtluABKVOh3d/GOtOosbfure39hwr
yDqRZFFDKtU9AtovAifJ6dTk5WJvZQ3iyQGgg9xt7yn1kaGsj7FVKy0RPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN0ll/umikxusqz30qfLak8MrZ09MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvM1NXWC02YUtURzZ5clBmU3A4dHFUd3l0blQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBZxlWAwQB
yoVaMA0GCSqGSIb3DQEBCwUAA4IBAQB8E0OdiJaHcCOglUdwiqjS+DrbDufweP6K
/w69xf/Jzq6eWrdu+j+o1XzQQzdsNJPh0hzilg6CmFx7pMnrRYsUtJu1Q/3BO4nT
VrxQls305IhzBIjRZFiWbDf2a3Z5tPrTtL2jHhhQJf3+hpZVLL8tSlyp9pVPZDvE
0YV2V0GsqUe/t3Hs+8bhdmUbHcyC1a03buU6ApmTBx98L6ANogWZIc0SZU+k87+t
Dj7IaOz5P73sFLLIfuC8jfwpAbIwAN/itOCXrf/HynhfIslYhL7AeSy1a2DQyNvU
vBrEC5heHK/qqRL5XH59gQBGPf2lvzjnky0g8IrF0G8/optO1TEO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org