Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/T2LjtPVlwqI_C_MXX5YVjp-I2II.roa
File: T2LjtPVlwqI_C_MXX5YVjp-I2II.roa (raw, json)
Hash identifier: b3qDOe7zQT6fNxddz5+EGMpD2cagixozxqLGJHfbRak=
Subject key identifier: 4F:62:E3:B4:F5:65:C2:A2:3F:0B:F3:17:5F:96:15:8E:9F:88:D8:82
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 0197C13BAC29C14FAF5686BC70F348724AF3
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/T2LjtPVlwqI_C_MXX5YVjp-I2II.roa
Signing time: Mon 30 Jun 2025 14:26:42 +0000
ROA not before: Mon 30 Jun 2025 14:26:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 103.231.73.0/24 maxlen: 24
176.120.67.0/24 maxlen: 24
2a09:7c43::/32 maxlen: 32
2a0b:cf43::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:7e06::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 30 Jun 2025 22:09:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c1:3b:ac:29:c1:4f:af:56:86:bc:70:f3:48:72:4a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jun 30 14:26:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f62e3b4f565c2a23f0bf3175f96158e9f88d882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e7:74:84:f9:3d:8d:29:fc:cc:fc:f3:79:b5:
d2:20:4f:06:85:2a:db:0c:a1:bc:74:d2:c1:ce:19:
b6:b3:81:25:1c:a9:c8:ed:34:df:df:48:54:09:e1:
9f:fe:ca:d4:85:64:bd:65:6a:c2:62:f6:e0:71:b0:
30:52:13:87:10:75:97:7f:01:ba:a7:d7:64:53:48:
91:90:d7:c8:c8:22:01:87:ba:48:9a:bd:98:13:43:
1f:72:73:f2:a4:ab:a6:57:e3:6b:44:8e:73:82:60:
34:58:98:88:74:5c:ee:98:0c:f5:76:49:33:a0:5a:
b2:76:c8:76:19:4d:f7:f6:48:19:ba:b9:ed:26:e6:
15:7c:fe:dd:a9:9d:a9:2e:59:1d:38:7c:5b:e2:6c:
a3:6b:3a:9c:5c:1a:47:cb:2b:9d:49:da:3c:b1:fc:
00:d7:ce:14:04:ce:70:55:cc:8b:51:fe:9c:a8:ce:
8f:e0:ce:a6:73:0a:ad:35:d2:d6:96:73:c8:3d:6f:
ee:29:5e:d3:05:bd:27:c3:33:ba:b2:c9:90:8f:fa:
ba:72:71:f9:60:fe:cb:89:15:9b:b1:ef:90:3a:a6:
56:05:22:9a:ed:ac:7c:e2:e5:e8:68:19:c7:d0:2e:
b1:3f:56:e4:26:f4:fd:94:2d:4e:93:1e:af:30:e8:
e7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:62:E3:B4:F5:65:C2:A2:3F:0B:F3:17:5F:96:15:8E:9F:88:D8:82
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/T2LjtPVlwqI_C_MXX5YVjp-I2II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.231.73.0/24
176.120.67.0/24
IPv6:
2a09:7c43::/32
2a0b:cf43::/32
2a11:4c04::/32
2a11:7e06::/32
Signature Algorithm: sha256WithRSAEncryption
24:77:f3:25:81:e8:30:22:15:99:26:52:2b:70:f0:1d:ab:84:
6b:6b:13:87:aa:66:a1:35:0e:2a:4a:ff:0f:11:b8:24:26:9c:
36:89:f3:66:49:72:15:2a:54:94:64:6e:0e:2f:b4:e3:f1:db:
92:47:62:05:55:db:c5:96:16:6c:e6:73:37:cf:f1:a9:b5:10:
ce:e3:10:66:3d:bd:71:84:d8:d2:57:a2:3f:ba:62:46:7b:d3:
b7:73:31:99:5e:b2:4d:5a:d5:8b:e4:ca:34:54:c7:78:a8:ca:
c1:3e:e4:75:f2:cc:05:66:fa:f7:a7:56:a3:d1:df:13:85:60:
ad:2a:93:0b:3e:cd:7a:3f:86:55:d7:ef:ec:3e:90:53:a6:f9:
81:15:78:a8:91:9f:92:a4:4c:b9:c6:4c:79:0c:c5:bf:c4:dc:
a8:6b:7f:bb:7c:e0:ca:5e:b6:2d:20:db:11:b6:50:b0:5c:c0:
ec:2c:6c:fe:d0:81:ce:18:bd:9d:d7:e4:c7:c3:23:d0:39:6b:
30:ed:55:b6:58:c7:5b:d9:e6:b7:ba:25:c6:0e:3b:6b:a8:48:
84:6b:e3:04:90:9d:15:d2:88:c4:44:51:0d:c3:88:23:dd:61:
9d:b8:28:ff:9a:ff:ff:5f:9c:1c:84:bd:12:3a:92:de:0f:ca:
b1:70:67:f7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZfBO6wpwU+vVoa8cPNIckrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwNjMwMTQyNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjYyZTNiNGY1NjVjMmEyM2YwYmYzMTc1Zjk2MTU4ZTlmODhkODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzed0hPk9jSn8zPzzebXSIE8GhSrb
DKG8dNLBzhm2s4ElHKnI7TTf30hUCeGf/srUhWS9ZWrCYvbgcbAwUhOHEHWXfwG6
p9dkU0iRkNfIyCIBh7pImr2YE0MfcnPypKumV+NrRI5zgmA0WJiIdFzumAz1dkkz
oFqydsh2GU339kgZurntJuYVfP7dqZ2pLlkdOHxb4myjazqcXBpHyyudSdo8sfwA
184UBM5wVcyLUf6cqM6P4M6mcwqtNdLWlnPIPW/uKV7TBb0nwzO6ssmQj/q6cnH5
YP7LiRWbse+QOqZWBSKa7ax84uXoaBnH0C6xP1bkJvT9lC1Okx6vMOjnEwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFE9i47T1ZcKiPwvzF1+WFY6fiNiCMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvVDJManRQVmx3cUlfQ19NWFg1WVZqcC1JMklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODASBAIAATAMAwQAZ+dJAwQA
sHhDMCIEAgACMBwDBQAqCXxDAwUAKgvPQwMFACoRTAQDBQAqEX4GMA0GCSqGSIb3
DQEBCwUAA4IBAQAkd/MlgegwIhWZJlIrcPAdq4RraxOHqmahNQ4qSv8PEbgkJpw2
ifNmSXIVKlSUZG4OL7Tj8duSR2IFVdvFlhZs5nM3z/GptRDO4xBmPb1xhNjSV6I/
umJGe9O3czGZXrJNWtWL5Mo0VMd4qMrBPuR18swFZvr3p1aj0d8ThWCtKpMLPs16
P4ZV1+/sPpBTpvmBFXiokZ+SpEy5xkx5DMW/xNyoa3+7fODKXrYtINsRtlCwXMDs
LGz+0IHOGL2d1+THwyPQOWsw7VW2WMdb2ea3uiXGDjtrqEiEa+MEkJ0V0ojERFEN
w4gj3WGduCj/mv//X5wchL0SOpLeD8qxcGf3
-----END CERTIFICATE-----
Generated at Thu Jul 24 23:35:52 2025 by rpki-client