Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/a4dB78FCsWLNbHXGm8D6sWwyq4k.roa
File: a4dB78FCsWLNbHXGm8D6sWwyq4k.roa (raw, json)
Hash identifier: tRQq+FQNF41FqKpCPxwUIr20sY9+45SWiykAWRlkiSU=
Subject key identifier: 6B:87:41:EF:C1:42:B1:62:CD:6C:75:C6:9B:C0:FA:B1:6C:32:AB:89
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 01940CF7926DA070AB264BBA2118BE49969F
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/a4dB78FCsWLNbHXGm8D6sWwyq4k.roa
Signing time: Sat 28 Dec 2024 11:12:18 +0000
ROA not before: Sat 28 Dec 2024 11:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 103.249.132.0/24 maxlen: 24
103.249.133.0/24 maxlen: 24
103.249.134.0/24 maxlen: 24
103.249.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0c:f7:92:6d:a0:70:ab:26:4b:ba:21:18:be:49:96:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Dec 28 11:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b8741efc142b162cd6c75c69bc0fab16c32ab89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1f:a4:2b:bb:f7:3f:5d:a1:26:ce:22:c9:1e:
21:fa:4b:6c:0c:c1:05:2c:23:9d:3d:62:2a:40:2f:
40:0a:62:09:7a:41:a6:e8:6b:ed:ad:5c:cc:12:0a:
56:84:d9:79:84:62:a9:67:30:41:30:4a:65:4e:a4:
06:cd:5f:d5:46:30:a3:a2:f9:1d:bb:85:83:f6:fe:
dc:08:8e:7c:bb:32:65:16:b7:60:3c:1b:e5:48:26:
3e:15:5a:e8:29:36:e9:2f:67:46:dc:c7:cf:44:f8:
ba:e5:2d:4f:e5:be:ed:80:02:7a:5c:f8:26:43:b3:
06:4c:c4:ac:6c:db:05:3f:8f:83:66:43:bb:23:65:
f7:9a:4c:04:81:34:49:57:c7:06:81:d8:c3:b9:1a:
74:de:2e:7a:d9:30:9b:36:1f:28:4a:20:f9:74:b3:
77:b1:d9:f8:fe:65:1b:2e:f4:da:7e:01:82:33:47:
06:42:fe:70:40:94:04:b6:ab:fc:82:00:73:1b:5b:
a3:26:f5:94:3b:4d:20:3c:33:88:24:a6:14:73:c5:
25:8a:d1:6b:36:2d:57:5a:8e:ea:8c:5f:a9:00:92:
c0:7b:3e:96:e4:4c:c2:32:c1:ee:83:f8:5d:b1:38:
00:8f:3f:cd:6f:77:46:bf:25:37:e9:10:5e:2a:30:
23:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:87:41:EF:C1:42:B1:62:CD:6C:75:C6:9B:C0:FA:B1:6C:32:AB:89
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/a4dB78FCsWLNbHXGm8D6sWwyq4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.249.132.0/22
Signature Algorithm: sha256WithRSAEncryption
61:58:67:a7:e6:1c:7a:37:0c:d1:2c:93:7d:23:c5:2b:ba:76:
b2:8e:36:07:ab:8a:e8:30:47:38:33:e6:8a:bd:f0:68:e9:fa:
83:a7:b5:6d:d3:22:90:87:9f:54:62:fd:4b:90:e9:07:a0:9d:
9f:08:e5:82:77:f3:86:ed:93:36:34:e4:0d:c3:ba:4a:60:d8:
c8:d5:f5:80:db:2a:4f:40:98:4d:82:ef:39:fe:f7:db:74:a9:
cb:fe:3f:8b:b7:6a:57:b3:ab:2e:8e:68:34:7f:e9:34:36:b1:
cb:e9:9c:a4:7b:65:2e:3f:53:3e:1f:c5:42:b3:65:33:61:20:
cb:6e:a4:cf:32:4b:9a:b6:85:a6:82:1a:e9:c2:b6:d2:4e:7b:
c8:d7:41:68:cf:83:67:94:a5:48:66:f6:7b:33:b8:2e:cd:93:
d9:f8:28:e6:88:f5:18:6a:fc:08:ef:d8:b9:f4:3d:8c:51:f7:
22:93:9d:a1:5b:a9:53:06:8b:30:e0:15:1a:be:3c:f4:85:6b:
9b:12:93:cb:8a:de:9f:e8:72:ba:a9:0d:5b:2f:69:f4:36:63:
c9:a8:34:e8:72:05:18:84:4c:25:8e:9e:58:c3:a7:c7:41:c9:
bb:a8:1c:b2:ea:71:c3:97:24:77:d9:07:3b:8c:47:5d:94:52:
2a:38:82:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQM95JtoHCrJku6IRi+SZafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQxMjI4MTExMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjg3NDFlZmMxNDJiMTYyY2Q2Yzc1YzY5YmMwZmFiMTZjMzJhYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyx+kK7v3P12hJs4iyR4h+ktsDMEF
LCOdPWIqQC9ACmIJekGm6GvtrVzMEgpWhNl5hGKpZzBBMEplTqQGzV/VRjCjovkd
u4WD9v7cCI58uzJlFrdgPBvlSCY+FVroKTbpL2dG3MfPRPi65S1P5b7tgAJ6XPgm
Q7MGTMSsbNsFP4+DZkO7I2X3mkwEgTRJV8cGgdjDuRp03i562TCbNh8oSiD5dLN3
sdn4/mUbLvTafgGCM0cGQv5wQJQEtqv8ggBzG1ujJvWUO00gPDOIJKYUc8UlitFr
Ni1XWo7qjF+pAJLAez6W5EzCMsHug/hdsTgAjz/Nb3dGvyU36RBeKjAjWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuHQe/BQrFizWx1xpvA+rFsMquJMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvYTRkQjc4RkNzV0xOYkhYR204RDZzV3d5cTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ/mEMA0G
CSqGSIb3DQEBCwUAA4IBAQBhWGen5hx6NwzRLJN9I8UrunayjjYHq4roMEc4M+aK
vfBo6fqDp7Vt0yKQh59UYv1LkOkHoJ2fCOWCd/OG7ZM2NOQNw7pKYNjI1fWA2ypP
QJhNgu85/vfbdKnL/j+Lt2pXs6sujmg0f+k0NrHL6Zyke2UuP1M+H8VCs2UzYSDL
bqTPMkuatoWmghrpwrbSTnvI10Foz4NnlKVIZvZ7M7guzZPZ+CjmiPUYavwI79i5
9D2MUfcik52hW6lTBosw4BUavjz0hWubEpPLit6f6HK6qQ1bL2n0NmPJqDTocgUY
hEwljp5Yw6fHQcm7qByy6nHDlyR32Qc7jEddlFIqOII5
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:32:14 2025 by rpki-client