Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/qaHTJ2smhOe5ub1zvhlLaHEV7II.roa
File: qaHTJ2smhOe5ub1zvhlLaHEV7II.roa (raw, json)
Hash identifier: k6IIQi0jZ7aFlNYvNm5o6K3CyI8iRk5+TWrLNrEj3/g=
Subject key identifier: A9:A1:D3:27:6B:26:84:E7:B9:B9:BD:73:BE:19:4B:68:71:15:EC:82
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0194228DC273D779317B8B4B6A638CF547D5
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/qaHTJ2smhOe5ub1zvhlLaHEV7II.roa
Signing time: Wed 01 Jan 2025 15:48:23 +0000
ROA not before: Wed 01 Jan 2025 15:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214231
IP address blocks: 103.71.20.0/24 maxlen: 24
103.71.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 20:43:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c2:73:d7:79:31:7b:8b:4b:6a:63:8c:f5:47:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Jan 1 15:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9a1d3276b2684e7b9b9bd73be194b687115ec82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fa:31:c7:8c:f7:be:8f:db:a1:4b:a0:3a:27:
78:e2:2b:1f:da:77:c6:43:31:66:55:82:ba:94:43:
46:0e:e0:74:33:be:85:e1:8f:62:fc:4a:68:5e:45:
74:de:5b:06:a8:64:02:71:60:3e:96:44:55:2f:0f:
7c:7f:27:78:a2:d4:96:1a:d4:d5:d4:d1:4d:db:fc:
47:63:7a:41:fd:3f:4f:3f:fc:e7:0d:fb:8f:bb:67:
0f:c4:fa:4e:62:64:af:b6:bc:eb:92:3a:44:e4:36:
5d:34:92:ff:10:94:e8:e7:de:ae:6f:d0:e4:7f:59:
54:e9:5f:1b:ed:75:d4:f3:79:50:46:fc:49:9c:10:
14:b2:c5:96:5c:18:c8:51:7f:b6:bc:ee:0f:ae:af:
4d:b0:7a:ba:8b:d5:2b:7c:cf:16:79:ee:24:de:75:
0e:ea:2e:ae:fa:1f:d2:ba:04:ee:a6:6d:3b:5a:bc:
67:74:99:d5:12:2c:4d:ed:cd:13:e7:4b:a8:ef:7b:
98:f7:fa:c4:69:c5:67:6f:84:01:8d:5a:8d:9d:14:
b9:3b:30:25:c8:cf:61:bc:18:a7:c7:75:fe:5f:b9:
3b:9b:65:25:f0:c1:e9:61:7d:0b:20:d5:c2:20:d8:
8e:51:5c:7d:f5:4d:f3:58:0c:47:8c:f7:73:55:4f:
f3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A1:D3:27:6B:26:84:E7:B9:B9:BD:73:BE:19:4B:68:71:15:EC:82
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/qaHTJ2smhOe5ub1zvhlLaHEV7II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.71.20.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:dd:01:fd:63:be:41:6d:3b:75:f3:84:49:1f:2c:30:b9:4f:
ef:78:8c:81:a5:03:fa:29:e5:8a:fe:f3:3c:2b:4d:4f:bd:b7:
84:01:ff:44:d5:50:90:a0:00:39:e8:a1:dc:19:6c:1c:90:dd:
54:96:90:fc:29:9b:fc:b8:ec:1f:0e:f7:dc:0e:b0:0b:55:a8:
52:04:3c:a8:a7:6b:f7:b0:81:22:e8:25:1c:81:dc:8e:cd:29:
07:95:8a:df:14:e3:d1:7c:ce:0a:77:92:b6:37:77:ca:63:3d:
55:bc:a9:6e:a1:80:97:9c:d3:d7:54:7b:09:eb:44:0f:e2:89:
88:6b:31:ca:f0:05:be:bb:cf:ed:99:49:c0:3f:c9:28:f5:bf:
a0:88:38:3a:3d:18:47:81:87:5a:0d:09:94:16:a4:f9:23:2e:
e7:18:25:d4:45:e3:30:c1:db:34:8f:1a:ea:dc:f5:91:8f:10:
00:21:b7:9a:eb:e5:11:9e:f4:95:f7:a4:9a:18:bc:91:5e:7d:
c5:02:c3:54:c4:70:f6:85:27:30:c9:70:62:a1:63:dc:33:d0:
32:af:58:36:fa:a0:d3:36:05:df:cc:86:83:91:3b:46:9d:28:
6a:2c:b3:3b:eb:c3:2c:b8:9b:c2:65:2d:0c:e3:d1:ab:65:92:
86:18:34:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijcJz13kxe4tLamOM9UfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwMTAxMTU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWExZDMyNzZiMjY4NGU3YjliOWJkNzNiZTE5NGI2ODcxMTVlYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvoxx4z3vo/boUugOid44isf2nfG
QzFmVYK6lENGDuB0M76F4Y9i/EpoXkV03lsGqGQCcWA+lkRVLw98fyd4otSWGtTV
1NFN2/xHY3pB/T9PP/znDfuPu2cPxPpOYmSvtrzrkjpE5DZdNJL/EJTo596ub9Dk
f1lU6V8b7XXU83lQRvxJnBAUssWWXBjIUX+2vO4Prq9NsHq6i9UrfM8Wee4k3nUO
6i6u+h/SugTupm07WrxndJnVEixN7c0T50uo73uY9/rEacVnb4QBjVqNnRS5OzAl
yM9hvBinx3X+X7k7m2Ul8MHpYX0LINXCINiOUVx99U3zWAxHjPdzVU/zAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKmh0ydrJoTnubm9c74ZS2hxFeyCMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvcWFIVEoyc21oT2U1dWIxenZobExhSEVWN0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ0cUMA0G
CSqGSIb3DQEBCwUAA4IBAQAq3QH9Y75BbTt184RJHywwuU/veIyBpQP6KeWK/vM8
K01PvbeEAf9E1VCQoAA56KHcGWwckN1UlpD8KZv8uOwfDvfcDrALVahSBDyop2v3
sIEi6CUcgdyOzSkHlYrfFOPRfM4Kd5K2N3fKYz1VvKluoYCXnNPXVHsJ60QP4omI
azHK8AW+u8/tmUnAP8ko9b+giDg6PRhHgYdaDQmUFqT5Iy7nGCXUReMwwds0jxrq
3PWRjxAAIbea6+URnvSV96SaGLyRXn3FAsNUxHD2hScwyXBioWPcM9Ayr1g2+qDT
NgXfzIaDkTtGnShqLLM768MsuJvCZS0M49GrZZKGGDQn
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:37:39 2025 by rpki-client