Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/A0Vw5DC6UPS3qvlSKRPPoaFocZ4.roa
File: A0Vw5DC6UPS3qvlSKRPPoaFocZ4.roa (raw, json)
Hash identifier: RSpTE0OAk+/6QYgrteQ8m51/OjxoOzqWd3JFbA5yB6I=
Subject key identifier: 03:45:70:E4:30:BA:50:F4:B7:AA:F9:52:29:13:CF:A1:A1:68:71:9E
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 018CC56DEEC47406C406AB68B0A193CF4685
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/A0Vw5DC6UPS3qvlSKRPPoaFocZ4.roa
Signing time: Mon 01 Jan 2024 14:29:25 +0000
ROA not before: Mon 01 Jan 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 103.226.192.0/24 maxlen: 24
185.237.212.0/22 maxlen: 24
185.237.215.0/24 maxlen: 24
185.145.69.0/24 maxlen: 24
185.145.68.0/22 maxlen: 22
185.145.68.0/24 maxlen: 24
103.229.170.0/24 maxlen: 24
2a07:4640::/29 maxlen: 29
2a0d:c240::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 15 May 2024 06:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ee:c4:74:06:c4:06:ab:68:b0:a1:93:cf:46:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Jan 1 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=034570e430ba50f4b7aaf9522913cfa1a168719e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:54:5c:b0:cf:4b:4a:60:25:e5:16:14:de:68:
52:5e:9b:56:08:a9:8f:ea:5f:d6:01:ae:34:a6:40:
bc:3b:80:ee:25:33:28:dc:d4:c6:2b:53:35:3e:40:
19:4d:28:91:7d:77:e0:69:19:e6:d4:d1:f6:40:e9:
b3:bf:94:a4:88:26:9b:e4:92:50:f3:d2:4b:c6:d9:
50:fc:ce:51:20:95:03:37:0a:84:cf:86:b2:b9:7c:
2f:5a:68:07:c2:c9:ef:45:d2:9e:48:b2:4c:ee:bf:
84:f7:a7:74:00:ee:6d:35:dd:03:60:6f:60:49:93:
cb:50:fd:2d:b9:ad:92:14:8f:37:9f:cc:cf:d0:18:
21:e8:dd:e1:63:d2:c8:94:96:52:0e:f3:74:3c:b4:
b5:90:c4:bd:c3:1c:0b:18:c5:59:40:66:27:21:49:
c6:14:f3:5f:0f:1c:3f:93:0b:56:4e:e4:ba:00:af:
0a:c8:86:94:75:89:ab:02:0a:bd:cf:4d:0c:8f:99:
92:cc:fe:0b:1a:29:3a:68:62:52:8e:cc:c1:f2:68:
4e:46:06:8b:69:f5:5a:80:e9:2c:ce:f3:2b:bf:52:
ec:cf:4a:fc:75:0a:a5:4f:61:eb:d1:a6:b1:c6:53:
33:16:bb:a1:1f:71:e5:a2:57:84:72:89:5f:08:57:
a8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:45:70:E4:30:BA:50:F4:B7:AA:F9:52:29:13:CF:A1:A1:68:71:9E
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/A0Vw5DC6UPS3qvlSKRPPoaFocZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.226.192.0/24
103.229.170.0/24
185.145.68.0/22
185.237.212.0/22
IPv6:
2a07:4640::/29
2a0d:c240::/29
Signature Algorithm: sha256WithRSAEncryption
31:88:a8:98:a0:a7:66:d5:66:f0:61:51:ca:12:6c:1b:3d:9e:
01:02:cf:ca:00:20:1f:3d:63:13:c7:5b:21:b4:f0:f0:69:dc:
5c:cd:7e:53:61:50:4b:78:8b:12:95:48:8b:25:fe:08:9a:07:
93:af:cc:9a:69:d8:7f:db:87:2c:94:df:ce:b6:52:8f:36:9c:
b7:61:9f:9b:fb:32:be:53:81:1f:72:ab:2d:66:e9:61:fa:80:
8a:fc:a7:a9:17:b4:7d:c5:63:67:9c:c4:3e:4b:c4:fc:e1:fe:
6b:e7:4b:b2:9b:9a:66:b4:e9:78:4f:a5:0b:06:40:bd:0e:a5:
db:16:a5:69:0d:93:61:c9:0d:88:4b:7d:19:ba:2d:88:78:64:
b0:f3:05:db:84:b2:a3:fc:18:5a:9e:78:35:3f:58:cb:e8:49:
c3:b1:99:1f:d3:c8:88:df:cb:0b:f6:73:dd:31:6c:ec:a5:85:
17:62:18:61:8c:4f:02:de:23:33:bb:42:6d:7b:fa:c4:a9:45:
50:9a:df:db:5a:98:c8:15:e8:8b:d1:8a:e4:10:2c:0a:66:d4:
6c:e3:6a:db:77:11:0f:6f:d8:a7:67:5e:5f:20:70:ea:af:1b:
3a:2b:e1:da:00:fe:9e:7d:89:21:69:fb:31:46:46:4d:fc:e3:
16:ab:e0:80
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzFbe7EdAbEBqtosKGTz0aFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQ1NzBlNDMwYmE1MGY0YjdhYWY5NTIyOTEzY2ZhMWExNjg3MTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilRcsM9LSmAl5RYU3mhSXptWCKmP
6l/WAa40pkC8O4DuJTMo3NTGK1M1PkAZTSiRfXfgaRnm1NH2QOmzv5SkiCab5JJQ
89JLxtlQ/M5RIJUDNwqEz4ayuXwvWmgHwsnvRdKeSLJM7r+E96d0AO5tNd0DYG9g
SZPLUP0tua2SFI83n8zP0Bgh6N3hY9LIlJZSDvN0PLS1kMS9wxwLGMVZQGYnIUnG
FPNfDxw/kwtWTuS6AK8KyIaUdYmrAgq9z00Mj5mSzP4LGik6aGJSjszB8mhORgaL
afVagOkszvMrv1Lsz0r8dQqlT2Hr0aaxxlMzFruhH3HloleEcolfCFeoEwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFANFcOQwulD0t6r5UikTz6GhaHGeMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvQTBWdzVEQzZVUFMzcXZsU0tSUFBvYUZvY1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAZ+LAAwQA
Z+WqAwQCuZFEAwQCue3UMBQEAgACMA4DBQMqB0ZAAwUDKg3CQDANBgkqhkiG9w0B
AQsFAAOCAQEAMYiomKCnZtVm8GFRyhJsGz2eAQLPygAgHz1jE8dbIbTw8GncXM1+
U2FQS3iLEpVIiyX+CJoHk6/MmmnYf9uHLJTfzrZSjzact2Gfm/syvlOBH3KrLWbp
YfqAivynqRe0fcVjZ5zEPkvE/OH+a+dLspuaZrTpeE+lCwZAvQ6l2xalaQ2TYckN
iEt9GbotiHhksPMF24Syo/wYWp54NT9Yy+hJw7GZH9PIiN/LC/Zz3TFs7KWFF2IY
YYxPAt4jM7tCbXv6xKlFUJrf21qYyBXoi9GK5BAsCmbUbONq23cRD2/Yp2deXyBw
6q8bOivh2gD+nn2JIWn7MUZGTfzjFqvggA==
-----END CERTIFICATE-----
Generated at Wed May 15 11:27:27 2024 by rpki-client on console-fra.rpki-client.org