Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Df5DiQ71Do7n0Szd-76qShOvpwE.roa
File: Df5DiQ71Do7n0Szd-76qShOvpwE.roa (raw, json)
Hash identifier: 30eF9ZsnW6l2ivH0Bc+E4/4P48FyncC8Iee79qbmwhM=
Subject key identifier: 0D:FE:43:89:0E:F5:0E:8E:E7:D1:2C:DD:FB:BE:AA:4A:13:AF:A7:01
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 0185A07E7E4E1F2EE1E57FFB3733F5676E78
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Df5DiQ71Do7n0Szd-76qShOvpwE.roa
Signing time: Wed 11 Jan 2023 11:02:02 +0000
ROA not before: Wed 11 Jan 2023 11:02:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205836
IP address blocks: 103.226.193.0/24 maxlen: 24
103.229.169.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:7e:7e:4e:1f:2e:e1:e5:7f:fb:37:33:f5:67:6e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Jan 11 11:02:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dfe43890ef50e8ee7d12cddfbbeaa4a13afa701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:93:d3:bc:9b:af:0b:40:b5:0c:17:28:e9:f0:
c7:4f:66:9b:63:de:3a:b0:ce:db:bd:9a:4f:04:fe:
ab:38:eb:9f:4e:e9:ef:d3:8c:41:c0:2b:fd:f5:45:
56:d7:0f:38:c4:38:9a:eb:3d:bf:d1:25:66:03:bd:
8b:8b:0c:1f:3e:f0:f7:07:f5:55:ba:12:14:5d:fa:
6a:f5:91:97:38:22:41:ea:c6:52:ba:80:63:67:af:
5d:ec:fe:ad:79:7b:64:8f:19:a4:5c:3b:39:1d:24:
4f:6b:5f:51:1e:68:4d:fc:b2:69:c9:07:b8:9b:03:
e0:b8:03:e1:5d:cd:de:3f:54:3a:01:77:c5:e9:b2:
ab:dd:a9:af:81:ab:1c:15:c6:6a:7e:0d:53:e1:be:
5b:ce:6c:23:ca:e5:a6:b9:ab:1e:a8:d9:3a:cf:cf:
4d:5e:ed:dd:bf:ee:b6:88:13:1b:08:80:16:07:27:
60:1b:82:59:f0:7f:80:c9:fa:45:66:a6:48:f4:9d:
b0:a6:f5:e1:fb:0a:ef:93:29:13:c2:29:53:a8:23:
bd:d2:fa:f5:62:5e:db:96:b2:9d:18:ae:70:f3:21:
0a:8a:83:a2:da:a4:3f:ca:51:2f:59:01:74:f0:fe:
c1:bf:f1:fa:89:56:9b:2f:07:35:29:2f:b1:8d:8c:
1a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:FE:43:89:0E:F5:0E:8E:E7:D1:2C:DD:FB:BE:AA:4A:13:AF:A7:01
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Df5DiQ71Do7n0Szd-76qShOvpwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.226.193.0/24
103.229.169.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:b8:8e:f8:c3:8b:22:f2:bc:2b:ad:f1:95:86:b2:03:32:b9:
1b:50:3a:81:66:9c:26:60:24:14:ac:21:1f:ea:ba:2b:0d:98:
72:6b:e4:9f:4c:6e:05:91:76:b2:b8:88:3d:24:bd:d9:ec:58:
4a:0b:28:91:e6:eb:5b:c9:27:30:d5:3c:5b:d2:ed:a8:7a:1b:
cd:b2:c6:5f:ad:0e:65:54:c8:8f:e4:67:07:e0:48:14:1f:03:
cb:44:a6:d8:16:6a:3e:ec:83:ab:5f:db:75:20:41:df:65:2d:
54:e3:d1:ca:47:8e:a4:48:1d:5b:1e:4d:3f:e8:12:54:bf:14:
80:1f:d7:d3:79:b2:ec:df:f8:f3:87:29:f5:7d:89:85:7b:3f:
8e:f1:38:2d:d9:20:4d:27:03:99:63:84:ef:89:6f:11:c9:96:
5a:94:bf:1b:1f:76:5c:cd:be:09:23:31:6b:91:88:36:9d:17:
ab:17:e6:0e:a0:37:cc:ae:e9:cb:b5:f8:56:d9:c7:b6:a3:fd:
9f:25:84:96:5d:1f:92:bf:05:a5:f1:ca:1e:9b:a5:9c:5c:90:
ff:63:31:df:13:fa:01:65:db:09:2e:8f:52:c6:f4:9a:78:c3:
b8:22:27:3e:cc:0a:51:be:cc:de:5d:37:52:9d:5f:34:85:8c:
95:d9:ef:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWgfn5OHy7h5X/7NzP1Z254MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjMwMTExMTEwMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGZlNDM4OTBlZjUwZThlZTdkMTJjZGRmYmJlYWE0YTEzYWZhNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJPTvJuvC0C1DBco6fDHT2abY946
sM7bvZpPBP6rOOufTunv04xBwCv99UVW1w84xDia6z2/0SVmA72LiwwfPvD3B/VV
uhIUXfpq9ZGXOCJB6sZSuoBjZ69d7P6teXtkjxmkXDs5HSRPa19RHmhN/LJpyQe4
mwPguAPhXc3eP1Q6AXfF6bKr3amvgascFcZqfg1T4b5bzmwjyuWmuaseqNk6z89N
Xu3dv+62iBMbCIAWBydgG4JZ8H+AyfpFZqZI9J2wpvXh+wrvkykTwilTqCO90vr1
Yl7blrKdGK5w8yEKioOi2qQ/ylEvWQF08P7Bv/H6iVabLwc1KS+xjYwahQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA3+Q4kO9Q6O59Es3fu+qkoTr6cBMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvRGY1RGlRNzFEbzduMFN6ZC03NnFTaE92cHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ+LBAwQA
Z+WpMA0GCSqGSIb3DQEBCwUAA4IBAQAauI74w4si8rwrrfGVhrIDMrkbUDqBZpwm
YCQUrCEf6rorDZhya+SfTG4FkXayuIg9JL3Z7FhKCyiR5utbyScw1Txb0u2oehvN
ssZfrQ5lVMiP5GcH4EgUHwPLRKbYFmo+7IOrX9t1IEHfZS1U49HKR46kSB1bHk0/
6BJUvxSAH9fTebLs3/jzhyn1fYmFez+O8Tgt2SBNJwOZY4TviW8RyZZalL8bH3Zc
zb4JIzFrkYg2nRerF+YOoDfMrunLtfhW2ce2o/2fJYSWXR+SvwWl8coem6WcXJD/
YzHfE/oBZdsJLo9SxvSaeMO4Iic+zApRvszeXTdSnV80hYyV2e+P
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:48 2023 by rpki-client on console-fra.rpki-client.org