Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/bY4smbikmD_l3MFrdzhxVS30h2w.roa
File: bY4smbikmD_l3MFrdzhxVS30h2w.roa (raw, json)
Hash identifier: AzqYGGqCw28aG0qRI02HO833Mg/jSKmrCZPMcTjjZgc=
Subject key identifier: 6D:8E:2C:99:B8:A4:98:3F:E5:DC:C1:6B:77:38:71:55:2D:F4:87:6C
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 01856EAFB31705A5F59168BFA98CF8CC87F3
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/bY4smbikmD_l3MFrdzhxVS30h2w.roa
Signing time: Sun 01 Jan 2023 18:54:46 +0000
ROA not before: Sun 01 Jan 2023 18:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211261
IP address blocks: 103.226.194.0/23 maxlen: 23
185.237.212.0/24 maxlen: 24
185.145.71.0/24 maxlen: 24
185.145.70.0/24 maxlen: 24
185.223.176.0/22 maxlen: 22
103.229.168.0/24 maxlen: 24
103.229.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jan 2023 11:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:b3:17:05:a5:f5:91:68:bf:a9:8c:f8:cc:87:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Jan 1 18:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d8e2c99b8a4983fe5dcc16b773871552df4876c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:57:73:57:bc:76:96:5f:26:75:79:a7:c7:d4:
43:94:26:a8:89:21:d8:54:5c:39:98:31:b6:f7:d1:
61:1d:18:f9:1c:40:1f:65:bb:82:24:be:d9:35:e0:
14:90:ff:78:db:bf:5f:64:aa:f1:3d:fc:20:00:70:
87:70:91:01:bf:64:d6:65:ef:92:17:a6:e0:cf:a9:
26:fe:cd:36:9a:9c:f0:7c:8d:fb:ec:ba:c9:ab:fd:
ad:5f:8e:68:86:03:31:2e:5f:fe:b8:6a:c1:78:56:
16:bc:90:77:d5:b9:54:30:35:5d:4b:ea:b4:82:37:
c0:8e:dc:08:9f:2b:e7:4c:f1:6e:8d:54:56:83:fd:
41:7c:eb:81:d0:c9:6c:ed:e8:76:90:e3:4c:0f:94:
b4:b3:29:cd:f2:4b:1e:65:98:20:c6:4e:33:f0:0f:
65:3a:ce:74:8b:51:a9:52:71:55:91:a6:0d:98:ad:
a2:c1:e4:da:cc:0a:01:a2:4b:b1:28:06:cb:3d:23:
3f:1b:68:5e:4b:34:8c:04:99:9d:0a:21:56:4a:ad:
2d:78:92:5d:8d:f1:fb:d9:68:a1:72:c3:d5:9d:50:
15:9a:53:59:ef:e5:66:ee:8e:b4:47:3c:bb:c0:1f:
aa:7c:d3:c0:39:9b:48:06:2d:15:5a:14:1b:b6:5b:
58:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8E:2C:99:B8:A4:98:3F:E5:DC:C1:6B:77:38:71:55:2D:F4:87:6C
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/bY4smbikmD_l3MFrdzhxVS30h2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.226.194.0/23
103.229.168.0/23
185.145.70.0/23
185.223.176.0/22
185.237.212.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:99:38:10:fe:ed:b9:49:44:08:35:9e:f3:8f:b3:33:bb:6a:
01:cf:fb:eb:59:e8:68:c4:ca:f4:79:b7:32:98:04:22:6f:2e:
43:93:4b:77:82:4f:8f:43:a7:5a:c4:0e:67:85:1b:81:db:82:
d6:b5:95:6e:69:ff:5c:ee:39:e6:49:21:10:47:fd:01:3c:36:
6f:b7:b2:2b:65:5f:9a:cd:30:56:f4:96:6b:68:f6:f9:60:93:
a4:06:60:e1:56:ab:6a:9d:4c:c7:24:3b:5c:ce:d7:e4:ce:03:
e6:58:96:06:4b:64:40:94:37:a7:2e:cb:59:fd:06:62:7e:07:
54:7e:0f:b9:a8:44:80:a5:2a:21:9a:17:40:c0:70:b8:58:6e:
c8:5b:79:1e:3b:2d:95:fb:12:cb:fb:75:f9:07:d1:f2:d4:23:
b2:ee:1a:0f:44:22:f7:1a:c0:9d:6b:b2:a0:05:a1:f4:c5:dc:
91:f0:98:0a:e8:be:f6:3e:85:fe:7a:96:06:a2:c1:91:db:26:
86:f4:da:62:9f:2a:f1:87:a1:87:f5:89:cb:22:67:24:f7:cd:
eb:da:50:85:59:5a:68:ff:21:05:68:70:0f:8d:ea:a3:d3:4d:
02:9a:6d:b6:01:3e:37:c5:63:c9:d8:1c:2e:bb:d6:6d:85:32:
99:5b:4a:64
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVur7MXBaX1kWi/qYz4zIfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjMwMTAxMTg1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDhlMmM5OWI4YTQ5ODNmZTVkY2MxNmI3NzM4NzE1NTJkZjQ4NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1dzV7x2ll8mdXmnx9RDlCaoiSHY
VFw5mDG299FhHRj5HEAfZbuCJL7ZNeAUkP94279fZKrxPfwgAHCHcJEBv2TWZe+S
F6bgz6km/s02mpzwfI377LrJq/2tX45ohgMxLl/+uGrBeFYWvJB31blUMDVdS+q0
gjfAjtwInyvnTPFujVRWg/1BfOuB0Mls7eh2kONMD5S0synN8kseZZggxk4z8A9l
Os50i1GpUnFVkaYNmK2iweTazAoBokuxKAbLPSM/G2heSzSMBJmdCiFWSq0teJJd
jfH72WihcsPVnVAVmlNZ7+Vm7o60Rzy7wB+qfNPAOZtIBi0VWhQbtltYDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG2OLJm4pJg/5dzBa3c4cVUt9IdsMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvYlk0c21iaWttRF9sM01GcmR6aHhWUzMwaDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBZ+LCAwQB
Z+WoAwQBuZFGAwQCud+wAwQAue3UMA0GCSqGSIb3DQEBCwUAA4IBAQAbmTgQ/u25
SUQINZ7zj7Mzu2oBz/vrWehoxMr0ebcymAQiby5Dk0t3gk+PQ6daxA5nhRuB24LW
tZVuaf9c7jnmSSEQR/0BPDZvt7IrZV+azTBW9JZraPb5YJOkBmDhVqtqnUzHJDtc
ztfkzgPmWJYGS2RAlDenLstZ/QZifgdUfg+5qESApSohmhdAwHC4WG7IW3keOy2V
+xLL+3X5B9Hy1COy7hoPRCL3GsCda7KgBaH0xdyR8JgK6L72PoX+epYGosGR2yaG
9Npinyrxh6GH9YnLImck983r2lCFWVpo/yEFaHAPjeqj000Cmm22AT43xWPJ2Bwu
u9ZthTKZW0pk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:14 2024 by rpki-client on console-fra.rpki-client.org