Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/kFfXQeIJMyzTu_Kdox2lyceXLfs.roa
File: kFfXQeIJMyzTu_Kdox2lyceXLfs.roa (raw, json)
Hash identifier: w2eBGo3FvALkm3ZAqVBE9kWxnVzhEf5SFwSGdr26Ip8=
Subject key identifier: 90:57:D7:41:E2:09:33:2C:D3:BB:F2:9D:A3:1D:A5:C9:C7:97:2D:FB
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 0186131C569D155E6501CFF524D1E8A9970E
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/kFfXQeIJMyzTu_Kdox2lyceXLfs.roa
Signing time: Thu 02 Feb 2023 17:11:09 +0000
ROA not before: Thu 02 Feb 2023 17:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 103.226.192.0/24 maxlen: 24
185.237.212.0/22 maxlen: 24
185.237.215.0/24 maxlen: 24
185.145.69.0/24 maxlen: 24
185.145.68.0/22 maxlen: 22
185.145.68.0/24 maxlen: 24
103.229.171.0/24 maxlen: 24
103.229.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:13:1c:56:9d:15:5e:65:01:cf:f5:24:d1:e8:a9:97:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Feb 2 17:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9057d741e209332cd3bbf29da31da5c9c7972dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2e:75:b4:f2:81:5e:32:2a:8d:0a:fd:e7:f0:
52:3b:32:05:35:6b:d9:41:21:23:6a:7d:31:71:44:
c7:31:35:2f:de:92:fb:c9:db:df:9b:55:0f:bd:dc:
15:ff:41:53:a0:4a:48:ec:fc:1b:34:7b:0c:1d:65:
4e:ff:02:ad:3b:0a:b5:b9:de:56:8e:e0:75:52:69:
8a:1d:6f:98:3d:22:a5:fc:68:4f:03:a3:d0:ce:c5:
63:42:5a:19:8e:a3:78:28:ac:76:87:84:59:57:64:
ad:b6:7e:54:3e:27:3b:a2:2b:b2:46:6d:31:fa:42:
7c:39:03:2c:2f:26:77:a2:0b:17:2b:00:b6:0c:d3:
28:1a:9a:3a:c6:a8:ec:e9:a0:b1:dd:58:5f:0a:fc:
33:05:58:54:27:d9:be:e4:c6:7f:21:38:1c:99:31:
f3:2a:27:f7:42:45:10:3c:21:31:4e:7a:12:b2:1a:
e2:07:35:b8:7d:68:eb:6d:25:68:d8:72:3f:77:f5:
4e:21:83:2d:4f:ac:26:d0:30:28:cd:c3:e7:04:e7:
62:d9:6c:e3:71:d6:0e:d7:e4:08:ed:b4:ca:d8:5b:
42:eb:28:8d:a1:c2:61:be:3b:1e:35:02:14:8f:a1:
27:3c:5c:10:e5:5a:74:3b:7c:9d:4e:d9:af:7a:af:
00:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:57:D7:41:E2:09:33:2C:D3:BB:F2:9D:A3:1D:A5:C9:C7:97:2D:FB
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/kFfXQeIJMyzTu_Kdox2lyceXLfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.226.192.0/24
103.229.170.0/23
185.145.68.0/22
185.237.212.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:2d:f7:db:22:b1:56:f2:d6:24:0f:4a:80:57:9e:2a:05:41:
07:8d:62:84:49:df:ca:34:ab:64:9a:48:4c:82:2a:8c:af:b5:
92:82:b3:28:3b:d7:7b:74:98:db:c6:0a:8a:43:2c:9f:45:5e:
ad:4f:0a:71:56:68:c4:6c:10:b3:f4:e4:73:16:b0:ab:0e:42:
19:07:ed:8f:19:cf:51:07:a0:09:b6:ab:f4:c5:3b:ea:7e:90:
d5:65:1b:70:0a:bd:59:07:f8:37:fc:b6:6f:d6:d0:e7:0b:a1:
69:2a:0a:f2:d3:da:cd:d5:7a:80:95:83:9f:bb:8c:58:59:e6:
46:0f:40:b0:74:65:24:ac:de:d9:4c:5f:f8:af:9b:a6:fb:89:
e5:d8:32:19:5f:9b:4c:f3:e1:9f:3c:20:81:e5:89:d9:3b:92:
81:ce:5e:69:97:30:49:e0:66:3f:52:1e:44:7b:72:ca:22:c6:
e4:cf:e3:26:78:71:2f:a7:d6:d1:e4:c1:d5:f7:84:fc:0d:dd:
4d:b1:9c:7d:73:af:ba:99:2a:ac:7e:66:d4:be:a1:25:72:dd:
29:9c:b6:af:e3:dc:44:02:da:da:b4:4a:3e:ef:e0:11:ba:c0:
f0:48:e5:f2:4a:82:5f:bf:3d:5c:51:20:f7:18:0f:22:ac:94:
80:8e:6f:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYTHFadFV5lAc/1JNHoqZcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjMwMjAyMTcxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDU3ZDc0MWUyMDkzMzJjZDNiYmYyOWRhMzFkYTVjOWM3OTcyZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgC51tPKBXjIqjQr95/BSOzIFNWvZ
QSEjan0xcUTHMTUv3pL7ydvfm1UPvdwV/0FToEpI7PwbNHsMHWVO/wKtOwq1ud5W
juB1UmmKHW+YPSKl/GhPA6PQzsVjQloZjqN4KKx2h4RZV2Sttn5UPic7oiuyRm0x
+kJ8OQMsLyZ3ogsXKwC2DNMoGpo6xqjs6aCx3VhfCvwzBVhUJ9m+5MZ/ITgcmTHz
Kif3QkUQPCExTnoSshriBzW4fWjrbSVo2HI/d/VOIYMtT6wm0DAozcPnBOdi2Wzj
cdYO1+QI7bTK2FtC6yiNocJhvjseNQIUj6EnPFwQ5Vp0O3ydTtmveq8ASwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJBX10HiCTMs07vynaMdpcnHly37MB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEva0ZmWFFlSUpNeXpUdV9LZG94Mmx5Y2VYTGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAZ+LAAwQB
Z+WqAwQCuZFEAwQCue3UMA0GCSqGSIb3DQEBCwUAA4IBAQCiLffbIrFW8tYkD0qA
V54qBUEHjWKESd/KNKtkmkhMgiqMr7WSgrMoO9d7dJjbxgqKQyyfRV6tTwpxVmjE
bBCz9ORzFrCrDkIZB+2PGc9RB6AJtqv0xTvqfpDVZRtwCr1ZB/g3/LZv1tDnC6Fp
Kgry09rN1XqAlYOfu4xYWeZGD0CwdGUkrN7ZTF/4r5um+4nl2DIZX5tM8+GfPCCB
5YnZO5KBzl5plzBJ4GY/Uh5Ee3LKIsbkz+MmeHEvp9bR5MHV94T8Dd1NsZx9c6+6
mSqsfmbUvqElct0pnLav49xEAtratEo+7+ARusDwSOXySoJfvz1cUSD3GA8irJSA
jm91
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:48 2023 by rpki-client on console-fra.rpki-client.org