Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/Pd9wfihhkdgMggwo4muYjUY0Ms0.roa
File: Pd9wfihhkdgMggwo4muYjUY0Ms0.roa (raw, json)
Hash identifier: aYsZLJOL8rs27BJC8X/JZSVXJuUZh+BzB1B4dCeumf8=
Subject key identifier: 3D:DF:70:7E:28:61:91:D8:0C:82:0C:28:E2:6B:98:8D:46:34:32:CD
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 0190C5108C640F051C0A80FD49670472A951
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/Pd9wfihhkdgMggwo4muYjUY0Ms0.roa
Signing time: Thu 18 Jul 2024 08:58:34 +0000
ROA not before: Thu 18 Jul 2024 08:58:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6424
IP address blocks: 103.243.124.0/22 maxlen: 22
188.93.192.0/21 maxlen: 24
188.93.196.0/24 maxlen: 24
193.109.184.0/21 maxlen: 24
2001:b18::/32 maxlen: 48
2001:b18:1031::/48 maxlen: 48
2a0d:82c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Sat 10 Aug 2024 04:42:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c5:10:8c:64:0f:05:1c:0a:80:fd:49:67:04:72:a9:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: Jul 18 08:58:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ddf707e286191d80c820c28e26b988d463432cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:38:49:26:98:12:ee:2c:1d:d0:13:2c:d7:f9:
f7:20:b1:24:c7:d8:6f:ed:99:54:c3:42:41:6f:58:
c7:a2:08:47:9e:35:8e:fd:c7:a2:b0:a9:8b:d5:8b:
09:84:4d:73:2a:1e:77:cc:d0:3f:74:b7:d7:da:be:
4a:44:66:64:c3:67:c2:59:6c:28:2c:57:de:5a:77:
4f:12:af:5e:ed:34:08:76:c3:3a:62:30:f1:ec:ac:
a6:f9:e6:f9:35:77:ef:3a:86:bf:b3:f2:c6:db:d2:
d1:7b:52:4d:f7:1f:d7:fe:1d:9f:a9:25:b5:fb:36:
e0:b6:76:83:81:07:48:97:0f:a0:0d:ba:ac:90:72:
11:c3:cb:f3:53:eb:cb:44:ac:cb:9d:81:0f:fe:0f:
01:3b:69:eb:db:25:3a:b5:95:24:b0:0f:2f:6d:49:
c5:d1:ae:67:1b:63:34:41:c2:3c:09:7d:62:08:20:
ea:e9:26:f3:d0:23:c7:ef:97:6e:ce:4e:4a:9e:5f:
31:c2:b7:f7:0d:27:d2:e1:41:e4:b8:a2:74:32:e4:
40:7c:8e:35:1b:87:bc:74:bf:7f:bc:84:8f:d0:a8:
bb:34:ab:83:30:80:dd:63:16:f9:33:0f:c9:18:70:
f5:30:17:ff:ea:fb:a1:fe:2b:b6:c0:99:94:1d:48:
53:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:DF:70:7E:28:61:91:D8:0C:82:0C:28:E2:6B:98:8D:46:34:32:CD
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/Pd9wfihhkdgMggwo4muYjUY0Ms0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.243.124.0/22
188.93.192.0/21
193.109.184.0/21
IPv6:
2001:b18::/32
2a0d:82c0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:aa:4c:68:55:ac:f3:58:b6:bf:d2:12:bc:de:8c:16:82:c9:
77:4f:9f:c0:f3:b1:38:e8:c4:33:da:cc:6a:17:d7:0a:dc:83:
ab:92:a8:45:01:0a:26:e0:cd:25:9d:ad:e5:bf:b0:ec:71:c0:
f4:2f:a4:51:3d:5e:37:08:49:76:26:12:2c:be:51:7b:f5:63:
aa:d9:b8:aa:50:44:1e:72:18:e8:75:40:26:b1:5d:62:8b:84:
53:31:73:22:ba:4a:5f:bd:f2:c5:78:27:c4:9a:ca:72:52:8f:
cc:91:ec:d2:10:ee:78:16:46:7a:83:a7:58:62:56:45:2e:45:
c8:a1:49:3c:19:27:4b:5a:b7:ae:62:6b:17:56:b4:fb:b5:db:
c6:da:f6:7a:3a:d5:41:75:ff:71:eb:13:a1:b7:a8:10:12:41:
ad:62:93:b0:06:e9:bb:71:6e:dd:66:e4:d3:8e:83:d8:c2:c2:
1f:60:55:5f:79:6b:fb:08:9e:3a:95:c3:d0:87:3a:27:ee:c2:
00:ec:5b:59:fd:66:08:97:98:ff:4c:98:ff:dd:e1:f4:2b:9e:
65:95:d7:95:f6:35:83:f7:7a:bf:21:85:96:8a:81:94:da:21:
52:0f:27:41:2a:24:8e:43:e3:8f:9a:63:19:45:ce:2e:a7:f5:
fe:46:16:ec
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZDFEIxkDwUcCoD9SWcEcqlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjQwNzE4MDg1ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGRmNzA3ZTI4NjE5MWQ4MGM4MjBjMjhlMjZiOTg4ZDQ2MzQzMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjhJJpgS7iwd0BMs1/n3ILEkx9hv
7ZlUw0JBb1jHoghHnjWO/ceisKmL1YsJhE1zKh53zNA/dLfX2r5KRGZkw2fCWWwo
LFfeWndPEq9e7TQIdsM6YjDx7Kym+eb5NXfvOoa/s/LG29LRe1JN9x/X/h2fqSW1
+zbgtnaDgQdIlw+gDbqskHIRw8vzU+vLRKzLnYEP/g8BO2nr2yU6tZUksA8vbUnF
0a5nG2M0QcI8CX1iCCDq6Sbz0CPH75duzk5Knl8xwrf3DSfS4UHkuKJ0MuRAfI41
G4e8dL9/vISP0Ki7NKuDMIDdYxb5Mw/JGHD1MBf/6vuh/iu2wJmUHUhTowIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFD3fcH4oYZHYDIIMKOJrmI1GNDLNMB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvUGQ5d2ZpaGhrZGdNZ2d3bzRtdVlqVVkwTXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCZ/N8AwQD
vF3AAwQDwW24MBQEAgACMA4DBQAgAQsYAwUDKg2CwDANBgkqhkiG9w0BAQsFAAOC
AQEAoqpMaFWs81i2v9ISvN6MFoLJd0+fwPOxOOjEM9rMahfXCtyDq5KoRQEKJuDN
JZ2t5b+w7HHA9C+kUT1eNwhJdiYSLL5Re/Vjqtm4qlBEHnIY6HVAJrFdYouEUzFz
IrpKX73yxXgnxJrKclKPzJHs0hDueBZGeoOnWGJWRS5FyKFJPBknS1q3rmJrF1a0
+7Xbxtr2ejrVQXX/cesTobeoEBJBrWKTsAbpu3Fu3Wbk046D2MLCH2BVX3lr+wie
OpXD0Ic6J+7CAOxbWf1mCJeY/0yY/93h9CueZZXXlfY1g/d6vyGFloqBlNohUg8n
QSokjkPjj5pjGUXOLqf1/kYW7A==
-----END CERTIFICATE-----
Generated at Sat Aug 10 06:22:28 2024 by rpki-client on console-fra.rpki-client.org