Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/oP2fIgRNFAwyjp4Ap2BApJmKViQ.roa
File: oP2fIgRNFAwyjp4Ap2BApJmKViQ.roa (raw, json)
Hash identifier: 6MA2s7+QRk+tR0fYWbpNZpdPYGt3yBUgFc4qG4MNB24=
Subject key identifier: A0:FD:9F:22:04:4D:14:0C:32:8E:9E:00:A7:60:40:A4:99:8A:56:24
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 018B5FB456C9B3544F5E23915792D36D8FFF
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/oP2fIgRNFAwyjp4Ap2BApJmKViQ.roa
Signing time: Tue 24 Oct 2023 03:22:16 +0000
ROA not before: Tue 24 Oct 2023 03:22:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57497
IP address blocks: 45.89.236.0/22 maxlen: 24
103.130.144.0/24 maxlen: 24
103.130.146.0/24 maxlen: 24
45.93.168.0/24 maxlen: 24
45.93.171.0/24 maxlen: 24
45.93.169.0/24 maxlen: 24
45.93.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 12:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5f:b4:56:c9:b3:54:4f:5e:23:91:57:92:d3:6d:8f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Oct 24 03:22:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0fd9f22044d140c328e9e00a76040a4998a5624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6c:90:81:6d:ca:f7:a5:4a:05:f6:be:7e:89:
6a:ec:68:70:65:67:26:5e:7b:b1:f6:92:41:c5:8d:
91:e6:89:e3:64:95:09:02:15:e5:1d:7b:c3:59:6a:
e0:8f:b8:bc:9a:e9:25:73:c1:1d:73:c3:51:fb:07:
58:3a:72:40:92:de:ad:17:3f:15:ef:3b:a0:15:78:
2f:ff:f6:14:2b:e4:74:bd:ff:dd:99:e4:06:6b:c8:
15:d6:ec:b8:62:2f:3d:d3:75:02:34:33:d2:9d:44:
4c:ce:ae:b1:ee:7a:32:c7:c7:7a:69:52:28:63:68:
3d:d8:2f:ae:e8:e2:6e:ba:62:17:13:85:c6:94:44:
d8:15:d3:03:ad:77:c4:91:64:d8:8f:88:11:2a:c8:
1f:12:d5:88:2d:dc:f2:95:cf:a4:cf:7f:97:b9:b4:
72:e7:55:d1:b0:79:bb:0d:02:ce:1f:4f:80:9e:04:
ef:49:c8:aa:ea:7f:48:f8:db:94:e3:1a:9b:46:a4:
7b:8a:81:37:12:3f:48:c8:67:b8:ed:ac:80:ba:76:
07:69:2f:33:57:2f:7e:c1:98:20:4d:e0:1f:48:f4:
31:99:4c:bc:82:2e:7d:04:07:5b:54:69:1e:31:3a:
49:0e:76:91:f1:fa:33:42:1b:a2:47:af:e9:50:f6:
0c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FD:9F:22:04:4D:14:0C:32:8E:9E:00:A7:60:40:A4:99:8A:56:24
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/oP2fIgRNFAwyjp4Ap2BApJmKViQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.236.0/22
45.93.168.0/22
103.130.144.0/24
103.130.146.0/24
Signature Algorithm: sha256WithRSAEncryption
87:6e:44:88:c6:90:3e:ba:23:6f:ca:ff:c9:de:3f:f6:fe:61:
f8:14:76:e5:8d:c3:55:4b:50:bc:05:50:01:f4:52:c7:d8:c7:
c0:8e:78:fe:e0:42:7b:d4:e2:b7:35:5c:08:5b:02:b7:11:bd:
0a:3b:e6:ef:5e:b2:58:a8:13:b9:d7:30:ec:d3:1c:d6:9a:6d:
89:d0:6e:df:e2:5d:df:fe:1e:17:81:8c:eb:02:61:82:9a:65:
ae:a3:f8:ae:bf:2b:ee:7b:90:10:6e:0d:aa:d4:c3:61:6b:73:
03:26:3c:81:28:eb:a4:ce:d0:08:45:08:86:bc:d6:dd:2e:61:
d5:0b:6b:7f:25:64:2b:30:64:a6:4a:06:b6:3f:d7:06:e5:c7:
ae:69:7a:de:1f:03:3a:0e:d4:31:51:2f:a5:2c:d1:c6:ef:d4:
31:b5:50:35:3e:f9:2f:12:d5:07:9b:18:0e:fa:52:3b:6c:6f:
70:d4:3a:ed:94:0d:77:c9:2f:92:c7:7c:09:58:e7:65:1c:6c:
1f:ca:38:00:ee:b7:08:aa:ad:22:c1:75:e3:58:be:13:7c:c6:
37:22:f7:43:5c:36:7d:62:88:67:ad:bc:43:df:84:e2:87:4c:
ca:4a:9d:e5:da:95:02:c2:70:9e:60:f4:67:0e:8c:ca:42:6e:
ec:a2:f4:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtftFbJs1RPXiORV5LTbY//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjMxMDI0MDMyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGZkOWYyMjA0NGQxNDBjMzI4ZTllMDBhNzYwNDBhNDk5OGE1NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WyQgW3K96VKBfa+folq7GhwZWcm
Xnux9pJBxY2R5onjZJUJAhXlHXvDWWrgj7i8muklc8Edc8NR+wdYOnJAkt6tFz8V
7zugFXgv//YUK+R0vf/dmeQGa8gV1uy4Yi8903UCNDPSnURMzq6x7noyx8d6aVIo
Y2g92C+u6OJuumIXE4XGlETYFdMDrXfEkWTYj4gRKsgfEtWILdzylc+kz3+XubRy
51XRsHm7DQLOH0+AngTvSciq6n9I+NuU4xqbRqR7ioE3Ej9IyGe47ayAunYHaS8z
Vy9+wZggTeAfSPQxmUy8gi59BAdbVGkeMTpJDnaR8fozQhuiR6/pUPYMZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKD9nyIETRQMMo6eAKdgQKSZilYkMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvb1AyZklnUk5GQXd5anA0QXAyQkFwSm1LVmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVnsAwQC
LV2oAwQAZ4KQAwQAZ4KSMA0GCSqGSIb3DQEBCwUAA4IBAQCHbkSIxpA+uiNvyv/J
3j/2/mH4FHbljcNVS1C8BVAB9FLH2MfAjnj+4EJ71OK3NVwIWwK3Eb0KO+bvXrJY
qBO51zDs0xzWmm2J0G7f4l3f/h4XgYzrAmGCmmWuo/iuvyvue5AQbg2q1MNha3MD
JjyBKOukztAIRQiGvNbdLmHVC2t/JWQrMGSmSga2P9cG5ceuaXreHwM6DtQxUS+l
LNHG79QxtVA1PvkvEtUHmxgO+lI7bG9w1DrtlA13yS+Sx3wJWOdlHGwfyjgA7rcI
qq0iwXXjWL4TfMY3IvdDXDZ9YohnrbxD34Tih0zKSp3l2pUCwnCeYPRnDozKQm7s
ovSc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:13 2024 by rpki-client on console-ams.rpki-client.org