Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/apSuseSB93yt3oak1vQ04zmN8D0.roa
File: apSuseSB93yt3oak1vQ04zmN8D0.roa (raw, json)
Hash identifier: njPZSMybLUD7jVYmHLRd4WIzFU90lZxXFV66AS+4svY=
Subject key identifier: 6A:94:AE:B1:E4:81:F7:7C:AD:DE:86:A4:D6:F4:34:E3:39:8D:F0:3D
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 0193297D7C8734CA8A816AB41907A2BBF58A
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/apSuseSB93yt3oak1vQ04zmN8D0.roa
Signing time: Thu 14 Nov 2024 07:05:09 +0000
ROA not before: Thu 14 Nov 2024 07:05:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.216.172.0/24 maxlen: 24
103.216.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Nov 2024 11:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:29:7d:7c:87:34:ca:8a:81:6a:b4:19:07:a2:bb:f5:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Nov 14 07:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a94aeb1e481f77cadde86a4d6f434e3398df03d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d4:7e:a8:49:df:12:ba:6f:7e:5a:e4:65:c4:
8e:c8:f5:3a:b3:db:63:7c:30:b5:2b:02:4e:1d:81:
64:c8:a7:43:e7:df:9e:0a:ec:85:e5:f9:80:67:83:
b3:b7:a2:20:e2:7e:22:2a:c8:b6:6d:17:6a:22:df:
13:91:78:08:d8:8d:f0:42:12:e9:33:1b:70:9d:80:
d5:8f:6f:b9:ab:d7:3d:04:09:01:e3:09:e2:2b:db:
bb:1a:8e:7c:26:d4:a0:93:8a:5c:d3:fb:b6:7e:26:
3f:b6:1f:ca:3b:49:b3:41:bf:b1:f1:9c:26:c1:b5:
b7:c6:67:27:eb:6a:27:bc:8a:79:77:41:57:e9:1f:
00:27:45:53:1a:79:54:7e:45:ea:c8:59:07:ed:97:
1d:5a:a4:f2:52:13:3c:86:87:80:ac:bc:a4:e3:38:
38:da:06:13:8b:5a:92:18:41:c6:48:78:e6:d7:78:
18:a6:1f:65:9c:98:a9:e4:fb:98:3e:9b:ee:08:09:
71:1f:b7:bc:e8:79:45:6e:11:0e:a0:2b:86:a1:a4:
6b:05:bd:a9:0c:8d:4f:16:d0:c1:ed:9f:03:f0:fc:
70:25:dc:22:f6:90:cd:fd:22:0d:61:b2:80:0b:e2:
4d:e6:d4:d4:59:be:82:21:1c:c3:bb:84:72:12:2d:
76:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:94:AE:B1:E4:81:F7:7C:AD:DE:86:A4:D6:F4:34:E3:39:8D:F0:3D
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/apSuseSB93yt3oak1vQ04zmN8D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.216.172.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:95:6d:3c:92:59:92:57:f7:90:b3:d4:56:32:33:43:3f:f5:
a7:3d:f6:ac:be:76:38:a2:5d:55:46:f1:76:6a:87:23:d9:21:
49:83:16:71:76:24:c1:e2:be:fe:44:53:90:a2:1c:ab:30:64:
6b:9f:14:6f:9e:2b:ce:e7:df:a4:b4:32:cd:d2:75:43:5c:8e:
05:9f:35:bc:8e:2c:bf:67:e8:32:07:ef:64:0f:43:78:74:f7:
b8:d1:7c:d9:d2:a1:ae:53:31:cc:a9:4a:4d:75:c2:4c:77:da:
86:dc:2c:2a:a3:8d:cb:11:86:d4:91:ef:33:ce:48:cf:7c:d0:
ab:8e:19:f6:bb:c7:58:ab:2f:8e:fa:9e:f3:a9:c6:86:39:17:
9a:5e:a0:aa:e7:ac:fc:5c:07:3f:bc:ce:42:b6:d3:ef:73:9e:
82:8c:f5:5b:6d:c1:09:2e:25:f8:f1:01:62:ba:82:8f:08:47:
45:a3:e3:7a:32:21:70:81:8b:39:41:51:66:38:f6:f1:33:ff:
f0:df:d7:1c:5c:2a:4d:d0:88:95:fb:5c:bc:0f:ce:0f:22:fb:
de:07:d1:cb:e0:44:75:78:7b:a1:14:47:69:06:d0:ad:22:a4:
cc:0a:ef:39:99:10:d0:e9:5a:f2:e8:d0:e4:34:78:8a:fa:29:
a5:ed:ff:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMpfXyHNMqKgWq0GQeiu/WKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjQxMTE0MDcwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTk0YWViMWU0ODFmNzdjYWRkZTg2YTRkNmY0MzRlMzM5OGRmMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9R+qEnfErpvflrkZcSOyPU6s9tj
fDC1KwJOHYFkyKdD59+eCuyF5fmAZ4Ozt6Ig4n4iKsi2bRdqIt8TkXgI2I3wQhLp
MxtwnYDVj2+5q9c9BAkB4wniK9u7Go58JtSgk4pc0/u2fiY/th/KO0mzQb+x8Zwm
wbW3xmcn62onvIp5d0FX6R8AJ0VTGnlUfkXqyFkH7ZcdWqTyUhM8hoeArLyk4zg4
2gYTi1qSGEHGSHjm13gYph9lnJip5PuYPpvuCAlxH7e86HlFbhEOoCuGoaRrBb2p
DI1PFtDB7Z8D8PxwJdwi9pDN/SINYbKAC+JN5tTUWb6CIRzDu4RyEi12swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqUrrHkgfd8rd6GpNb0NOM5jfA9MB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvYXBTdXNlU0I5M3l0M29hazF2UTA0em1OOEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ9isMA0G
CSqGSIb3DQEBCwUAA4IBAQA9lW08klmSV/eQs9RWMjNDP/WnPfasvnY4ol1VRvF2
aocj2SFJgxZxdiTB4r7+RFOQohyrMGRrnxRvnivO59+ktDLN0nVDXI4FnzW8jiy/
Z+gyB+9kD0N4dPe40XzZ0qGuUzHMqUpNdcJMd9qG3Cwqo43LEYbUke8zzkjPfNCr
jhn2u8dYqy+O+p7zqcaGOReaXqCq56z8XAc/vM5CttPvc56CjPVbbcEJLiX48QFi
uoKPCEdFo+N6MiFwgYs5QVFmOPbxM//w39ccXCpN0IiV+1y8D84PIvveB9HL4ER1
eHuhFEdpBtCtIqTMCu85mRDQ6Vry6NDkNHiK+iml7f85
-----END CERTIFICATE-----
Generated at Sat Nov 16 13:54:38 2024 by rpki-client on console-fra.rpki-client.org