Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/1qLDGvu614XwhH12DeZUijIO-C8.roa
File: 1qLDGvu614XwhH12DeZUijIO-C8.roa (raw, json)
Hash identifier: MARIpIcvOPGDXhXsQ3Oo88D36Xoo5hSwlAsYa8pzpro=
Subject key identifier: D6:A2:C3:1A:FB:BA:D7:85:F0:84:7D:76:0D:E6:54:8A:32:0E:F8:2F
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 018683778BA75A71F160CC56A9303072CB14
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/1qLDGvu614XwhH12DeZUijIO-C8.roa
Signing time: Fri 24 Feb 2023 12:48:15 +0000
ROA not before: Fri 24 Feb 2023 12:48:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147001
IP address blocks: 103.76.86.0/23 maxlen: 24
103.76.87.0/24 maxlen: 24
2a0f:6700::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:83:77:8b:a7:5a:71:f1:60:cc:56:a9:30:30:72:cb:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Feb 24 12:48:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6a2c31afbbad785f0847d760de6548a320ef82f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cf:a4:3e:ff:e0:f7:17:e5:98:0e:61:71:ff:
1a:f6:b7:88:37:5e:b3:0e:af:12:80:71:d4:51:ee:
5f:08:6b:ab:49:b7:b8:93:b1:3d:3d:cc:71:81:f1:
a1:f1:47:de:3f:49:11:79:90:bd:60:d5:4a:2e:4e:
5d:18:6b:df:95:5b:5a:43:65:eb:1b:c2:4e:27:db:
a8:08:ac:9a:65:67:f0:44:4a:ff:61:d6:14:bb:a2:
e1:5a:66:b3:38:10:f6:49:16:7b:d0:b3:1d:88:36:
66:26:04:7d:bb:69:e8:0b:57:9d:53:28:79:65:a7:
ee:d6:b2:5d:a3:63:77:cc:f6:57:3e:d5:c0:79:07:
85:04:b8:2f:5e:f1:e4:4e:73:a8:6d:c0:df:f8:3c:
23:39:67:d4:3b:49:77:c3:6b:cf:83:41:c8:1c:7b:
4a:91:0f:d9:0c:d8:44:36:12:a4:53:e3:12:35:0f:
cb:54:96:28:b2:19:d6:4e:b4:00:6a:61:a9:d9:4b:
09:fb:95:0f:81:d4:0f:4a:fe:ab:b8:21:62:fa:9a:
60:bf:14:af:14:0d:2b:12:8f:f1:7c:e5:4a:ef:25:
f2:e9:79:6b:23:11:4c:7e:6f:c1:c7:4a:67:c0:2e:
03:ba:8f:a7:65:86:a9:8f:1d:f5:2a:e8:71:ca:3e:
ca:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A2:C3:1A:FB:BA:D7:85:F0:84:7D:76:0D:E6:54:8A:32:0E:F8:2F
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/1qLDGvu614XwhH12DeZUijIO-C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.86.0/23
IPv6:
2a0f:6700::/29
Signature Algorithm: sha256WithRSAEncryption
61:a8:31:59:0b:e6:e6:03:98:79:14:48:c1:c6:51:e1:4e:3b:
2e:a1:87:56:44:33:bc:77:b6:16:b3:2d:21:13:fe:97:7a:f1:
46:c1:69:40:cc:0d:a5:7c:85:bb:13:df:69:b9:c8:6c:5c:43:
a2:9a:d9:56:b4:66:9b:45:0e:5b:3d:3a:b3:81:d6:27:a6:39:
23:ce:44:06:1c:b8:c0:26:b7:97:ce:6e:ec:6d:09:eb:d3:a2:
9c:0d:b2:c3:e9:bf:7a:ab:ce:67:3f:10:a8:51:e5:21:85:70:
2a:69:f5:4a:de:10:fe:3d:5e:1b:d9:c2:e6:92:eb:d2:77:1d:
e7:70:d2:a4:85:a8:01:46:45:23:c6:83:0d:66:6d:c3:a4:7f:
49:c6:7b:2f:c8:60:75:1b:2f:95:78:8e:3d:7e:89:c7:a7:e0:
09:52:91:99:c9:e8:ca:ba:9e:0d:f5:4f:64:86:7c:48:7c:c4:
fb:d6:b3:2c:fc:aa:77:28:93:67:42:16:d6:be:52:d7:9c:1d:
cf:b7:09:a2:ba:89:a3:e4:1d:f0:3e:8b:af:ee:24:a3:1c:a4:
d7:5b:28:68:f4:cd:2b:54:7a:7e:c5:a9:ca:b5:0d:48:23:af:
44:ff:c2:53:d8:ef:15:36:93:e4:2b:21:3d:c1:02:4b:f0:ec:
a8:ee:fd:05
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaDd4unWnHxYMxWqTAwcssUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjMwMjI0MTI0ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmEyYzMxYWZiYmFkNzg1ZjA4NDdkNzYwZGU2NTQ4YTMyMGVmODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM+kPv/g9xflmA5hcf8a9reIN16z
Dq8SgHHUUe5fCGurSbe4k7E9PcxxgfGh8UfeP0kReZC9YNVKLk5dGGvflVtaQ2Xr
G8JOJ9uoCKyaZWfwREr/YdYUu6LhWmazOBD2SRZ70LMdiDZmJgR9u2noC1edUyh5
Zafu1rJdo2N3zPZXPtXAeQeFBLgvXvHkTnOobcDf+DwjOWfUO0l3w2vPg0HIHHtK
kQ/ZDNhENhKkU+MSNQ/LVJYoshnWTrQAamGp2UsJ+5UPgdQPSv6ruCFi+ppgvxSv
FA0rEo/xfOVK7yXy6XlrIxFMfm/Bx0pnwC4Duo+nZYapjx31Kuhxyj7KzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNaiwxr7uteF8IR9dg3mVIoyDvgvMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvMXFMREd2dTYxNFh3aEgxMkRlWlVpaklPLUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ0xWMA0E
AgACMAcDBQMqD2cAMA0GCSqGSIb3DQEBCwUAA4IBAQBhqDFZC+bmA5h5FEjBxlHh
TjsuoYdWRDO8d7YWsy0hE/6XevFGwWlAzA2lfIW7E99puchsXEOimtlWtGabRQ5b
PTqzgdYnpjkjzkQGHLjAJreXzm7sbQnr06KcDbLD6b96q85nPxCoUeUhhXAqafVK
3hD+PV4b2cLmkuvSdx3ncNKkhagBRkUjxoMNZm3DpH9JxnsvyGB1Gy+VeI49fonH
p+AJUpGZyejKup4N9U9khnxIfMT71rMs/Kp3KJNnQhbWvlLXnB3Ptwmiuomj5B3w
Pouv7iSjHKTXWyho9M0rVHp+xanKtQ1II69E/8JT2O8VNpPkKyE9wQJL8Oyo7v0F
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:41 2023 by rpki-client on console-ams.rpki-client.org