Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/5Zk1leigYiNrtSSOAyOYd5sojM4.roa
File: 5Zk1leigYiNrtSSOAyOYd5sojM4.roa (raw, json)
Hash identifier: c7FXbpULvesbeT0rQ5NCR78XgUY6ZRon0kljDezabHo=
Subject key identifier: E5:99:35:95:E8:A0:62:23:6B:B5:24:8E:03:23:98:77:9B:28:8C:CE
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 018E40AF2A1F81023655177EDBE8367DB8C4
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/5Zk1leigYiNrtSSOAyOYd5sojM4.roa
Signing time: Fri 15 Mar 2024 05:56:45 +0000
ROA not before: Fri 15 Mar 2024 05:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 103.76.85.0/24 maxlen: 24
103.76.86.0/24 maxlen: 24
203.189.232.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Apr 2024 11:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:40:af:2a:1f:81:02:36:55:17:7e:db:e8:36:7d:b8:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Mar 15 05:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5993595e8a062236bb5248e032398779b288cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f8:66:62:21:67:d5:fb:5f:40:a3:4b:2b:d3:
70:57:63:c4:17:46:f2:eb:36:6b:5b:a5:d9:04:18:
d1:c1:f5:eb:ad:41:e3:4d:85:3f:92:46:3d:51:99:
de:97:6b:e2:49:9f:5b:e4:4e:17:0d:4a:4d:d7:80:
df:c4:4c:0b:0d:7f:84:97:d7:9e:d0:7c:f7:93:87:
12:17:61:92:28:a5:3c:e2:93:f4:14:d0:c2:fe:18:
00:1d:b9:9c:d0:61:e4:b4:37:a1:c8:d8:b0:46:c0:
94:b9:b3:52:86:bb:66:4d:5d:d6:88:5f:c5:8e:c2:
eb:02:2f:28:f0:a0:0a:3f:9b:ed:9b:43:b6:20:65:
a1:59:46:57:ef:ca:3c:6e:9f:c2:4f:00:81:0e:71:
27:90:d0:ca:a1:d1:56:5b:ce:b1:57:4c:d9:22:4f:
34:20:3e:9e:1d:94:fb:c1:c6:59:00:51:52:2b:61:
60:98:2a:0d:7b:62:40:6f:44:d9:80:19:9d:f6:9c:
90:23:74:f8:99:10:31:65:ce:ff:fa:55:36:ec:06:
82:e3:74:66:42:3c:a5:ba:6d:43:9c:2b:4b:8c:b9:
98:8d:02:ba:28:c9:08:0c:55:7b:89:d6:48:ec:6e:
6c:58:5d:f0:eb:aa:bd:28:80:e8:4d:d8:77:ed:7c:
ae:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:99:35:95:E8:A0:62:23:6B:B5:24:8E:03:23:98:77:9B:28:8C:CE
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/5Zk1leigYiNrtSSOAyOYd5sojM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.85.0-103.76.86.255
203.189.232.0/23
Signature Algorithm: sha256WithRSAEncryption
63:b8:64:78:ef:62:45:29:b8:cc:ed:c7:b1:2e:28:c3:12:bd:
60:d9:fb:1f:81:dd:c0:bb:dc:85:7a:78:52:99:f3:c7:94:28:
ff:71:ed:b5:c8:ed:a3:bb:e1:8e:00:b8:9a:19:76:aa:79:23:
53:8c:b5:47:a6:d1:fa:3c:d1:94:af:b1:aa:29:ae:d3:fd:94:
37:96:b0:2b:57:8c:da:68:7b:68:6b:b9:d5:25:a5:a4:b5:85:
49:51:85:2c:60:82:3a:78:b6:9e:8c:d3:75:1e:db:78:b6:a9:
94:37:0d:f5:7e:64:0e:26:cc:b2:6c:33:64:95:6b:67:a1:f8:
61:13:e5:4e:15:ed:1e:da:62:59:32:5a:12:f8:6b:7c:a7:75:
39:ce:f4:95:6a:81:95:72:d8:70:34:4a:40:c8:bc:69:4b:52:
ea:fa:eb:b8:c4:fc:d0:90:f5:6d:16:76:eb:dd:27:47:a2:70:
e0:72:c1:64:4f:83:2d:0c:fa:c6:4f:af:91:b9:bb:45:8e:10:
63:2a:a5:86:24:eb:d9:18:f1:ab:c6:9c:70:ff:97:ed:13:49:
9e:0d:2a:7f:7f:46:c6:00:2d:e9:07:0f:45:96:68:aa:80:00:
4b:c7:ab:54:c4:90:46:dd:a5:99:c9:22:88:0b:3b:75:68:88:
6e:73:eb:08
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY5AryofgQI2VRd+2+g2fbjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjQwMzE1MDU1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTk5MzU5NWU4YTA2MjIzNmJiNTI0OGUwMzIzOTg3NzliMjg4Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPhmYiFn1ftfQKNLK9NwV2PEF0by
6zZrW6XZBBjRwfXrrUHjTYU/kkY9UZnel2viSZ9b5E4XDUpN14DfxEwLDX+El9ee
0Hz3k4cSF2GSKKU84pP0FNDC/hgAHbmc0GHktDehyNiwRsCUubNShrtmTV3WiF/F
jsLrAi8o8KAKP5vtm0O2IGWhWUZX78o8bp/CTwCBDnEnkNDKodFWW86xV0zZIk80
ID6eHZT7wcZZAFFSK2FgmCoNe2JAb0TZgBmd9pyQI3T4mRAxZc7/+lU27AaC43Rm
Qjylum1DnCtLjLmYjQK6KMkIDFV7idZI7G5sWF3w66q9KIDoTdh37Xyu1wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOWZNZXooGIja7UkjgMjmHebKIzOMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvNVprMWxlaWdZaU5ydFNTT0F5T1lkNXNvak00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABnTFUD
BABnTFYDBAHLvegwDQYJKoZIhvcNAQELBQADggEBAGO4ZHjvYkUpuMztx7EuKMMS
vWDZ+x+B3cC73IV6eFKZ88eUKP9x7bXI7aO74Y4AuJoZdqp5I1OMtUem0fo80ZSv
saoprtP9lDeWsCtXjNpoe2hrudUlpaS1hUlRhSxggjp4tp6M03Ue23i2qZQ3DfV+
ZA4mzLJsM2SVa2eh+GET5U4V7R7aYlkyWhL4a3yndTnO9JVqgZVy2HA0SkDIvGlL
Uur667jE/NCQ9W0WduvdJ0eicOBywWRPgy0M+sZPr5G5u0WOEGMqpYYk69kY8avG
nHD/l+0TSZ4NKn9/RsYALekHD0WWaKqAAEvHq1TEkEbdpZnJIogLO3VoiG5z6wg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:34 2024 by rpki-client on console-ams.rpki-client.org