Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/Q_O_Sa8RpxMzdwTsI7R_my56viw.roa
File: Q_O_Sa8RpxMzdwTsI7R_my56viw.roa (raw, json)
Hash identifier: DPh+jO/SMjjoDvEWlHu+MWKjuT4wV+xZT+7mpuDNj8s=
Subject key identifier: 43:F3:BF:49:AF:11:A7:13:33:77:04:EC:23:B4:7F:9B:2E:7A:BE:2C
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 018CCA2A25F2FC3313D848C8619282AB8573
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/Q_O_Sa8RpxMzdwTsI7R_my56viw.roa
Signing time: Tue 02 Jan 2024 12:33:28 +0000
ROA not before: Tue 02 Jan 2024 12:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138915
IP address blocks: 103.213.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 19:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:25:f2:fc:33:13:d8:48:c8:61:92:82:ab:85:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Jan 2 12:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43f3bf49af11a713337704ec23b47f9b2e7abe2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:aa:87:f6:2d:98:43:ba:1e:a9:ee:08:b1:b3:
4c:ec:4d:73:77:8c:63:93:b5:0c:4c:3a:9b:7f:b0:
16:be:b2:04:1a:7b:bb:d8:3c:b7:90:67:79:60:ef:
88:fc:0b:40:a7:54:73:f0:ee:b0:8c:70:52:04:d8:
4c:01:c4:7f:fd:5f:75:7f:93:e5:9d:a6:45:37:11:
70:69:f2:8d:93:de:9e:28:20:b1:d6:25:46:98:67:
23:61:bb:d6:e0:66:c2:05:17:b8:8d:b8:17:af:1f:
5e:19:31:2a:0d:8b:b2:19:9c:af:d7:5b:1c:f8:19:
25:8b:8d:87:77:94:03:c4:af:30:71:b9:02:58:09:
85:8a:b8:d5:22:c4:c4:3b:1c:28:bb:b8:6f:b5:6a:
2a:87:8a:ab:75:2a:79:1a:a0:71:4c:35:a4:58:51:
6e:d0:c5:c5:13:30:38:41:31:f4:d1:c3:0e:35:41:
79:d8:2a:22:01:93:5f:5c:c2:30:25:3d:5f:22:ea:
41:f9:a3:f5:0c:53:6c:0e:73:7f:8c:17:a6:cc:e3:
22:ce:b4:9c:d4:b0:70:f2:9d:8f:40:e1:a7:c6:0c:
dd:c5:bf:89:6d:a6:24:b6:32:4a:bf:46:c7:7e:e9:
50:18:09:ed:01:6d:4f:53:17:2f:76:f2:16:88:94:
b6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F3:BF:49:AF:11:A7:13:33:77:04:EC:23:B4:7F:9B:2E:7A:BE:2C
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/Q_O_Sa8RpxMzdwTsI7R_my56viw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.213.248.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:5b:80:ec:ab:f9:77:46:5e:6f:af:36:59:a1:29:6d:cb:94:
51:33:df:e0:a4:ae:3f:d1:8d:db:6b:c9:61:48:3d:d8:ab:5f:
cf:73:4e:30:cf:0f:61:fe:eb:b3:f1:92:0c:84:8b:67:db:fa:
f2:07:e7:50:f5:66:0e:23:f0:e6:ed:7e:cd:29:a3:aa:e7:b5:
33:6d:4c:fc:27:ea:fb:cf:e8:b9:c3:50:bc:d5:f3:94:42:1c:
e1:d8:1f:f7:3f:2c:bd:11:e6:94:78:3a:6b:d9:48:41:00:9b:
58:d0:f2:ef:e1:88:22:f2:f3:52:72:bc:79:28:2d:95:8e:7a:
47:0f:8e:49:c6:45:00:65:cf:ba:d8:65:2b:f6:89:42:84:4d:
f0:1d:58:60:15:60:bd:10:10:c6:ec:d1:1f:a7:0e:0d:f7:85:
63:fe:91:df:87:ca:3b:76:f8:6f:7d:a1:83:c1:4d:8b:2a:97:
20:eb:6e:d2:a3:e2:bb:77:e1:1a:26:fd:6e:57:7a:c0:bd:85:
7e:aa:cc:d3:a2:1d:d3:0c:a5:a4:02:90:5c:77:e5:f7:f8:43:
38:9c:0e:51:9d:32:55:22:d2:dc:c2:d4:fc:86:07:d2:fb:46:
44:3a:33:ea:bc:ec:e7:d2:b0:92:f1:0b:28:66:6e:c3:6c:37:
ff:87:d6:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKiXy/DMT2EjIYZKCq4VzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjQwMTAyMTIzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2YzYmY0OWFmMTFhNzEzMzM3NzA0ZWMyM2I0N2Y5YjJlN2FiZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKqH9i2YQ7oeqe4IsbNM7E1zd4xj
k7UMTDqbf7AWvrIEGnu72Dy3kGd5YO+I/AtAp1Rz8O6wjHBSBNhMAcR//V91f5Pl
naZFNxFwafKNk96eKCCx1iVGmGcjYbvW4GbCBRe4jbgXrx9eGTEqDYuyGZyv11sc
+Bkli42Hd5QDxK8wcbkCWAmFirjVIsTEOxwou7hvtWoqh4qrdSp5GqBxTDWkWFFu
0MXFEzA4QTH00cMONUF52CoiAZNfXMIwJT1fIupB+aP1DFNsDnN/jBemzOMizrSc
1LBw8p2PQOGnxgzdxb+JbaYktjJKv0bHfulQGAntAW1PUxcvdvIWiJS2rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPzv0mvEacTM3cE7CO0f5suer4sMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvUV9PX1NhOFJweE16ZHdUc0k3Ul9teTU2dml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ9X4MA0G
CSqGSIb3DQEBCwUAA4IBAQA/W4Dsq/l3Rl5vrzZZoSlty5RRM9/gpK4/0Y3ba8lh
SD3Yq1/Pc04wzw9h/uuz8ZIMhItn2/ryB+dQ9WYOI/Dm7X7NKaOq57UzbUz8J+r7
z+i5w1C81fOUQhzh2B/3Pyy9EeaUeDpr2UhBAJtY0PLv4Ygi8vNScrx5KC2VjnpH
D45JxkUAZc+62GUr9olChE3wHVhgFWC9EBDG7NEfpw4N94Vj/pHfh8o7dvhvfaGD
wU2LKpcg627So+K7d+EaJv1uV3rAvYV+qszToh3TDKWkApBcd+X3+EM4nA5RnTJV
ItLcwtT8hgfS+0ZEOjPqvOzn0rCS8QsoZm7DbDf/h9aA
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:31 2024 by rpki-client on console-ams.rpki-client.org