Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/aMmHMduYZ-B1Ova9u_loL6K-R1Y.roa
File: aMmHMduYZ-B1Ova9u_loL6K-R1Y.roa (raw, json)
Hash identifier: tYeILDESij/TXhHueinvIf50j/kOPZ2I0HdHb2la9F0=
Subject key identifier: 68:C9:87:31:DB:98:67:E0:75:3A:F6:BD:BB:F9:68:2F:A2:BE:47:56
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 018F05920CFD09BC36908D5ACD64718A14D0
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/aMmHMduYZ-B1Ova9u_loL6K-R1Y.roa
Signing time: Mon 22 Apr 2024 11:30:08 +0000
ROA not before: Mon 22 Apr 2024 11:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 103.76.86.0/24 maxlen: 24
203.189.232.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jul 2024 00:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:92:0c:fd:09:bc:36:90:8d:5a:cd:64:71:8a:14:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Apr 22 11:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68c98731db9867e0753af6bdbbf9682fa2be4756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5f:6e:cb:d4:d4:d0:19:0c:8f:83:10:1d:85:
1e:95:e7:52:ab:66:7a:6c:36:fa:f8:61:e0:bd:53:
6b:e0:30:84:83:1c:bc:72:f6:18:83:3a:7b:76:8a:
08:20:70:94:b8:82:44:ee:7a:9d:ea:b4:76:7e:07:
0d:5f:23:d1:42:a3:13:f7:53:ea:4c:8b:e7:32:61:
57:89:b8:d3:8d:29:38:d4:11:88:40:39:e8:a2:50:
89:69:c5:2c:16:81:81:3b:8b:45:fc:79:e3:ca:a6:
d2:2d:4c:2b:ba:7a:f7:87:7b:32:1c:63:d3:5f:37:
90:03:63:af:b7:27:f3:23:db:1e:48:fb:25:e4:1e:
25:e1:6b:64:6d:f8:45:4f:44:73:aa:b7:bb:9f:9d:
62:fa:dd:76:3a:db:51:6f:cf:8d:87:bc:01:6c:b4:
81:25:ba:52:f8:a1:66:c3:11:46:5c:fe:dc:f9:6c:
54:4d:38:02:fe:84:f3:a3:af:97:ba:0d:06:89:3e:
92:83:a9:5c:75:ce:e8:64:09:72:8e:39:d6:99:90:
09:d2:d5:8a:ee:fb:fd:dc:16:f8:ed:cb:5c:db:6c:
66:5b:e6:ee:9c:e5:c6:05:cf:d5:ac:1c:2a:5f:96:
d9:06:99:fe:32:77:91:92:69:2c:e7:06:ff:03:36:
2c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C9:87:31:DB:98:67:E0:75:3A:F6:BD:BB:F9:68:2F:A2:BE:47:56
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/aMmHMduYZ-B1Ova9u_loL6K-R1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.86.0/24
203.189.232.0/23
Signature Algorithm: sha256WithRSAEncryption
30:60:8e:8d:e0:8a:49:e6:a4:69:89:43:89:57:04:34:fa:d0:
15:85:6e:11:56:7f:6f:6e:e5:68:96:c6:90:37:c6:1b:87:c0:
da:7d:9c:f1:21:6d:f0:26:b0:77:f8:4e:e1:d5:d2:d3:18:3e:
0b:1c:e6:95:d4:05:0c:12:91:bb:0f:41:3e:70:71:5c:3e:3d:
35:09:40:51:2f:db:b1:cc:f4:d2:02:1e:f9:aa:c8:a5:9d:4b:
7c:b4:74:89:09:8c:d9:98:da:14:06:e4:33:47:6a:50:96:9f:
27:f9:07:91:d1:8a:da:ae:cf:70:56:35:24:83:7f:38:c5:ee:
27:40:4a:de:2a:85:5f:fc:b6:b7:ca:44:1f:6b:95:2e:43:1c:
e9:65:55:37:38:11:0d:16:1a:52:01:f4:ef:74:4b:ec:a0:2a:
0e:c9:a7:8c:81:5b:35:e5:70:fc:5d:ef:fe:ec:52:4c:c8:d4:
4a:80:18:a2:2e:9a:a9:b5:78:95:41:cd:a4:dc:17:ff:76:dd:
47:1b:02:0c:6a:4b:dc:fe:5e:40:71:48:17:ea:5a:f6:d9:89:
c6:ca:9c:01:fe:24:50:a4:db:99:07:02:e8:33:50:56:a4:22:
b6:c9:c7:0a:26:3b:25:53:e0:a1:80:66:f8:8f:35:6d:ac:9f:
86:86:d5:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8Fkgz9Cbw2kI1azWRxihTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjQwNDIyMTEzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGM5ODczMWRiOTg2N2UwNzUzYWY2YmRiYmY5NjgyZmEyYmU0NzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF9uy9TU0BkMj4MQHYUeledSq2Z6
bDb6+GHgvVNr4DCEgxy8cvYYgzp7dooIIHCUuIJE7nqd6rR2fgcNXyPRQqMT91Pq
TIvnMmFXibjTjSk41BGIQDnoolCJacUsFoGBO4tF/HnjyqbSLUwrunr3h3syHGPT
XzeQA2OvtyfzI9seSPsl5B4l4WtkbfhFT0Rzqre7n51i+t12OttRb8+Nh7wBbLSB
JbpS+KFmwxFGXP7c+WxUTTgC/oTzo6+Xug0GiT6Sg6lcdc7oZAlyjjnWmZAJ0tWK
7vv93Bb47ctc22xmW+bunOXGBc/VrBwqX5bZBpn+MneRkmks5wb/AzYswQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGjJhzHbmGfgdTr2vbv5aC+ivkdWMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvYU1tSE1kdVlaLUIxT3ZhOXVfbG9MNkstUjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ0xWAwQB
y73oMA0GCSqGSIb3DQEBCwUAA4IBAQAwYI6N4IpJ5qRpiUOJVwQ0+tAVhW4RVn9v
buVolsaQN8Ybh8DafZzxIW3wJrB3+E7h1dLTGD4LHOaV1AUMEpG7D0E+cHFcPj01
CUBRL9uxzPTSAh75qsilnUt8tHSJCYzZmNoUBuQzR2pQlp8n+QeR0Yrars9wVjUk
g384xe4nQEreKoVf/La3ykQfa5UuQxzpZVU3OBENFhpSAfTvdEvsoCoOyaeMgVs1
5XD8Xe/+7FJMyNRKgBiiLpqptXiVQc2k3Bf/dt1HGwIMakvc/l5AcUgX6lr22YnG
ypwB/iRQpNuZBwLoM1BWpCK2yccKJjslU+ChgGb4jzVtrJ+GhtVJ
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:57:45 2024 by rpki-client on console-ams.rpki-client.org