Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/dWZ8qlPufNzuQ22cO7l6t704wfY.roa
File: dWZ8qlPufNzuQ22cO7l6t704wfY.roa (raw, json)
Hash identifier: hbgGvl0mFssWzFrRThK5O8o59qqc1469klJG0iPF1VQ=
Subject key identifier: 75:66:7C:AA:53:EE:7C:DC:EE:43:6D:9C:3B:B9:7A:B7:BD:38:C1:F6
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 0185718301A78F414E60544D5BEFA17ED25C
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/dWZ8qlPufNzuQ22cO7l6t704wfY.roa
Signing time: Mon 02 Jan 2023 08:04:49 +0000
ROA not before: Mon 02 Jan 2023 08:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150452
IP address blocks: 103.76.85.0/24 maxlen: 24
103.76.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Apr 2023 10:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:01:a7:8f:41:4e:60:54:4d:5b:ef:a1:7e:d2:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Jan 2 08:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75667caa53ee7cdcee436d9c3bb97ab7bd38c1f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2f:96:84:bc:75:ec:44:bd:d7:92:97:af:33:
cf:d4:fd:62:57:ca:be:6f:46:fe:07:21:f9:41:00:
48:1a:b2:a4:41:77:41:f9:8d:06:ec:90:a8:8e:36:
fb:78:19:42:33:ed:f6:00:ad:ad:8a:34:34:9a:d4:
ac:a5:83:44:a6:c1:d7:ac:d9:bb:55:84:0a:82:bc:
86:14:46:cc:61:dd:c3:b9:21:50:30:09:16:02:8a:
bd:5d:3f:d1:51:29:44:20:f2:f0:a0:25:38:26:20:
8d:1c:45:9a:4b:54:27:c2:df:4e:8e:6b:28:fa:7a:
00:ff:cd:70:57:3c:e6:88:63:5f:96:34:0c:33:6f:
de:92:0b:d8:16:b4:cf:db:0e:45:52:57:f1:75:33:
8d:66:dd:76:81:a2:05:bb:60:71:d8:86:e0:15:64:
cb:9a:07:90:a3:7b:01:54:d0:9f:4e:34:a4:4a:1b:
2c:e0:ae:f8:f3:65:ca:86:86:8a:01:16:29:42:9c:
e6:31:08:c3:ea:33:1c:49:29:a6:b5:84:7f:62:ce:
cd:fa:08:ba:fd:94:32:57:c2:f4:9c:4c:63:31:bb:
00:60:43:c1:55:e1:86:99:68:4b:63:25:f9:e7:18:
21:a6:c3:a4:30:91:cd:cb:31:9e:f5:80:cd:f1:ee:
18:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:66:7C:AA:53:EE:7C:DC:EE:43:6D:9C:3B:B9:7A:B7:BD:38:C1:F6
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/dWZ8qlPufNzuQ22cO7l6t704wfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.85.0/24
103.76.87.0/24
Signature Algorithm: sha256WithRSAEncryption
37:cb:67:3f:b1:f8:7a:e6:26:a2:02:bc:58:3c:ee:b8:4d:81:
93:6c:a3:cb:16:41:0c:45:13:5e:d4:ce:86:bb:3f:c6:b6:e6:
12:5a:3a:d5:ca:a4:92:9d:54:a2:af:15:04:06:90:34:0f:71:
6f:6b:5c:a2:f3:46:07:c2:63:ff:bf:6e:1e:67:ef:8b:f1:1b:
26:29:70:43:0f:ab:d7:81:55:2e:f4:dd:af:04:09:6f:c0:5c:
8f:7a:ef:74:ff:8d:82:f4:68:bb:08:18:a9:51:0e:81:ef:33:
16:eb:86:ac:e6:fb:6e:b1:89:a2:c8:2f:85:36:91:5a:a6:5f:
de:c0:30:b0:32:e9:eb:5e:7a:f9:78:4f:96:58:d6:c0:67:c7:
fe:17:54:15:73:63:1b:27:28:7a:5b:59:bd:39:ce:52:1b:cc:
a0:f1:1d:ae:2c:11:5c:bb:7b:4e:52:3a:86:50:15:ed:c0:37:
c3:06:4c:36:2f:dc:40:8b:22:51:c8:1a:72:4a:05:3e:b5:ed:
36:e7:f2:20:9d:e0:ea:46:ea:23:86:25:a6:87:c0:0a:d1:cf:
14:c6:26:75:4a:2b:5e:e6:b2:f5:7a:81:36:b8:4c:24:08:e8:
e4:98:7c:9d:b0:2f:47:77:67:13:ce:1e:71:94:e4:3f:3b:e9:
cc:27:e3:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxgwGnj0FOYFRNW++hftJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjMwMTAyMDgwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTY2N2NhYTUzZWU3Y2RjZWU0MzZkOWMzYmI5N2FiN2JkMzhjMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgi+WhLx17ES915KXrzPP1P1iV8q+
b0b+ByH5QQBIGrKkQXdB+Y0G7JCojjb7eBlCM+32AK2tijQ0mtSspYNEpsHXrNm7
VYQKgryGFEbMYd3DuSFQMAkWAoq9XT/RUSlEIPLwoCU4JiCNHEWaS1Qnwt9Ojmso
+noA/81wVzzmiGNfljQMM2/ekgvYFrTP2w5FUlfxdTONZt12gaIFu2Bx2IbgFWTL
mgeQo3sBVNCfTjSkShss4K7482XKhoaKARYpQpzmMQjD6jMcSSmmtYR/Ys7N+gi6
/ZQyV8L0nExjMbsAYEPBVeGGmWhLYyX55xghpsOkMJHNyzGe9YDN8e4YUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHVmfKpT7nzc7kNtnDu5ere9OMH2MB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvZFdaOHFsUHVmTnp1UTIyY083bDZ0NzA0d2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ0xVAwQA
Z0xXMA0GCSqGSIb3DQEBCwUAA4IBAQA3y2c/sfh65iaiArxYPO64TYGTbKPLFkEM
RRNe1M6Guz/GtuYSWjrVyqSSnVSirxUEBpA0D3Fva1yi80YHwmP/v24eZ++L8Rsm
KXBDD6vXgVUu9N2vBAlvwFyPeu90/42C9Gi7CBipUQ6B7zMW64as5vtusYmiyC+F
NpFapl/ewDCwMunrXnr5eE+WWNbAZ8f+F1QVc2MbJyh6W1m9Oc5SG8yg8R2uLBFc
u3tOUjqGUBXtwDfDBkw2L9xAiyJRyBpySgU+te025/IgneDqRuojhiWmh8AK0c8U
xiZ1Site5rL1eoE2uEwkCOjkmHydsC9Hd2cTzh5xlOQ/O+nMJ+P6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:33 2024 by rpki-client on console-fra.rpki-client.org