Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/AoZXEt5cpq7ylVfZcBtD-hTpweU.roa
File: AoZXEt5cpq7ylVfZcBtD-hTpweU.roa (raw, json)
Hash identifier: xRD1mck4MY6TPuUIxbidQFQ64ZeT3lgZoBuCR1GieIY=
Subject key identifier: 02:86:57:12:DE:5C:A6:AE:F2:95:57:D9:70:1B:43:FA:14:E9:C1:E5
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018D46582A83AA15F76B645A6375D0F68A79
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/AoZXEt5cpq7ylVfZcBtD-hTpweU.roa
Signing time: Fri 26 Jan 2024 15:16:39 +0000
ROA not before: Fri 26 Jan 2024 15:16:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.156.222.0/24 maxlen: 24
103.211.102.0/24 maxlen: 24
103.211.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 06:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:46:58:2a:83:aa:15:f7:6b:64:5a:63:75:d0:f6:8a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 26 15:16:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02865712de5ca6aef29557d9701b43fa14e9c1e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f6:5f:b6:d3:6d:d0:12:15:49:6c:38:0a:f4:
f7:0d:7e:5b:76:1a:34:6e:b2:c4:ea:2d:d3:65:02:
44:73:32:22:78:e9:3d:6d:d2:91:f0:f2:ea:45:54:
56:be:53:f0:bf:69:89:06:9a:0f:07:55:fc:59:00:
df:d1:c8:df:9a:21:2a:be:48:36:2e:40:c4:d1:7e:
a9:ca:10:e4:82:8c:5a:ee:32:17:46:8e:13:f7:5d:
05:5f:9b:ac:d9:da:07:c3:89:a0:79:0b:82:b5:fc:
f9:63:fc:95:22:32:52:a6:9d:d9:6f:c1:74:0d:7c:
c7:bb:f0:c7:ec:aa:a1:c4:db:a4:02:a0:5f:67:4f:
8d:d9:ac:22:cd:1c:e5:e4:82:cb:d9:95:03:0a:e7:
26:3a:61:fc:34:3f:90:b6:d6:f6:b1:9e:a6:61:33:
df:a7:0d:6e:e1:99:ed:c0:b9:16:0c:54:24:c1:86:
72:de:6a:e4:61:4f:1b:98:0a:d2:97:fa:28:cb:67:
98:b1:32:9b:54:b4:51:4e:72:1f:d3:bc:fd:9d:25:
67:1d:be:19:b2:94:7e:27:46:50:ea:bf:00:43:3b:
16:fd:60:c9:0c:9b:37:95:25:ef:5f:0b:88:c1:8d:
36:18:83:44:fd:01:2d:2c:73:72:d7:cb:b8:27:ba:
20:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:86:57:12:DE:5C:A6:AE:F2:95:57:D9:70:1B:43:FA:14:E9:C1:E5
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/AoZXEt5cpq7ylVfZcBtD-hTpweU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.222.0/24
103.211.102.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:3b:d6:fb:ba:5a:57:1a:b6:42:51:76:d1:3f:30:9d:5d:87:
f2:05:51:70:9f:5e:df:20:aa:0f:8b:b6:f1:26:f5:bf:d0:a1:
82:60:34:1f:e4:fd:4c:54:10:c4:43:0c:07:70:c6:7b:57:b2:
82:bc:4a:51:7a:11:99:6f:79:23:15:70:bc:55:b0:7a:18:5a:
61:0c:ef:c2:65:18:3c:dc:f7:23:cd:67:58:62:e6:06:91:c8:
b9:e8:e3:f8:47:e5:ef:e0:07:47:56:a3:72:68:f7:d7:38:51:
12:43:61:77:9d:f4:cf:d1:7d:e4:d1:75:8c:42:0d:e0:a0:59:
87:a0:12:ae:04:ee:08:6d:91:d9:46:0d:cd:1c:96:86:ec:9e:
27:9a:eb:eb:35:d5:1b:2f:30:ed:02:ca:85:21:24:a1:db:54:
59:eb:6d:7e:22:dd:86:24:d1:5a:69:b7:ce:33:b7:f7:f1:f7:
b4:a8:c3:f6:6a:3f:7b:f6:58:1b:75:fb:88:17:c9:c4:5f:0d:
a2:7c:d1:55:61:5d:94:f6:27:d6:7c:5b:d6:7b:16:05:3f:75:
0e:42:0a:5f:4c:29:f6:6e:f4:15:b7:34:c1:7f:09:33:e7:fb:
70:f7:18:78:cc:02:c6:7e:ba:fa:31:6b:fa:64:4b:02:20:51:
c2:e7:c0:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1GWCqDqhX3a2RaY3XQ9op5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTI2MTUxNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg2NTcxMmRlNWNhNmFlZjI5NTU3ZDk3MDFiNDNmYTE0ZTljMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PZfttNt0BIVSWw4CvT3DX5bdho0
brLE6i3TZQJEczIieOk9bdKR8PLqRVRWvlPwv2mJBpoPB1X8WQDf0cjfmiEqvkg2
LkDE0X6pyhDkgoxa7jIXRo4T910FX5us2doHw4mgeQuCtfz5Y/yVIjJSpp3Zb8F0
DXzHu/DH7KqhxNukAqBfZ0+N2awizRzl5ILL2ZUDCucmOmH8ND+Qttb2sZ6mYTPf
pw1u4ZntwLkWDFQkwYZy3mrkYU8bmArSl/ooy2eYsTKbVLRRTnIf07z9nSVnHb4Z
spR+J0ZQ6r8AQzsW/WDJDJs3lSXvXwuIwY02GINE/QEtLHNy18u4J7ogbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAKGVxLeXKau8pVX2XAbQ/oU6cHlMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvQW9aWEV0NWNwcTd5bFZmWmNCdEQtaFRwd2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZzeAwQB
Z9NmMA0GCSqGSIb3DQEBCwUAA4IBAQB7O9b7ulpXGrZCUXbRPzCdXYfyBVFwn17f
IKoPi7bxJvW/0KGCYDQf5P1MVBDEQwwHcMZ7V7KCvEpRehGZb3kjFXC8VbB6GFph
DO/CZRg83PcjzWdYYuYGkci56OP4R+Xv4AdHVqNyaPfXOFESQ2F3nfTP0X3k0XWM
Qg3goFmHoBKuBO4IbZHZRg3NHJaG7J4nmuvrNdUbLzDtAsqFISSh21RZ621+It2G
JNFaabfOM7f38fe0qMP2aj979lgbdfuIF8nEXw2ifNFVYV2U9ifWfFvWexYFP3UO
QgpfTCn2bvQVtzTBfwkz5/tw9xh4zALGfrr6MWv6ZEsCIFHC58At
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:06 2025 by rpki-client