Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/cCHpgMJ6R2p1iXv4V4N6NgljJJQ.roa
File: cCHpgMJ6R2p1iXv4V4N6NgljJJQ.roa (raw, json)
Hash identifier: IfFfGltkXRQJ2wp4t8VOlPxUF2QsiY/OaKi5o+II+TI=
Subject key identifier: 70:21:E9:80:C2:7A:47:6A:75:89:7B:F8:57:83:7A:36:09:63:24:94
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018EA7BA41015E7112526CDF3429097A7417
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/cCHpgMJ6R2p1iXv4V4N6NgljJJQ.roa
Signing time: Thu 04 Apr 2024 06:09:45 +0000
ROA not before: Thu 04 Apr 2024 06:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209178
IP address blocks: 103.100.168.0/24 maxlen: 24
185.235.165.0/24 maxlen: 24
2a02:afc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Apr 2024 09:17:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:ba:41:01:5e:71:12:52:6c:df:34:29:09:7a:74:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Apr 4 06:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7021e980c27a476a75897bf857837a3609632494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2a:8e:c8:4f:20:70:08:4a:27:a5:5b:b1:52:
ff:d4:cc:71:02:ca:a7:a3:a5:76:b1:1d:dd:74:7a:
6a:ed:d5:51:38:fd:b3:6e:44:22:44:7e:57:aa:65:
09:94:86:bc:de:59:2d:f6:21:34:76:ae:08:41:3e:
1a:d6:f1:80:6c:3b:05:8b:aa:38:4b:e6:85:be:54:
f4:7a:3e:ae:0d:5b:e3:c7:af:63:ca:0f:1c:13:a5:
b6:47:ea:ef:03:1a:ad:c7:5e:c1:ae:cf:d7:c7:f5:
0e:21:c0:94:d4:63:ab:15:72:33:79:0d:98:22:ed:
5a:29:6c:f4:81:a7:75:28:29:12:6c:06:d2:bf:4f:
7b:6f:4b:10:77:06:55:84:cb:b6:77:02:3f:56:58:
7b:45:2f:23:e9:aa:36:4b:23:7e:47:2c:ae:80:21:
f5:c4:0c:13:6c:42:07:75:b4:eb:c5:62:2f:71:03:
12:72:22:de:44:b4:e8:7b:64:7d:98:07:1e:02:c3:
44:18:1c:1b:96:40:9e:d0:e4:02:80:a8:d8:49:b9:
35:9b:49:dd:59:f3:9f:ad:e5:3d:f4:77:58:03:23:
25:f6:07:28:57:0c:e3:4a:f9:d1:d9:f8:8a:5c:56:
c0:91:bc:b1:97:ed:e3:cf:2d:14:e1:44:56:d2:5f:
ea:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:21:E9:80:C2:7A:47:6A:75:89:7B:F8:57:83:7A:36:09:63:24:94
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/cCHpgMJ6R2p1iXv4V4N6NgljJJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.100.168.0/24
185.235.165.0/24
IPv6:
2a02:afc0::/29
Signature Algorithm: sha256WithRSAEncryption
34:89:b4:bd:ab:4e:ff:17:b1:17:97:29:30:c9:4e:e0:42:ac:
8e:dc:31:8e:c3:6e:5e:4b:1d:d5:df:a8:75:69:3c:a5:3d:1e:
7c:6b:e7:fe:b5:84:19:83:20:59:98:5a:48:0c:fb:0c:06:60:
aa:c4:5b:1f:b5:9a:c7:57:95:70:a7:2f:33:d6:19:5a:ec:d9:
62:67:a7:b3:21:b3:29:d5:d7:dc:24:9e:40:3b:9e:8c:24:0b:
e7:e5:69:0f:16:db:18:b9:ea:1f:b0:b3:81:f3:62:c0:30:3e:
5d:df:08:da:2d:ee:b2:ee:b1:24:19:d2:09:27:1e:8f:06:96:
ba:58:b6:fb:07:bf:3b:21:f4:87:c3:10:0e:5b:7d:d5:d5:d2:
b0:d4:1e:59:d0:fc:52:4f:fc:b5:26:3a:0b:9b:84:a9:a6:f4:
91:54:11:bc:59:fa:ad:a6:0d:d9:f8:94:d8:60:9b:d1:1d:d7:
3c:30:06:6b:20:c7:5f:d4:38:d2:b8:74:93:6b:ac:02:93:47:
88:bb:b6:5a:f7:17:34:f6:c2:45:42:27:65:ac:3c:80:44:e8:
80:75:0a:88:54:ea:e7:33:32:7b:ad:9d:b5:77:70:cd:12:d2:
74:d0:23:79:5f:4f:a1:c0:64:a6:f3:b8:4d:0a:8f:ee:bf:06:
a8:a0:c5:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY6nukEBXnESUmzfNCkJenQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwNDA0MDYwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDIxZTk4MGMyN2E0NzZhNzU4OTdiZjg1NzgzN2EzNjA5NjMyNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSqOyE8gcAhKJ6VbsVL/1MxxAsqn
o6V2sR3ddHpq7dVROP2zbkQiRH5XqmUJlIa83lkt9iE0dq4IQT4a1vGAbDsFi6o4
S+aFvlT0ej6uDVvjx69jyg8cE6W2R+rvAxqtx17Brs/Xx/UOIcCU1GOrFXIzeQ2Y
Iu1aKWz0gad1KCkSbAbSv097b0sQdwZVhMu2dwI/Vlh7RS8j6ao2SyN+RyyugCH1
xAwTbEIHdbTrxWIvcQMSciLeRLToe2R9mAceAsNEGBwblkCe0OQCgKjYSbk1m0nd
WfOfreU99HdYAyMl9gcoVwzjSvnR2fiKXFbAkbyxl+3jzy0U4URW0l/qzwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHAh6YDCekdqdYl7+FeDejYJYySUMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvY0NIcGdNSjZSMnAxaVh2NFY0TjZOZ2xqSkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAZ2SoAwQA
ueulMA0EAgACMAcDBQMqAq/AMA0GCSqGSIb3DQEBCwUAA4IBAQA0ibS9q07/F7EX
lykwyU7gQqyO3DGOw25eSx3V36h1aTylPR58a+f+tYQZgyBZmFpIDPsMBmCqxFsf
tZrHV5Vwpy8z1hla7NliZ6ezIbMp1dfcJJ5AO56MJAvn5WkPFtsYueofsLOB82LA
MD5d3wjaLe6y7rEkGdIJJx6PBpa6WLb7B787IfSHwxAOW33V1dKw1B5Z0PxST/y1
JjoLm4SppvSRVBG8Wfqtpg3Z+JTYYJvRHdc8MAZrIMdf1DjSuHSTa6wCk0eIu7Za
9xc09sJFQidlrDyAROiAdQqIVOrnMzJ7rZ21d3DNEtJ00CN5X0+hwGSm87hNCo/u
vwaooMWy
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:10 2025 by rpki-client