Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/nmoNdJ0BzWP4JsTS87TqncIN7YM.roa
File: nmoNdJ0BzWP4JsTS87TqncIN7YM.roa (raw, json)
Hash identifier: gBCePvksEBDG7ceWQF9d1c8mpumsbuMan9CtmbBEfYU=
Subject key identifier: 9E:6A:0D:74:9D:01:CD:63:F8:26:C4:D2:F3:B4:EA:9D:C2:0D:ED:83
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 019424F144C39A916ACBC580E21A3C9E9A8D
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/nmoNdJ0BzWP4JsTS87TqncIN7YM.roa
Signing time: Thu 02 Jan 2025 02:56:19 +0000
ROA not before: Thu 02 Jan 2025 02:56:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30860
IP address blocks: 103.211.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 02:20:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:f1:44:c3:9a:91:6a:cb:c5:80:e2:1a:3c:9e:9a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 02:56:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e6a0d749d01cd63f826c4d2f3b4ea9dc20ded83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:26:c1:06:3b:e7:94:41:66:87:e4:75:e3:34:
00:fc:82:35:6e:c4:e8:5e:38:e3:35:ec:ec:46:f1:
42:1e:98:24:d1:0b:dc:4a:1d:ee:63:fb:c3:64:9b:
ec:ee:8b:d3:5a:e8:66:4d:9c:2d:9f:05:dd:76:8e:
ee:87:95:cd:68:a8:a2:71:56:57:1e:ad:4c:b8:3e:
5b:7b:96:82:7a:26:de:63:54:7c:26:79:c0:ad:09:
e3:a8:7b:3a:38:b7:50:c8:df:4b:db:a8:9e:f5:21:
17:66:e0:90:74:d4:b6:f0:09:70:5a:24:30:ce:1f:
39:48:03:48:8a:0f:98:b3:65:91:a6:5f:10:74:c5:
ad:4f:80:c9:29:59:e7:74:a3:c4:fa:be:9c:3f:d8:
81:55:b6:03:e5:21:14:87:a2:53:4c:d1:64:9b:7c:
7b:c0:7a:78:69:db:86:81:97:0f:c1:bf:90:15:38:
f7:fe:67:02:a0:81:3c:7e:4f:b7:f5:2f:c9:e6:62:
e7:3e:67:16:b3:b9:93:20:bf:96:a3:92:a3:af:8e:
83:43:f2:66:86:15:fd:d2:9e:c5:18:50:b5:4e:bd:
92:ac:d5:ee:cc:e0:15:5a:e0:68:d0:2c:30:65:d0:
41:c0:7c:12:9f:ce:39:bc:87:9c:a5:54:24:26:13:
28:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6A:0D:74:9D:01:CD:63:F8:26:C4:D2:F3:B4:EA:9D:C2:0D:ED:83
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/nmoNdJ0BzWP4JsTS87TqncIN7YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.211.101.0/24
Signature Algorithm: sha256WithRSAEncryption
76:93:c4:f9:74:b4:71:e4:b2:8a:6d:7d:09:8d:5e:a2:87:10:
ae:de:cb:dd:66:0c:ad:41:62:33:c6:96:e2:e6:4f:18:5a:11:
5e:b2:7f:bb:a4:85:63:f7:e8:aa:df:09:d1:f1:e8:07:44:ed:
ed:55:b6:46:4f:07:e9:7c:5b:b4:4b:46:30:22:31:3b:3a:68:
10:74:88:7a:40:ae:a5:6c:f4:7f:89:6b:8e:ec:17:80:dd:57:
87:11:a8:56:91:f2:e5:01:05:95:3b:b4:9f:71:08:91:fc:b2:
5f:55:0e:88:84:3a:0a:41:58:4a:ea:07:e8:6d:a9:ea:18:95:
2c:4d:2b:34:d0:77:7d:c6:ad:04:24:10:6d:00:7d:43:4b:5e:
72:e3:9b:10:28:32:d3:d0:e3:28:47:c9:72:c9:2e:51:13:7c:
ea:ac:5e:a8:18:ec:d8:9f:f2:fb:6d:8f:61:3b:02:96:88:6d:
89:ce:a6:47:85:83:43:52:66:ed:e5:ca:39:c9:eb:16:8b:d5:
cb:f9:87:0e:08:9a:0c:80:bb:cc:6a:a7:63:c7:6f:d6:26:54:
b6:5e:d2:67:b3:10:82:2f:24:78:b1:8c:f9:7e:98:ce:fa:fc:
a8:0d:ec:69:b5:92:ed:90:7f:c9:4c:ee:ff:2e:f8:8f:b4:d0:
48:c4:f5:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQk8UTDmpFqy8WA4ho8npqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwMTAyMDI1NjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTZhMGQ3NDlkMDFjZDYzZjgyNmM0ZDJmM2I0ZWE5ZGMyMGRlZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqibBBjvnlEFmh+R14zQA/II1bsTo
XjjjNezsRvFCHpgk0QvcSh3uY/vDZJvs7ovTWuhmTZwtnwXddo7uh5XNaKiicVZX
Hq1MuD5be5aCeibeY1R8JnnArQnjqHs6OLdQyN9L26ie9SEXZuCQdNS28AlwWiQw
zh85SANIig+Ys2WRpl8QdMWtT4DJKVnndKPE+r6cP9iBVbYD5SEUh6JTTNFkm3x7
wHp4aduGgZcPwb+QFTj3/mcCoIE8fk+39S/J5mLnPmcWs7mTIL+Wo5Kjr46DQ/Jm
hhX90p7FGFC1Tr2SrNXuzOAVWuBo0CwwZdBBwHwSn845vIecpVQkJhMoHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5qDXSdAc1j+CbE0vO06p3CDe2DMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvbm1vTmRKMEJ6V1A0SnNUUzg3VHFuY0lON1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ9NlMA0G
CSqGSIb3DQEBCwUAA4IBAQB2k8T5dLRx5LKKbX0JjV6ihxCu3svdZgytQWIzxpbi
5k8YWhFesn+7pIVj9+iq3wnR8egHRO3tVbZGTwfpfFu0S0YwIjE7OmgQdIh6QK6l
bPR/iWuO7BeA3VeHEahWkfLlAQWVO7SfcQiR/LJfVQ6IhDoKQVhK6gfobanqGJUs
TSs00Hd9xq0EJBBtAH1DS15y45sQKDLT0OMoR8lyyS5RE3zqrF6oGOzYn/L7bY9h
OwKWiG2JzqZHhYNDUmbt5co5yesWi9XL+YcOCJoMgLvMaqdjx2/WJlS2XtJnsxCC
LyR4sYz5fpjO+vyoDexptZLtkH/JTO7/LviPtNBIxPVG
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:26:36 2025 by rpki-client