Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/rek0X510yoYHyVjkruMPn3RC8-U.roa
File: rek0X510yoYHyVjkruMPn3RC8-U.roa (raw, json)
Hash identifier: izhBQrYPL13WJ5ThAE5jETW8ZiOeCpskIxrDH9eCy1o=
Subject key identifier: AD:E9:34:5F:9D:74:CA:86:07:C9:58:E4:AE:E3:0F:9F:74:42:F3:E5
Certificate issuer: /CN=3ad734cf90c773428806b968209515b914831a9d
Certificate serial: 018E9E8699847BD7AF366D695036ECCF40ED
Authority key identifier: 3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/rek0X510yoYHyVjkruMPn3RC8-U.roa
Signing time: Tue 02 Apr 2024 11:16:45 +0000
ROA not before: Tue 02 Apr 2024 11:16:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 103.69.224.0/24 maxlen: 24
103.69.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 May 2024 11:22:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:86:99:84:7b:d7:af:36:6d:69:50:36:ec:cf:40:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad734cf90c773428806b968209515b914831a9d
Validity
Not Before: Apr 2 11:16:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ade9345f9d74ca8607c958e4aee30f9f7442f3e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6f:13:22:66:13:ba:ba:77:f1:c8:98:e4:bb:
dc:a0:34:f7:2f:44:c9:f2:76:f8:bd:a3:ab:95:3f:
ae:2e:2b:38:a9:82:b8:84:0f:84:55:45:bb:e7:77:
cf:e2:aa:86:33:0f:09:f7:3d:e6:3b:f3:de:bd:bd:
6f:65:a1:3d:5b:d3:f6:78:ff:b2:c4:a1:68:8c:b3:
6e:2d:5f:f6:8a:16:f5:91:8e:dc:30:5b:c3:1e:63:
93:b1:e0:41:44:82:e8:00:c5:88:b7:ff:d5:80:25:
7e:bf:78:50:e1:78:a5:06:e7:dc:fd:5b:c2:0b:ca:
f0:78:db:b1:cd:16:4e:76:b4:53:b4:13:4a:83:47:
04:b8:0d:b9:b7:9c:c9:7b:5b:45:3d:7b:dc:cc:c8:
3e:fe:e6:31:cc:be:9c:df:a5:17:2e:d4:31:70:9d:
d8:91:a9:f6:ce:6c:6f:ba:52:8b:10:c9:6d:33:2b:
94:11:45:b3:8d:b5:37:df:fc:e4:f4:16:7a:c5:ce:
dc:fd:7e:eb:f0:a7:66:2f:06:42:66:60:de:17:cb:
b9:c1:e4:60:93:fd:06:6f:38:f4:b5:fa:88:33:5e:
7b:d0:6e:14:f3:03:ad:9d:ad:53:c5:e1:ab:99:01:
9f:08:8a:23:1d:7c:76:71:92:87:09:f5:8c:d8:44:
36:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E9:34:5F:9D:74:CA:86:07:C9:58:E4:AE:E3:0F:9F:74:42:F3:E5
X509v3 Authority Key Identifier:
keyid:3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/rek0X510yoYHyVjkruMPn3RC8-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Otc0z5DHc0KIBrloIJUVuRSDGp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.69.224.0/24
103.69.227.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:83:68:25:a2:26:63:01:84:c8:7f:d3:4f:78:21:07:31:28:
ee:c9:cb:45:9e:ed:b8:37:52:31:3f:34:7d:c4:e6:a0:55:91:
4a:fd:07:1f:4b:f7:be:98:41:2d:42:db:a1:6a:bc:c8:55:64:
50:84:33:a2:1e:df:46:4d:f0:f6:5f:7f:87:5c:5c:9c:a2:f5:
50:cb:fc:9c:e5:f0:02:26:1c:c9:50:a9:18:53:db:20:96:0e:
6c:68:17:aa:b5:7e:1a:98:f3:18:0c:21:1b:70:a5:0a:fb:81:
36:01:8d:fe:da:90:31:b3:b1:35:1a:a0:45:73:fc:ed:55:53:
bd:77:cf:23:2a:ce:71:5c:8f:13:11:b9:66:a7:c9:c2:5c:e3:
b4:bd:a0:dd:34:48:49:c1:58:04:0d:43:7d:fc:15:ce:3d:40:
c4:1c:a8:47:67:3e:8f:6a:1a:ea:44:a6:bf:8e:ed:a6:bf:9c:
1b:4c:b3:17:f8:ae:47:c0:22:e5:a3:20:46:23:e6:3b:7d:bb:
05:e2:bb:0b:b8:fa:02:91:be:2d:48:90:7c:a1:10:41:16:31:
f2:67:5f:46:4a:08:63:e2:49:9d:ac:0c:cb:22:0b:54:6a:11:
88:72:e1:52:e2:63:65:34:21:5e:c6:81:01:1c:52:ce:0d:30:
c0:0e:d7:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6ehpmEe9evNm1pUDbsz0DtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDczNGNmOTBjNzczNDI4ODA2Yjk2ODIwOTUxNWI5MTQ4
MzFhOWQwHhcNMjQwNDAyMTExNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGU5MzQ1ZjlkNzRjYTg2MDdjOTU4ZTRhZWUzMGY5Zjc0NDJmM2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW8TImYTurp38ciY5LvcoDT3L0TJ
8nb4vaOrlT+uLis4qYK4hA+EVUW753fP4qqGMw8J9z3mO/Pevb1vZaE9W9P2eP+y
xKFojLNuLV/2ihb1kY7cMFvDHmOTseBBRILoAMWIt//VgCV+v3hQ4XilBufc/VvC
C8rweNuxzRZOdrRTtBNKg0cEuA25t5zJe1tFPXvczMg+/uYxzL6c36UXLtQxcJ3Y
kan2zmxvulKLEMltMyuUEUWzjbU33/zk9BZ6xc7c/X7r8KdmLwZCZmDeF8u5weRg
k/0Gbzj0tfqIM1570G4U8wOtna1TxeGrmQGfCIojHXx2cZKHCfWM2EQ2OQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK3pNF+ddMqGB8lY5K7jD590QvPlMB8GA1UdIwQY
MBaAFDrXNM+Qx3NCiAa5aCCVFbkUgxqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMt
NzZhMWQ0ZDgzMTk3LzEvcmVrMFg1MTB5b1lIeVZqa3J1TVBuM1JDOC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMtNzZhMWQ0ZDgzMTk3
LzEvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ0XgAwQA
Z0XjMA0GCSqGSIb3DQEBCwUAA4IBAQB/g2gloiZjAYTIf9NPeCEHMSjuyctFnu24
N1IxPzR9xOagVZFK/QcfS/e+mEEtQtuharzIVWRQhDOiHt9GTfD2X3+HXFycovVQ
y/yc5fACJhzJUKkYU9sglg5saBeqtX4amPMYDCEbcKUK+4E2AY3+2pAxs7E1GqBF
c/ztVVO9d88jKs5xXI8TEblmp8nCXOO0vaDdNEhJwVgEDUN9/BXOPUDEHKhHZz6P
ahrqRKa/ju2mv5wbTLMX+K5HwCLloyBGI+Y7fbsF4rsLuPoCkb4tSJB8oRBBFjHy
Z19GSghj4kmdrAzLIgtUahGIcuFS4mNlNCFexoEBHFLODTDADtfO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:19 2024 by rpki-client on console-ams.rpki-client.org