Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/BsXnfnKYf003ZMvtqeu1j-hijqs.roa
File: BsXnfnKYf003ZMvtqeu1j-hijqs.roa (raw, json)
Hash identifier: u0YkyI8pGu4agK4ZiUE4TIk2v33nsDahwWYQ8mqz0vI=
Subject key identifier: 06:C5:E7:7E:72:98:7F:4D:37:64:CB:ED:A9:EB:B5:8F:E8:62:8E:AB
Certificate issuer: /CN=ac7670698cfaef2647fbc9a06f7380856e2b3027
Certificate serial: 018CC349176C9BF3C876FE4E00E62A8812D1
Authority key identifier: AC:76:70:69:8C:FA:EF:26:47:FB:C9:A0:6F:73:80:85:6E:2B:30:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/BsXnfnKYf003ZMvtqeu1j-hijqs.roa
Signing time: Mon 01 Jan 2024 04:29:56 +0000
ROA not before: Mon 01 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59521
IP address blocks: 103.55.100.0/22 maxlen: 22
103.57.40.0/22 maxlen: 22
195.72.124.0/22 maxlen: 22
45.115.108.0/22 maxlen: 22
45.149.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:17:6c:9b:f3:c8:76:fe:4e:00:e6:2a:88:12:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7670698cfaef2647fbc9a06f7380856e2b3027
Validity
Not Before: Jan 1 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06c5e77e72987f4d3764cbeda9ebb58fe8628eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:39:7c:01:11:62:95:5c:55:21:db:61:6a:f3:
19:45:db:54:a5:8f:79:a9:02:c4:13:94:ea:e6:b4:
47:04:db:80:46:7d:e3:83:2d:58:e2:fc:32:17:f9:
80:d5:c1:e2:6b:a0:11:f5:63:91:6b:6d:70:f7:e1:
1f:9a:f2:da:e4:f6:d3:ca:62:37:2a:3a:c0:73:42:
f0:07:38:c1:90:9c:42:41:fd:0f:8f:84:75:d6:9e:
04:d1:71:41:cb:d0:84:e9:a6:3d:28:c9:45:32:b7:
ee:21:83:b7:c2:d0:c1:27:7d:b8:eb:4c:79:a5:ee:
1c:b4:3c:7a:3a:90:19:89:df:95:ea:19:a3:5b:7c:
ea:24:b4:30:84:b2:36:b0:dd:6d:93:0e:b9:7c:83:
1d:3e:5a:c9:d8:57:01:c4:03:67:5a:46:e8:02:38:
76:33:02:0f:03:f1:65:2b:05:6b:c4:6b:72:4b:d8:
9b:92:5a:3e:25:dd:41:35:d7:19:db:7b:b6:a7:c5:
d2:a3:1c:77:ad:30:e1:54:b6:3f:cb:bf:fc:7e:ad:
b4:f3:a0:9e:c9:81:ef:60:f8:5f:b6:c9:36:6a:03:
d5:e8:74:93:a6:a1:c1:b2:5e:88:e8:fa:bf:d7:c4:
87:7c:fe:1a:78:5a:ff:da:d8:0d:3d:88:dd:54:e8:
05:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C5:E7:7E:72:98:7F:4D:37:64:CB:ED:A9:EB:B5:8F:E8:62:8E:AB
X509v3 Authority Key Identifier:
keyid:AC:76:70:69:8C:FA:EF:26:47:FB:C9:A0:6F:73:80:85:6E:2B:30:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/BsXnfnKYf003ZMvtqeu1j-hijqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/rHZwaYz67yZH-8mgb3OAhW4rMCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.115.108.0/22
45.149.52.0/24
103.55.100.0/22
103.57.40.0/22
195.72.124.0/22
Signature Algorithm: sha256WithRSAEncryption
46:37:af:d7:5c:82:3c:a4:96:44:aa:fb:a2:a9:0b:69:b6:3f:
81:ec:bf:57:e2:a6:81:58:0c:2b:5b:44:c5:fd:af:6d:37:58:
b0:de:4c:c6:8e:9e:ef:14:b6:5f:fd:d0:7c:79:f8:01:93:3b:
d4:86:1e:43:55:6d:e4:f2:91:94:99:0b:b1:1d:41:78:89:00:
0e:92:99:74:76:38:76:09:97:74:bc:5b:8c:82:70:bc:12:43:
5a:fe:cc:39:f2:65:a1:97:57:e7:c4:eb:14:e5:5d:65:d0:f5:
db:a9:62:f0:4f:61:c2:4c:fd:9f:33:16:34:6c:01:f1:04:85:
8c:06:0e:b1:7d:e3:a6:b9:af:cd:17:68:1d:24:51:99:de:bc:
85:54:c3:d7:f3:b8:cc:d0:9f:9f:56:19:91:ac:8c:78:58:f1:
ae:79:5d:0d:ba:ca:1b:b6:e0:0c:69:67:5c:a7:ac:4e:7c:23:
2b:0c:5e:aa:0a:16:06:b3:22:90:89:0c:61:ba:a7:98:69:55:
b6:18:e3:e2:f2:23:54:34:bf:b0:d6:f6:3a:a0:f3:a0:58:d3:
76:07:02:27:39:0e:aa:42:3e:49:5b:c4:0f:21:ff:cd:c0:b8:
91:65:16:2f:d8:f7:db:d2:98:69:44:99:37:3f:e2:5d:fd:a7:
80:01:03:84
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDSRdsm/PIdv5OAOYqiBLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNzY3MDY5OGNmYWVmMjY0N2ZiYzlhMDZmNzM4MDg1NmUy
YjMwMjcwHhcNMjQwMTAxMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmM1ZTc3ZTcyOTg3ZjRkMzc2NGNiZWRhOWViYjU4ZmU4NjI4ZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTl8ARFilVxVIdthavMZRdtUpY95
qQLEE5Tq5rRHBNuARn3jgy1Y4vwyF/mA1cHia6AR9WORa21w9+EfmvLa5PbTymI3
KjrAc0LwBzjBkJxCQf0Pj4R11p4E0XFBy9CE6aY9KMlFMrfuIYO3wtDBJ32460x5
pe4ctDx6OpAZid+V6hmjW3zqJLQwhLI2sN1tkw65fIMdPlrJ2FcBxANnWkboAjh2
MwIPA/FlKwVrxGtyS9ibklo+Jd1BNdcZ23u2p8XSoxx3rTDhVLY/y7/8fq2086Ce
yYHvYPhftsk2agPV6HSTpqHBsl6I6Pq/18SHfP4aeFr/2tgNPYjdVOgF1QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAbF535ymH9NN2TL7anrtY/oYo6rMB8GA1UdIwQY
MBaAFKx2cGmM+u8mR/vJoG9zgIVuKzAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckhad2FZejY3eVpILThtZ2IzT0FoVzRyTUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82OGY2NTEtZjNhNi00MjUyLTlmYWYt
OWUwNDQwOTJiODI2LzEvQnNYbmZuS1lmMDAzWk12dHFldTFqLWhpanFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82OGY2NTEtZjNhNi00MjUyLTlmYWYtOWUwNDQwOTJiODI2
LzEvckhad2FZejY3eVpILThtZ2IzT0FoVzRyTUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLXNsAwQA
LZU0AwQCZzdkAwQCZzkoAwQCw0h8MA0GCSqGSIb3DQEBCwUAA4IBAQBGN6/XXII8
pJZEqvuiqQtptj+B7L9X4qaBWAwrW0TF/a9tN1iw3kzGjp7vFLZf/dB8efgBkzvU
hh5DVW3k8pGUmQuxHUF4iQAOkpl0djh2CZd0vFuMgnC8EkNa/sw58mWhl1fnxOsU
5V1l0PXbqWLwT2HCTP2fMxY0bAHxBIWMBg6xfeOmua/NF2gdJFGZ3ryFVMPX87jM
0J+fVhmRrIx4WPGueV0NusobtuAMaWdcp6xOfCMrDF6qChYGsyKQiQxhuqeYaVW2
GOPi8iNUNL+w1vY6oPOgWNN2BwInOQ6qQj5JW8QPIf/NwLiRZRYv2Pfb0phpRJk3
P+Jd/aeAAQOE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:17 2025 by rpki-client