Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/8tC0NkmkiXR6lRqHn41LsdT-kEg.roa
File: 8tC0NkmkiXR6lRqHn41LsdT-kEg.roa (raw, json)
Hash identifier: DAzX2dZfcIsZ19Inzm5IuAb3kmD3bT6VenrYWqbfeFQ=
Subject key identifier: F2:D0:B4:36:49:A4:89:74:7A:95:1A:87:9F:8D:4B:B1:D4:FE:90:48
Certificate issuer: /CN=ffca997d390cd6e46e0128e50d70b84e7ab6740f
Certificate serial: 01919796B7678BAF201425A8DD15E42944C0
Authority key identifier: FF:CA:99:7D:39:0C:D6:E4:6E:01:28:E5:0D:70:B8:4E:7A:B6:74:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/8tC0NkmkiXR6lRqHn41LsdT-kEg.roa
Signing time: Wed 28 Aug 2024 06:05:22 +0000
ROA not before: Wed 28 Aug 2024 06:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9215
IP address blocks: 103.132.128.0/24 maxlen: 24
103.132.130.0/24 maxlen: 24
185.57.64.0/24 maxlen: 24
185.57.65.0/24 maxlen: 24
185.57.66.0/24 maxlen: 24
185.57.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Oct 2024 11:40:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:97:96:b7:67:8b:af:20:14:25:a8:dd:15:e4:29:44:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffca997d390cd6e46e0128e50d70b84e7ab6740f
Validity
Not Before: Aug 28 06:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2d0b43649a489747a951a879f8d4bb1d4fe9048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:42:b1:60:83:69:af:95:82:1c:94:24:bd:3b:
55:c4:fc:e3:88:84:1b:e4:af:39:20:b5:fb:60:9f:
dd:e5:f0:c9:64:52:79:38:f5:44:cc:8f:d6:d7:28:
d5:4f:ed:be:ab:d1:2e:7a:6a:b7:b7:f2:d2:fb:32:
8e:79:8b:d8:1d:12:ff:63:66:98:05:63:4f:98:f2:
9d:a5:a3:56:df:86:9f:aa:a2:e8:2f:b1:bd:0f:1e:
37:44:13:4f:14:9a:05:f7:f3:ff:28:5f:fc:4c:ec:
41:53:fc:f7:9d:23:49:15:2b:cd:4a:a4:df:c1:aa:
df:11:7b:7c:0c:de:7c:a4:04:81:e5:7e:b8:a1:6b:
f5:e9:6e:65:15:52:cf:7d:ec:43:5f:43:08:ad:95:
93:c0:20:b0:8d:56:fc:b8:43:64:33:8b:83:75:0a:
ba:cb:ca:93:8a:01:ed:05:ed:19:a2:ab:af:51:0b:
d1:03:95:c3:71:ee:75:d8:9e:61:c2:ef:af:0f:35:
00:36:b1:a5:80:14:4b:c2:4c:5c:30:89:da:1e:36:
cc:38:cc:22:46:90:71:9e:96:c2:83:86:64:25:e4:
e2:63:3c:7b:a0:24:0a:50:00:dd:02:3c:15:67:aa:
59:b9:f9:28:78:d5:f8:2d:35:ba:c5:56:56:e1:26:
2a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D0:B4:36:49:A4:89:74:7A:95:1A:87:9F:8D:4B:B1:D4:FE:90:48
X509v3 Authority Key Identifier:
keyid:FF:CA:99:7D:39:0C:D6:E4:6E:01:28:E5:0D:70:B8:4E:7A:B6:74:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/8tC0NkmkiXR6lRqHn41LsdT-kEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/_8qZfTkM1uRuASjlDXC4Tnq2dA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.132.128.0/24
103.132.130.0/24
185.57.64.0/22
Signature Algorithm: sha256WithRSAEncryption
58:f1:15:5e:65:5b:19:cc:ea:a3:33:6a:15:59:d2:16:e8:38:
d4:fb:c2:d1:28:65:a0:67:33:54:bf:2e:f5:88:41:f2:e5:48:
42:2c:83:65:4f:71:41:a9:76:74:b2:7e:7f:73:9e:ec:44:6b:
59:77:f7:5f:80:95:f4:27:47:09:6f:35:cd:08:a8:7b:c6:37:
d5:15:f8:64:c5:b9:4b:a1:2c:07:48:be:ad:cc:2b:b3:6e:78:
aa:bd:ba:32:26:b6:08:fa:f4:12:f7:25:43:32:a8:03:43:f1:
a5:ef:bd:b9:a9:af:b4:8c:41:d9:dd:f6:19:45:27:a2:38:e8:
11:f5:aa:9a:88:4b:fa:38:c2:ab:5b:31:a3:ca:f1:44:33:16:
b6:70:ba:50:50:48:38:72:ae:b7:62:7d:4d:27:17:6e:38:cc:
80:b6:1d:ab:a2:dd:4d:4b:69:eb:f0:d4:8a:a1:d4:40:d5:60:
c8:5a:c8:01:7f:30:de:4a:73:03:a3:c3:06:86:7b:f2:fa:bc:
af:44:c8:ab:1b:9e:2f:0f:dd:7a:82:ad:66:a0:ee:e3:56:93:
bb:e7:b3:0a:4f:d6:0e:e7:11:81:5a:87:e4:f4:36:90:72:e9:
ab:28:45:a5:f7:2e:d8:bf:2b:f4:aa:f5:bf:7e:51:40:94:90:
e0:86:a5:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGXlrdni68gFCWo3RXkKUTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmY2E5OTdkMzkwY2Q2ZTQ2ZTAxMjhlNTBkNzBiODRlN2Fi
Njc0MGYwHhcNMjQwODI4MDYwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmQwYjQzNjQ5YTQ4OTc0N2E5NTFhODc5ZjhkNGJiMWQ0ZmU5MDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0KxYINpr5WCHJQkvTtVxPzjiIQb
5K85ILX7YJ/d5fDJZFJ5OPVEzI/W1yjVT+2+q9Euemq3t/LS+zKOeYvYHRL/Y2aY
BWNPmPKdpaNW34afqqLoL7G9Dx43RBNPFJoF9/P/KF/8TOxBU/z3nSNJFSvNSqTf
warfEXt8DN58pASB5X64oWv16W5lFVLPfexDX0MIrZWTwCCwjVb8uENkM4uDdQq6
y8qTigHtBe0ZoquvUQvRA5XDce512J5hwu+vDzUANrGlgBRLwkxcMInaHjbMOMwi
RpBxnpbCg4ZkJeTiYzx7oCQKUADdAjwVZ6pZufkoeNX4LTW6xVZW4SYqZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPLQtDZJpIl0epUah5+NS7HU/pBIMB8GA1UdIwQY
MBaAFP/KmX05DNbkbgEo5Q1wuE56tnQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzhxWmZUa00xdVJ1QVNqbERYQzRUbnEyZEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9hZjBhMmEtN2ViZi00ZGMwLWEzMTkt
ODE5YjdhN2VjNDM0LzEvOHRDME5rbWtpWFI2bFJxSG40MUxzZFQta0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9hZjBhMmEtN2ViZi00ZGMwLWEzMTktODE5YjdhN2VjNDM0
LzEvXzhxWmZUa00xdVJ1QVNqbERYQzRUbnEyZEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAZ4SAAwQA
Z4SCAwQCuTlAMA0GCSqGSIb3DQEBCwUAA4IBAQBY8RVeZVsZzOqjM2oVWdIW6DjU
+8LRKGWgZzNUvy71iEHy5UhCLINlT3FBqXZ0sn5/c57sRGtZd/dfgJX0J0cJbzXN
CKh7xjfVFfhkxblLoSwHSL6tzCuzbniqvboyJrYI+vQS9yVDMqgDQ/Gl7725qa+0
jEHZ3fYZRSeiOOgR9aqaiEv6OMKrWzGjyvFEMxa2cLpQUEg4cq63Yn1NJxduOMyA
th2rot1NS2nr8NSKodRA1WDIWsgBfzDeSnMDo8MGhnvy+ryvRMirG54vD916gq1m
oO7jVpO757MKT9YO5xGBWofk9DaQcumrKEWl9y7Yvyv0qvW/flFAlJDghqWm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:20 2025 by rpki-client