Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/uY_MsmPAaXvXyB2aGSPtpndXLO8.roa
File: uY_MsmPAaXvXyB2aGSPtpndXLO8.roa (raw, json)
Hash identifier: N/+UT/Nl7eM5p6m1sFEfiqUuP7C1EIsPOuS/Z4eDFac=
Subject key identifier: B9:8F:CC:B2:63:C0:69:7B:D7:C8:1D:9A:19:23:ED:A6:77:57:2C:EF
Certificate issuer: /CN=ffca997d390cd6e46e0128e50d70b84e7ab6740f
Certificate serial: 0190BF8D1C9E28B33D23CE0E6321157675EA
Authority key identifier: FF:CA:99:7D:39:0C:D6:E4:6E:01:28:E5:0D:70:B8:4E:7A:B6:74:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/uY_MsmPAaXvXyB2aGSPtpndXLO8.roa
Signing time: Wed 17 Jul 2024 07:16:54 +0000
ROA not before: Wed 17 Jul 2024 07:16:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9215
IP address blocks: 103.132.128.0/24 maxlen: 24
103.132.129.0/24 maxlen: 24
103.132.130.0/24 maxlen: 24
103.132.131.0/24 maxlen: 24
185.57.64.0/24 maxlen: 24
185.57.65.0/24 maxlen: 24
185.57.66.0/24 maxlen: 24
185.57.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 06:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:8d:1c:9e:28:b3:3d:23:ce:0e:63:21:15:76:75:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffca997d390cd6e46e0128e50d70b84e7ab6740f
Validity
Not Before: Jul 17 07:16:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b98fccb263c0697bd7c81d9a1923eda677572cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1a:8a:15:e4:4f:24:c1:45:e0:8c:d6:32:94:
67:6b:95:9f:a8:62:8f:0c:7b:96:e0:b3:a3:5d:24:
11:a3:f5:b5:72:d7:0e:ee:ce:e7:03:98:4b:16:02:
aa:31:02:30:1d:1c:44:18:ce:d2:a9:bd:b0:f6:8f:
05:04:80:33:eb:4b:78:2c:1c:47:f8:cf:24:a2:5a:
03:27:66:b5:34:55:32:9d:d4:58:3a:1f:02:8f:b5:
3d:b3:74:cf:5c:6f:9d:a5:a7:01:90:78:a8:0f:bd:
cc:b8:f8:70:68:45:53:f3:06:0a:e0:16:de:4c:f4:
bb:72:4f:e9:84:f1:26:d5:ef:0a:b5:05:91:4c:58:
04:95:2d:13:48:fe:6f:94:47:05:76:24:90:40:eb:
69:1e:d2:bf:67:4d:5e:da:4b:6f:96:ad:28:30:7a:
59:8e:ed:66:3e:e2:9a:80:09:e8:5e:c8:a6:2d:cd:
32:cb:2f:fc:27:db:05:8e:81:dc:fc:80:00:b9:49:
f0:b9:9d:80:47:fa:86:3d:fc:ed:43:e9:38:21:2f:
c9:7d:d4:37:05:40:c8:a5:7a:43:a1:3c:b2:f5:d4:
1d:3b:94:80:50:91:52:54:2e:bd:b2:3a:66:e9:ed:
ab:70:b5:8b:a4:f0:b0:36:29:91:82:f8:28:ca:f4:
2f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:8F:CC:B2:63:C0:69:7B:D7:C8:1D:9A:19:23:ED:A6:77:57:2C:EF
X509v3 Authority Key Identifier:
keyid:FF:CA:99:7D:39:0C:D6:E4:6E:01:28:E5:0D:70:B8:4E:7A:B6:74:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/uY_MsmPAaXvXyB2aGSPtpndXLO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/_8qZfTkM1uRuASjlDXC4Tnq2dA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.132.128.0/22
185.57.64.0/22
Signature Algorithm: sha256WithRSAEncryption
25:0c:71:26:87:63:b9:ca:de:49:eb:2c:b6:05:47:11:9a:3c:
fd:8b:81:69:ba:53:a5:43:21:a4:68:10:f8:bc:52:43:17:48:
f1:c4:7c:9e:27:b1:ef:a1:bc:2a:09:6d:02:1a:87:16:44:40:
67:e6:45:c0:8a:31:3b:03:9f:4d:60:fd:a0:e9:a1:f5:f3:9d:
93:a2:42:39:cf:ac:8c:68:23:fb:4d:6c:03:b1:55:c6:50:09:
16:f8:58:f5:09:5d:cf:68:cb:66:cc:9a:18:5c:8e:7b:b9:2b:
3f:12:ec:4b:c5:d9:e8:a6:0e:f7:18:f9:ae:81:7c:98:10:1f:
0c:3f:3e:db:1e:9f:b2:98:6a:bc:60:53:c9:b1:cc:d9:82:d2:
43:43:dc:93:42:f0:e6:bc:99:45:19:4b:ae:58:77:2a:97:38:
0b:82:9c:fc:88:68:a1:51:26:26:66:2d:77:1a:be:4b:84:a4:
d6:c8:67:ba:94:a9:e4:9b:19:39:c8:30:18:9c:dd:2b:6c:15:
2b:b8:9c:69:48:bf:53:c8:a3:19:7e:06:a6:23:e4:99:93:a3:
b6:fc:8d:af:1d:ea:8c:df:f2:e3:b4:07:95:8c:a6:7f:24:f6:
e0:56:21:25:e4:b1:f1:78:1f:b3:2b:27:1c:ca:de:ee:6c:8f:
4f:3a:67:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZC/jRyeKLM9I84OYyEVdnXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmY2E5OTdkMzkwY2Q2ZTQ2ZTAxMjhlNTBkNzBiODRlN2Fi
Njc0MGYwHhcNMjQwNzE3MDcxNjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOThmY2NiMjYzYzA2OTdiZDdjODFkOWExOTIzZWRhNjc3NTcyY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRqKFeRPJMFF4IzWMpRna5WfqGKP
DHuW4LOjXSQRo/W1ctcO7s7nA5hLFgKqMQIwHRxEGM7Sqb2w9o8FBIAz60t4LBxH
+M8koloDJ2a1NFUyndRYOh8Cj7U9s3TPXG+dpacBkHioD73MuPhwaEVT8wYK4Bbe
TPS7ck/phPEm1e8KtQWRTFgElS0TSP5vlEcFdiSQQOtpHtK/Z01e2ktvlq0oMHpZ
ju1mPuKagAnoXsimLc0yyy/8J9sFjoHc/IAAuUnwuZ2AR/qGPfztQ+k4IS/JfdQ3
BUDIpXpDoTyy9dQdO5SAUJFSVC69sjpm6e2rcLWLpPCwNimRgvgoyvQvBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLmPzLJjwGl718gdmhkj7aZ3VyzvMB8GA1UdIwQY
MBaAFP/KmX05DNbkbgEo5Q1wuE56tnQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzhxWmZUa00xdVJ1QVNqbERYQzRUbnEyZEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9hZjBhMmEtN2ViZi00ZGMwLWEzMTkt
ODE5YjdhN2VjNDM0LzEvdVlfTXNtUEFhWHZYeUIyYUdTUHRwbmRYTE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9hZjBhMmEtN2ViZi00ZGMwLWEzMTktODE5YjdhN2VjNDM0
LzEvXzhxWmZUa00xdVJ1QVNqbERYQzRUbnEyZEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCZ4SAAwQC
uTlAMA0GCSqGSIb3DQEBCwUAA4IBAQAlDHEmh2O5yt5J6yy2BUcRmjz9i4FpulOl
QyGkaBD4vFJDF0jxxHyeJ7HvobwqCW0CGocWREBn5kXAijE7A59NYP2g6aH1852T
okI5z6yMaCP7TWwDsVXGUAkW+Fj1CV3PaMtmzJoYXI57uSs/EuxLxdnopg73GPmu
gXyYEB8MPz7bHp+ymGq8YFPJsczZgtJDQ9yTQvDmvJlFGUuuWHcqlzgLgpz8iGih
USYmZi13Gr5LhKTWyGe6lKnkmxk5yDAYnN0rbBUruJxpSL9TyKMZfgamI+SZk6O2
/I2vHeqM3/LjtAeVjKZ/JPbgViEl5LHxeB+zKyccyt7ubI9POmfn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:09 2025 by rpki-client