Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/QDFNROlGQ72E1pfuKFfGsBd9xcg.roa
File: QDFNROlGQ72E1pfuKFfGsBd9xcg.roa (raw, json)
Hash identifier: VF1VBTdn7LJC6I3NHL0mpWabpNq/4lmIR3NnCzWPcJc=
Subject key identifier: 40:31:4D:44:E9:46:43:BD:84:D6:97:EE:28:57:C6:B0:17:7D:C5:C8
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 018CC8018A7BFB0E45CBFFED604145DEDD81
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/QDFNROlGQ72E1pfuKFfGsBd9xcg.roa
Signing time: Tue 02 Jan 2024 02:29:53 +0000
ROA not before: Tue 02 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19762
IP address blocks: 103.76.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 06:45:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:8a:7b:fb:0e:45:cb:ff:ed:60:41:45:de:dd:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Jan 2 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40314d44e94643bd84d697ee2857c6b0177dc5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:31:ca:57:cb:a7:6f:b0:04:61:f1:d5:ee:6c:
5d:05:6a:45:19:c0:66:87:c0:61:06:b8:fb:4a:be:
b7:e2:07:da:78:b7:41:31:40:2d:4c:08:46:f9:e5:
b5:c4:ec:d2:05:03:60:56:e5:9b:5f:d4:d3:1b:83:
6a:47:65:86:23:fb:09:8d:80:d8:8a:e5:88:1e:86:
73:75:cf:89:b4:ed:a1:98:0f:2b:f5:ba:7a:2a:52:
8e:c8:e7:31:84:aa:dc:db:34:5d:70:e5:e7:d3:dd:
2a:f1:66:ce:21:b6:72:28:04:c7:ff:d4:79:f9:3d:
6c:13:88:30:f9:38:0b:14:e6:9c:a1:d6:74:91:f6:
39:63:b4:24:91:ba:0c:03:2b:d1:65:ca:45:ef:6a:
f6:37:f4:83:c2:38:8b:69:2a:6d:34:24:5c:36:cc:
66:81:20:f6:2f:27:00:9a:a8:b4:bf:06:93:82:ed:
54:6c:8d:b9:68:18:43:2f:ba:5d:76:d6:77:1c:85:
bd:88:57:dd:5e:7a:2e:6e:a7:85:c0:2c:80:25:a7:
c4:9f:0c:01:ff:9e:fc:e2:1d:3a:e6:ef:2c:a8:6e:
52:63:30:d3:73:76:0b:7c:df:12:47:04:44:b8:11:
a5:db:3e:36:28:87:d5:30:32:30:de:c7:b8:38:d8:
6d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:31:4D:44:E9:46:43:BD:84:D6:97:EE:28:57:C6:B0:17:7D:C5:C8
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/QDFNROlGQ72E1pfuKFfGsBd9xcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.131.0/24
Signature Algorithm: sha256WithRSAEncryption
81:f9:e4:8e:3b:ed:86:ff:20:06:84:8c:b4:fc:a7:e5:96:ba:
4f:46:a2:b0:51:21:45:d0:79:ce:b5:19:77:4c:da:49:8d:c2:
93:eb:5a:84:c0:90:01:c0:ff:54:2f:d4:bc:d4:57:27:64:23:
b2:98:f8:dd:d8:8d:00:7f:c0:34:b5:5b:37:64:f9:96:3a:f0:
89:c1:33:4f:96:b9:e0:f4:68:8e:88:10:74:20:5b:ca:a4:94:
b6:2a:c3:6e:cf:e1:e3:15:49:af:c9:7d:dd:18:b4:bc:95:e3:
57:9a:22:3f:e2:b1:17:6a:be:79:9f:82:c5:3e:5d:e5:03:a2:
f4:d2:7a:87:54:44:2f:91:85:b9:b6:92:5e:ee:95:e7:96:b7:
f2:a0:e3:2b:9a:6c:de:c1:5a:51:cf:3b:f4:33:67:12:c5:44:
83:05:e0:92:45:e6:4d:42:5c:52:88:0f:7f:55:b3:4d:34:c6:
71:ad:2d:ce:e6:75:ab:08:da:7c:96:4f:a9:24:a2:e0:db:3a:
97:95:63:c9:38:12:49:ce:73:1c:0a:6c:5a:d4:89:28:d3:b6:
c6:c7:10:95:63:fd:46:11:71:0a:79:4f:22:58:7f:14:f9:5d:
ce:c7:50:4c:3a:73:11:16:e3:f0:ce:67:2c:a3:29:3f:07:f2:
83:ba:f0:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAYp7+w5Fy//tYEFF3t2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjQwMTAyMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDMxNGQ0NGU5NDY0M2JkODRkNjk3ZWUyODU3YzZiMDE3N2RjNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjHKV8unb7AEYfHV7mxdBWpFGcBm
h8BhBrj7Sr634gfaeLdBMUAtTAhG+eW1xOzSBQNgVuWbX9TTG4NqR2WGI/sJjYDY
iuWIHoZzdc+JtO2hmA8r9bp6KlKOyOcxhKrc2zRdcOXn090q8WbOIbZyKATH/9R5
+T1sE4gw+TgLFOacodZ0kfY5Y7QkkboMAyvRZcpF72r2N/SDwjiLaSptNCRcNsxm
gSD2LycAmqi0vwaTgu1UbI25aBhDL7pddtZ3HIW9iFfdXnoubqeFwCyAJafEnwwB
/5784h065u8sqG5SYzDTc3YLfN8SRwREuBGl2z42KIfVMDIw3se4ONht3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEAxTUTpRkO9hNaX7ihXxrAXfcXIMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvUURGTlJPbEdRNzJFMXBmdUtGZkdzQmQ5eGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0yDMA0G
CSqGSIb3DQEBCwUAA4IBAQCB+eSOO+2G/yAGhIy0/KfllrpPRqKwUSFF0HnOtRl3
TNpJjcKT61qEwJABwP9UL9S81FcnZCOymPjd2I0Af8A0tVs3ZPmWOvCJwTNPlrng
9GiOiBB0IFvKpJS2KsNuz+HjFUmvyX3dGLS8leNXmiI/4rEXar55n4LFPl3lA6L0
0nqHVEQvkYW5tpJe7pXnlrfyoOMrmmzewVpRzzv0M2cSxUSDBeCSReZNQlxSiA9/
VbNNNMZxrS3O5nWrCNp8lk+pJKLg2zqXlWPJOBJJznMcCmxa1Iko07bGxxCVY/1G
EXEKeU8iWH8U+V3Ox1BMOnMRFuPwzmcsoyk/B/KDuvBQ
-----END CERTIFICATE-----
Generated at Wed Jan 17 07:49:29 2024 by rpki-client on console-ams.rpki-client.org