Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/XeG18I8VO5qvlG26Iw8xk3rh-_U.roa
File: XeG18I8VO5qvlG26Iw8xk3rh-_U.roa (raw, json)
Hash identifier: zhEG1lNCIYj5PFqJKzIRu8IaKlDyEvUtGtWS0xGVAMs=
Subject key identifier: 5D:E1:B5:F0:8F:15:3B:9A:AF:94:6D:BA:23:0F:31:93:7A:E1:FB:F5
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 019315E186D3DFECACAABD24DEC56B4F8870
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/XeG18I8VO5qvlG26Iw8xk3rh-_U.roa
Signing time: Sun 10 Nov 2024 11:42:01 +0000
ROA not before: Sun 10 Nov 2024 11:42:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201364
IP address blocks: 103.83.87.0/24 maxlen: 24
2a0b:9800::/32 maxlen: 32
2a0b:9801::/32 maxlen: 32
2a0b:9802::/32 maxlen: 32
2a0b:9803::/32 maxlen: 32
2a0b:9804::/32 maxlen: 32
2a0b:9805::/32 maxlen: 32
2a0b:9806::/32 maxlen: 32
2a0b:9807::/32 maxlen: 32
2a0f:3380::/32 maxlen: 32
2a0f:3381::/32 maxlen: 32
2a0f:3382::/32 maxlen: 32
2a0f:3383::/32 maxlen: 32
2a0f:3384::/32 maxlen: 32
2a0f:3385::/32 maxlen: 32
2a0f:3386::/32 maxlen: 32
2a0f:3387::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Nov 2024 22:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:15:e1:86:d3:df:ec:ac:aa:bd:24:de:c5:6b:4f:88:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Nov 10 11:42:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5de1b5f08f153b9aaf946dba230f31937ae1fbf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:90:af:33:42:c0:60:6e:06:83:44:fa:b3:9c:
17:45:37:8c:9f:3f:89:c7:00:31:ec:85:85:e7:f9:
3b:12:b5:06:1f:a6:68:55:d5:bc:0e:61:fd:20:af:
a3:0e:3c:00:94:cb:ba:8a:c8:62:23:f2:51:3a:83:
94:d0:40:d1:6c:f3:00:93:97:6f:27:ff:d8:a6:86:
1c:5a:d3:b6:cf:38:81:98:9a:73:fd:d0:1e:30:fe:
be:32:cc:35:ba:2b:f1:be:8f:de:c2:9e:18:43:49:
eb:85:3b:24:39:ed:7b:c8:c4:eb:03:ff:7e:33:2d:
29:c0:59:74:ee:ae:df:70:df:54:11:d5:a9:91:bc:
c0:59:3f:16:9b:0c:dc:1c:5a:b8:61:dc:c7:ba:4a:
bb:3b:b9:23:6a:55:27:dc:b9:61:28:60:b7:21:0f:
58:8b:d7:5e:21:13:78:0c:38:17:68:ca:40:45:b2:
19:d6:c7:ca:78:6c:06:04:07:1e:6f:e7:32:80:ed:
22:cf:b1:29:e1:ee:8f:e0:97:19:0a:5c:1b:73:6a:
a7:56:0d:1d:bc:fd:04:a8:13:d1:d9:35:60:d7:64:
e3:79:25:e3:f2:7b:31:f2:88:ca:46:b5:7c:89:d8:
50:fb:f9:e7:f2:48:59:0b:ce:a3:e3:fa:b3:d5:56:
b7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E1:B5:F0:8F:15:3B:9A:AF:94:6D:BA:23:0F:31:93:7A:E1:FB:F5
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/XeG18I8VO5qvlG26Iw8xk3rh-_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.83.87.0/24
IPv6:
2a0b:9800::/29
2a0f:3380::/29
Signature Algorithm: sha256WithRSAEncryption
2d:77:31:20:cd:16:8f:4e:54:12:26:47:ce:35:93:25:70:94:
f9:75:f8:91:96:6e:12:65:e6:4f:98:a7:b6:0c:b2:9a:2c:44:
f4:ea:cc:3a:41:d5:67:49:1f:c4:43:4c:77:6a:60:12:81:f4:
19:f1:77:d5:93:e1:b4:24:cc:71:16:61:86:64:52:83:8b:f4:
50:9e:73:ad:42:64:dc:7b:7e:aa:65:a5:5e:67:ef:c2:61:74:
c4:01:81:9a:79:65:c1:09:46:bb:e5:87:45:65:14:62:10:3f:
31:9d:0d:ad:1b:d3:fc:a7:8d:6b:0e:c7:9a:e3:a9:3e:d9:56:
65:bf:a4:1e:75:ab:44:00:88:00:ea:c9:69:ed:14:95:f4:2e:
0d:6d:dc:b4:87:3d:df:0d:f8:94:ec:ae:ba:92:ce:4a:4e:89:
88:6c:ed:c1:f5:00:ab:60:39:db:cd:96:cc:3a:19:d4:05:95:
10:e6:8d:f6:13:c7:db:0b:8d:8d:aa:36:79:c9:78:d9:0d:c5:
ae:7f:4d:9f:1d:fb:6f:3c:20:9f:be:92:a7:3d:e0:ae:75:ab:
ce:a8:5e:51:8a:9c:d4:9b:ac:5d:b0:ba:ae:41:41:4f:d7:27:
8a:9b:62:b2:25:50:b3:cc:a1:c2:9d:12:c8:a8:33:45:cf:a5:
3f:23:9a:e8
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZMV4YbT3+ysqr0k3sVrT4hwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQxMTEwMTE0MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGUxYjVmMDhmMTUzYjlhYWY5NDZkYmEyMzBmMzE5MzdhZTFmYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5CvM0LAYG4Gg0T6s5wXRTeMnz+J
xwAx7IWF5/k7ErUGH6ZoVdW8DmH9IK+jDjwAlMu6ishiI/JROoOU0EDRbPMAk5dv
J//YpoYcWtO2zziBmJpz/dAeMP6+Msw1uivxvo/ewp4YQ0nrhTskOe17yMTrA/9+
My0pwFl07q7fcN9UEdWpkbzAWT8WmwzcHFq4YdzHukq7O7kjalUn3LlhKGC3IQ9Y
i9deIRN4DDgXaMpARbIZ1sfKeGwGBAceb+cygO0iz7Ep4e6P4JcZClwbc2qnVg0d
vP0EqBPR2TVg12TjeSXj8nsx8ojKRrV8idhQ+/nn8khZC86j4/qz1Va32wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFF3htfCPFTuar5RtuiMPMZN64fv1MB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvWGVHMThJOFZPNXF2bEcyNkl3OHhrM3JoLV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAZ1NXMBQE
AgACMA4DBQMqC5gAAwUDKg8zgDANBgkqhkiG9w0BAQsFAAOCAQEALXcxIM0Wj05U
EiZHzjWTJXCU+XX4kZZuEmXmT5intgyymixE9OrMOkHVZ0kfxENMd2pgEoH0GfF3
1ZPhtCTMcRZhhmRSg4v0UJ5zrUJk3Ht+qmWlXmfvwmF0xAGBmnllwQlGu+WHRWUU
YhA/MZ0NrRvT/KeNaw7HmuOpPtlWZb+kHnWrRACIAOrJae0UlfQuDW3ctIc93w34
lOyuupLOSk6JiGztwfUAq2A5282WzDoZ1AWVEOaN9hPH2wuNjao2ecl42Q3Frn9N
nx37bzwgn76Spz3grnWrzqheUYqc1JusXbC6rkFBT9cniptisiVQs8yhwp0SyKgz
Rc+lPyOa6A==
-----END CERTIFICATE-----
Generated at Tue Nov 12 02:40:04 2024 by rpki-client on console-fra.rpki-client.org