Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/AUITae0OO7io-RAG6pb27qVPYzo.roa
File: AUITae0OO7io-RAG6pb27qVPYzo.roa (raw, json)
Hash identifier: Ntknlfq4M3j9p5C7AfrwZ7ahVxUU0IT76wVvCcLDbRs=
Subject key identifier: 01:42:13:69:ED:0E:3B:B8:A8:F9:10:06:EA:96:F6:EE:A5:4F:63:3A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018B3B52896DCA1A36E94A5C537A69230246
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/AUITae0OO7io-RAG6pb27qVPYzo.roa
Signing time: Tue 17 Oct 2023 01:49:06 +0000
ROA not before: Tue 17 Oct 2023 01:49:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 149457
IP address blocks: 103.25.84.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3b:52:89:6d:ca:1a:36:e9:4a:5c:53:7a:69:23:02:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 17 01:49:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01421369ed0e3bb8a8f91006ea96f6eea54f633a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f9:82:0d:54:2c:48:fa:e2:a8:de:d2:7c:54:
7c:e6:b6:41:06:81:d6:d2:d3:8c:57:d4:e8:c4:c3:
c9:ce:f2:ff:0f:ea:75:99:aa:f0:a3:fd:f3:61:8f:
3c:f7:68:e3:25:94:b1:1c:3e:00:06:af:07:57:14:
9a:4a:ee:fc:cc:20:29:3c:52:28:a6:2f:a2:f9:2c:
18:84:20:76:88:bc:b0:70:95:a5:c6:7a:13:4b:06:
e7:68:26:d8:20:7f:fb:b6:ec:0f:5d:68:8f:19:f0:
44:bc:3a:10:60:81:ba:57:c6:b9:e3:24:aa:d9:b3:
82:72:67:60:b7:e0:96:74:8e:24:5b:aa:d5:4f:1c:
a2:85:0e:f2:58:33:90:68:90:2e:70:83:a7:44:30:
b2:8f:69:55:93:13:95:d5:8d:eb:6e:e9:7b:87:c6:
ee:ca:71:4d:89:5b:53:4c:65:75:d9:70:d6:7a:20:
0a:f4:8a:c2:bc:4a:06:7e:a6:93:c4:91:1f:d6:35:
3b:0d:d3:b3:60:be:ae:eb:10:d5:0c:e0:1c:70:29:
50:76:39:f6:be:ca:4f:08:00:45:bb:ff:fb:6e:76:
5c:f3:fd:f3:fc:68:d6:8d:54:1e:a1:82:5a:95:d9:
57:99:c3:1d:d9:e5:32:af:e8:7c:7e:f0:e1:29:50:
44:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:42:13:69:ED:0E:3B:B8:A8:F9:10:06:EA:96:F6:EE:A5:4F:63:3A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/AUITae0OO7io-RAG6pb27qVPYzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.25.84.0/24
Signature Algorithm: sha256WithRSAEncryption
46:a1:0a:65:8b:ff:b9:6e:00:c0:79:1f:77:33:76:f9:22:0f:
66:b7:c1:10:82:83:fc:cf:57:a7:59:94:0b:b1:12:ef:ca:a2:
29:b7:5d:61:72:8f:2a:25:7a:55:ae:84:d8:a4:de:80:a8:27:
f9:3f:28:79:fc:85:37:4a:3f:ee:83:26:0e:36:44:74:bc:32:
cd:e9:b5:15:22:5f:af:92:0a:0e:24:cc:fd:38:74:2b:f4:8a:
6c:6d:1e:14:5e:98:be:6a:66:0c:0f:59:26:e0:f5:5f:d3:73:
e1:1a:5c:27:a9:11:ff:c1:a1:a3:4f:78:58:47:75:1b:14:b4:
83:ed:36:cd:3f:bc:5f:29:8f:43:90:20:db:6a:b4:d4:d2:82:
81:92:3d:9e:bd:77:17:af:7d:22:aa:03:17:8c:d6:4b:14:64:
9c:c8:c1:69:37:12:ee:b6:0a:ae:ac:10:4a:f0:a3:85:53:2e:
54:20:f0:7c:a1:9f:93:17:13:96:8f:c8:d7:fc:70:9f:34:28:
c8:86:01:9a:8d:e6:3f:76:1d:6c:1d:0a:fd:28:9f:9f:c9:3b:
d3:17:55:93:bb:26:8a:2c:60:c5:3d:7d:4e:e1:96:bc:bf:0f:
a9:39:a4:4b:cb:49:4f:c1:4b:96:95:49:bc:e4:d4:75:7e:1d:
01:5e:82:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs7Uoltyho26UpcU3ppIwJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMDE3MDE0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQyMTM2OWVkMGUzYmI4YThmOTEwMDZlYTk2ZjZlZWE1NGY2MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofmCDVQsSPriqN7SfFR85rZBBoHW
0tOMV9ToxMPJzvL/D+p1marwo/3zYY8892jjJZSxHD4ABq8HVxSaSu78zCApPFIo
pi+i+SwYhCB2iLywcJWlxnoTSwbnaCbYIH/7tuwPXWiPGfBEvDoQYIG6V8a54ySq
2bOCcmdgt+CWdI4kW6rVTxyihQ7yWDOQaJAucIOnRDCyj2lVkxOV1Y3rbul7h8bu
ynFNiVtTTGV12XDWeiAK9IrCvEoGfqaTxJEf1jU7DdOzYL6u6xDVDOAccClQdjn2
vspPCABFu//7bnZc8/3z/GjWjVQeoYJaldlXmcMd2eUyr+h8fvDhKVBE3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAFCE2ntDju4qPkQBuqW9u6lT2M6MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvQVVJVGFlME9PN2lvLVJBRzZwYjI3cVZQWXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZxlUMA0G
CSqGSIb3DQEBCwUAA4IBAQBGoQpli/+5bgDAeR93M3b5Ig9mt8EQgoP8z1enWZQL
sRLvyqIpt11hco8qJXpVroTYpN6AqCf5Pyh5/IU3Sj/ugyYONkR0vDLN6bUVIl+v
kgoOJMz9OHQr9IpsbR4UXpi+amYMD1km4PVf03PhGlwnqRH/waGjT3hYR3UbFLSD
7TbNP7xfKY9DkCDbarTU0oKBkj2evXcXr30iqgMXjNZLFGScyMFpNxLutgqurBBK
8KOFUy5UIPB8oZ+TFxOWj8jX/HCfNCjIhgGajeY/dh1sHQr9KJ+fyTvTF1WTuyaK
LGDFPX1O4Za8vw+pOaRLy0lPwUuWlUm85NR1fh0BXoKh
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:23 2024 by rpki-client on console-ams.rpki-client.org