Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wlFpHvgIxaU53QgATZ0g3ShN3ss.roa
File: wlFpHvgIxaU53QgATZ0g3ShN3ss.roa (raw, json)
Hash identifier: m89yts+cmeQ5ktuBYecG+4UXw+NztHLkRxP8ZbS+uYc=
Subject key identifier: C2:51:69:1E:F8:08:C5:A5:39:DD:08:00:4D:9D:20:DD:28:4D:DE:CB
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A660A09C4CAC44EC9DC5D44D70802
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wlFpHvgIxaU53QgATZ0g3ShN3ss.roa
Signing time: Tue 02 Jan 2024 12:33:45 +0000
ROA not before: Tue 02 Jan 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 202.133.90.0/23 maxlen: 24
103.25.86.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 22:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:66:0a:09:c4:ca:c4:4e:c9:dc:5d:44:d7:08:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c251691ef808c5a539dd08004d9d20dd284ddecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6c:8a:f1:2a:f2:c8:5f:ed:71:24:9a:af:40:
39:da:e9:67:45:36:ca:2f:44:92:b7:0b:df:2a:76:
83:d9:1c:4d:c7:34:d0:b4:8f:1a:f2:a3:aa:51:ae:
eb:ee:bb:f2:88:11:1c:29:47:24:9b:51:ea:2f:95:
64:6f:c8:76:05:64:17:1e:7c:5f:65:92:1f:bb:a3:
34:35:a4:0e:4e:5a:6c:61:83:03:c9:c6:e7:f8:b8:
90:36:28:d0:aa:5a:85:76:94:5e:b6:ae:41:ce:71:
37:02:f4:0f:44:d7:bc:93:aa:14:fa:18:99:3b:ae:
ab:98:92:31:a0:35:c5:aa:d5:f4:b7:60:7a:10:21:
4c:d5:53:48:fa:ac:50:11:e4:25:0a:5e:26:28:7b:
d3:76:fc:17:90:54:ac:d6:36:ef:d3:7b:03:4d:be:
65:12:84:9f:a7:7e:a7:8c:4a:24:02:9b:de:78:5d:
f0:93:66:dd:a6:de:9c:09:83:67:4b:c2:1b:5e:0f:
a3:a0:7c:88:ae:da:cd:17:f2:35:eb:05:2e:2a:a0:
42:ad:f0:f3:77:4e:cf:a0:76:ee:45:92:78:40:14:
c0:e6:8b:44:0b:33:6e:34:e1:e8:21:b5:ee:28:31:
92:a8:9b:cd:09:5a:8c:69:97:e7:25:35:7c:ae:7c:
e9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:51:69:1E:F8:08:C5:A5:39:DD:08:00:4D:9D:20:DD:28:4D:DE:CB
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wlFpHvgIxaU53QgATZ0g3ShN3ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.25.86.0/23
202.133.90.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:86:e2:31:ff:20:54:57:4d:08:7d:75:88:a4:36:17:af:54:
e8:57:f2:2e:6b:c5:ef:67:c2:e2:d4:02:0e:ff:87:e4:f8:44:
42:a3:bd:ff:d9:f1:61:47:ea:86:31:b7:de:75:8d:48:59:d9:
87:f7:6e:a1:79:9a:78:cc:5e:7d:98:22:d5:b5:f9:9f:92:a6:
ef:37:41:c7:56:00:6b:81:2b:6d:46:b1:d6:ba:d7:38:35:d5:
8e:8a:2e:30:c2:c7:4d:dd:21:5d:f2:77:dd:c1:a4:9a:07:4b:
9d:69:e5:ef:d7:34:6b:d3:48:6a:f3:5c:0c:82:0e:69:f0:ef:
6e:52:6c:15:f9:c6:9b:36:c2:72:83:05:07:b0:54:0b:87:92:
55:3f:97:18:f7:36:5f:53:6b:bb:3b:16:5b:3f:0f:bb:74:d7:
d3:a7:ab:86:91:df:90:9c:ce:40:b6:7e:65:e6:9d:77:ba:89:
41:eb:66:6b:ce:c7:09:b6:3b:19:a6:e5:be:e8:18:35:85:15:
42:d4:3c:3b:64:21:11:53:05:b8:bd:7f:16:79:42:c9:fd:55:
a7:dd:0a:8c:a4:f7:87:75:c3:4b:82:68:b7:94:19:d3:ee:46:
df:80:a1:5e:3e:cc:c4:60:09:34:98:07:97:86:32:1c:ae:77:
75:05:34:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKmYKCcTKxE7J3F1E1wgCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjUxNjkxZWY4MDhjNWE1MzlkZDA4MDA0ZDlkMjBkZDI4NGRkZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGyK8SryyF/tcSSar0A52ulnRTbK
L0SStwvfKnaD2RxNxzTQtI8a8qOqUa7r7rvyiBEcKUckm1HqL5Vkb8h2BWQXHnxf
ZZIfu6M0NaQOTlpsYYMDycbn+LiQNijQqlqFdpRetq5BznE3AvQPRNe8k6oU+hiZ
O66rmJIxoDXFqtX0t2B6ECFM1VNI+qxQEeQlCl4mKHvTdvwXkFSs1jbv03sDTb5l
EoSfp36njEokApveeF3wk2bdpt6cCYNnS8IbXg+joHyIrtrNF/I16wUuKqBCrfDz
d07PoHbuRZJ4QBTA5otECzNuNOHoIbXuKDGSqJvNCVqMaZfnJTV8rnzphwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMJRaR74CMWlOd0IAE2dIN0oTd7LMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvd2xGcEh2Z0l4YVU1M1FnQVRaMGczU2hOM3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBZxlWAwQB
yoVaMA0GCSqGSIb3DQEBCwUAA4IBAQCPhuIx/yBUV00IfXWIpDYXr1ToV/Iua8Xv
Z8Li1AIO/4fk+ERCo73/2fFhR+qGMbfedY1IWdmH926heZp4zF59mCLVtfmfkqbv
N0HHVgBrgSttRrHWutc4NdWOii4wwsdN3SFd8nfdwaSaB0udaeXv1zRr00hq81wM
gg5p8O9uUmwV+cabNsJygwUHsFQLh5JVP5cY9zZfU2u7OxZbPw+7dNfTp6uGkd+Q
nM5Atn5l5p13uolB62ZrzscJtjsZpuW+6Bg1hRVC1Dw7ZCERUwW4vX8WeULJ/VWn
3QqMpPeHdcNLgmi3lBnT7kbfgKFePszEYAk0mAeXhjIcrnd1BTRi
-----END CERTIFICATE-----
Generated at Fri Jan 26 01:36:08 2024 by rpki-client on console-ams.rpki-client.org