Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/Fb11bKHZUgFBW7qhiuf7NOQNxXA.roa
File: Fb11bKHZUgFBW7qhiuf7NOQNxXA.roa (raw, json)
Hash identifier: 8MBQV1XwsDxh/CZyc36fKXVhbDtjGCqMusNYgM5W76M=
Subject key identifier: 15:BD:75:6C:A1:D9:52:01:41:5B:BA:A1:8A:E7:FB:34:E4:0D:C5:70
Certificate issuer: /CN=e30f8894f308172ace92fbe6052eec23853eadad
Certificate serial: 018CC9BC99CF325ED4B851D52C1E97DAAFDA
Authority key identifier: E3:0F:88:94:F3:08:17:2A:CE:92:FB:E6:05:2E:EC:23:85:3E:AD:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4w-IlPMIFyrOkvvmBS7sI4U-ra0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/Fb11bKHZUgFBW7qhiuf7NOQNxXA.roa
Signing time: Tue 02 Jan 2024 10:33:49 +0000
ROA not before: Tue 02 Jan 2024 10:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3920
IP address blocks: 117.55.202.0/24 maxlen: 24
117.55.203.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
2a13:adc0:1::/48 maxlen: 48
2a13:adc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 Jan 2024 20:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:99:cf:32:5e:d4:b8:51:d5:2c:1e:97:da:af:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e30f8894f308172ace92fbe6052eec23853eadad
Validity
Not Before: Jan 2 10:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15bd756ca1d95201415bbaa18ae7fb34e40dc570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:22:70:a8:61:b7:b3:92:33:90:eb:7e:20:aa:
0c:34:bf:95:2a:56:cc:1e:ae:56:82:a2:87:b8:03:
ce:05:93:75:e6:d6:cf:de:d4:a2:be:e8:7f:30:4e:
86:f1:39:f3:b2:c3:5e:32:22:41:57:17:5c:5b:50:
f0:fc:4f:93:35:20:2d:04:1e:e4:d9:cc:ae:9b:e8:
23:09:ce:8f:14:54:bc:d2:99:0d:81:c9:64:80:94:
f1:59:a3:28:f5:88:6b:7b:73:e0:47:49:bc:25:7f:
59:f1:b1:39:8a:2b:46:6e:0b:52:38:8b:9f:5f:24:
22:ca:76:c9:92:8e:de:97:46:0b:da:71:8d:94:99:
23:11:e5:76:90:f6:cf:8a:59:70:2f:01:77:c4:00:
e3:e2:d8:06:b9:ae:66:a6:68:2c:a3:9b:88:53:51:
a2:02:22:fe:0c:b3:3c:5d:e6:c1:5f:ca:8b:d7:40:
47:d5:d7:61:46:62:03:23:10:b5:5e:56:e1:aa:b8:
84:9b:10:da:d3:96:6a:eb:7c:d7:32:26:68:12:36:
ab:64:a0:35:e4:2c:48:4a:97:bc:80:e1:0c:54:4c:
21:43:ff:38:8b:aa:f4:8c:31:05:f5:d2:c9:d3:de:
a4:ac:7d:03:d4:57:78:08:d4:5f:a4:d4:99:7b:9d:
2f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:BD:75:6C:A1:D9:52:01:41:5B:BA:A1:8A:E7:FB:34:E4:0D:C5:70
X509v3 Authority Key Identifier:
keyid:E3:0F:88:94:F3:08:17:2A:CE:92:FB:E6:05:2E:EC:23:85:3E:AD:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4w-IlPMIFyrOkvvmBS7sI4U-ra0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/Fb11bKHZUgFBW7qhiuf7NOQNxXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/4w-IlPMIFyrOkvvmBS7sI4U-ra0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
117.55.202.0/23
212.237.231.0/24
IPv6:
2a13:adc0::/47
Signature Algorithm: sha256WithRSAEncryption
5d:9f:b2:09:07:d4:7b:ed:1d:a2:36:7e:19:1a:d7:72:b5:03:
ed:5c:aa:18:9c:1e:61:5b:9e:3b:dd:48:74:45:4b:a1:22:49:
39:84:0d:5d:7c:71:74:45:ab:c7:65:b9:9e:72:3e:83:86:f8:
c9:df:cf:3d:74:a1:77:5a:36:8d:9b:dc:0b:0c:5e:f6:ea:43:
81:08:46:af:7b:82:9e:63:a0:70:8f:dd:89:f9:44:c4:7b:16:
fb:a3:dd:d5:2c:a0:4d:aa:3b:d8:04:04:56:dd:27:62:fd:f5:
30:f6:ce:1f:67:c7:b8:60:bc:49:1c:16:d5:f5:8d:b5:0c:fb:
ec:38:e0:db:20:a2:ed:01:8d:8e:64:f6:03:75:4f:fe:a6:7b:
7f:52:13:0e:06:81:61:a9:7e:40:9e:e6:57:93:4e:04:ef:c1:
96:66:45:d7:3b:aa:c7:97:c4:fd:26:eb:3c:53:f5:67:2c:cb:
3a:7d:d2:db:b9:7c:0b:b1:8e:88:87:f9:6f:59:90:ae:9e:32:
5f:e8:81:81:9d:e6:40:59:a5:47:db:8f:4d:4b:d7:bc:f2:97:
9e:cc:04:78:16:e5:f5:ad:31:56:e2:74:c4:99:a2:84:74:f9:
29:9e:f9:0b:8b:b7:c9:38:1d:6c:cf:a5:5b:fe:06:66:a8:1e:
e7:15:a8:18
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJvJnPMl7UuFHVLB6X2q/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMGY4ODk0ZjMwODE3MmFjZTkyZmJlNjA1MmVlYzIzODUz
ZWFkYWQwHhcNMjQwMTAyMTAzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWJkNzU2Y2ExZDk1MjAxNDE1YmJhYTE4YWU3ZmIzNGU0MGRjNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiJwqGG3s5IzkOt+IKoMNL+VKlbM
Hq5WgqKHuAPOBZN15tbP3tSivuh/ME6G8TnzssNeMiJBVxdcW1Dw/E+TNSAtBB7k
2cyum+gjCc6PFFS80pkNgclkgJTxWaMo9Yhre3PgR0m8JX9Z8bE5iitGbgtSOIuf
XyQiynbJko7el0YL2nGNlJkjEeV2kPbPillwLwF3xADj4tgGua5mpmgso5uIU1Gi
AiL+DLM8XebBX8qL10BH1ddhRmIDIxC1XlbhqriEmxDa05Zq63zXMiZoEjarZKA1
5CxISpe8gOEMVEwhQ/84i6r0jDEF9dLJ096krH0D1Fd4CNRfpNSZe50v0QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBW9dWyh2VIBQVu6oYrn+zTkDcVwMB8GA1UdIwQY
MBaAFOMPiJTzCBcqzpL75gUu7COFPq2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHctSWxQTUlGeXJPa3Z2bUJTN3NJNFUtcmEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81ODc0NjAtZWFiNy00MGQ5LWE1MTIt
M2U2NjBkMDI1MmRiLzEvRmIxMWJLSFpVZ0ZCVzdxaGl1ZjdOT1FOeFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81ODc0NjAtZWFiNy00MGQ5LWE1MTItM2U2NjBkMDI1MmRi
LzEvNHctSWxQTUlGeXJPa3Z2bUJTN3NJNFUtcmEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBdTfKAwQA
1O3nMA8EAgACMAkDBwEqE63AAAAwDQYJKoZIhvcNAQELBQADggEBAF2fsgkH1Hvt
HaI2fhka13K1A+1cqhicHmFbnjvdSHRFS6EiSTmEDV18cXRFq8dluZ5yPoOG+Mnf
zz10oXdaNo2b3AsMXvbqQ4EIRq97gp5joHCP3Yn5RMR7Fvuj3dUsoE2qO9gEBFbd
J2L99TD2zh9nx7hgvEkcFtX1jbUM++w44Nsgou0BjY5k9gN1T/6me39SEw4GgWGp
fkCe5leTTgTvwZZmRdc7qseXxP0m6zxT9Wcsyzp90tu5fAuxjoiH+W9ZkK6eMl/o
gYGd5kBZpUfbj01L17zyl57MBHgW5fWtMVbidMSZooR0+Sme+QuLt8k4HWzPpVv+
BmaoHucVqBg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:53 2025 by rpki-client