Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/p9o5xCxQnwkJfyz1r_y_kdJ8bRk.roa
File: p9o5xCxQnwkJfyz1r_y_kdJ8bRk.roa (raw, json)
Hash identifier: Ec7VDGEUInmaeOeeLJ/VAnkQq/blfPBHNq9a5OSbYnQ=
Subject key identifier: A7:DA:39:C4:2C:50:9F:09:09:7F:2C:F5:AF:FC:BF:91:D2:7C:6D:19
Certificate issuer: /CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Certificate serial: 0192E4FF2DD1252CD2ECA73BB44969E79B34
Authority key identifier: 60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/p9o5xCxQnwkJfyz1r_y_kdJ8bRk.roa
Signing time: Thu 31 Oct 2024 23:53:01 +0000
ROA not before: Thu 31 Oct 2024 23:53:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 931
IP address blocks: 5.252.164.0/24 maxlen: 24
45.130.153.0/24 maxlen: 24
45.130.154.0/24 maxlen: 24
45.130.155.0/24 maxlen: 24
103.202.52.0/24 maxlen: 24
103.202.53.0/24 maxlen: 24
103.202.54.0/24 maxlen: 24
103.202.55.0/24 maxlen: 24
188.210.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 20:28:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e4:ff:2d:d1:25:2c:d2:ec:a7:3b:b4:49:69:e7:9b:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Validity
Not Before: Oct 31 23:53:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7da39c42c509f09097f2cf5affcbf91d27c6d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:71:45:90:f3:36:2d:02:b3:d0:2a:f4:cf:a3:
49:8a:96:3d:6c:cd:af:29:2f:b8:e4:29:f9:79:99:
b2:35:5c:e5:bb:bb:6d:b7:16:ed:64:3e:3e:21:46:
a9:7b:ac:26:3c:52:04:8a:ab:eb:1b:f9:87:d5:84:
6f:2b:8d:db:4c:14:90:ef:51:65:d1:3a:a8:f7:4c:
16:7f:6a:47:4b:02:5a:11:92:2c:53:03:49:f7:c1:
3c:22:7a:0b:dc:64:b3:6c:eb:33:02:23:b4:70:09:
ed:18:59:89:59:a7:b0:5a:cf:b7:6e:97:9c:a0:30:
5f:d6:16:a0:d2:e3:20:5a:15:7c:c4:82:60:3f:5b:
36:94:b5:92:50:f9:50:94:0b:5f:9e:9f:e1:0a:c0:
8d:b1:d6:20:e8:ff:1a:9b:d6:24:ce:5e:3e:b9:2f:
46:13:d2:46:b2:69:3a:d3:64:1a:0a:47:cb:28:20:
24:fc:8a:db:24:a9:de:47:52:e4:16:84:de:5f:9b:
89:25:75:e1:6f:a9:ae:2f:14:04:dd:33:c4:e0:65:
3e:22:ef:e1:73:c6:6d:19:d0:af:9c:c0:59:5a:91:
10:53:17:e0:ef:dc:f3:82:c1:a4:51:29:44:34:61:
9e:ac:0a:d8:98:2f:8b:34:08:10:81:92:2b:ff:54:
84:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:DA:39:C4:2C:50:9F:09:09:7F:2C:F5:AF:FC:BF:91:D2:7C:6D:19
X509v3 Authority Key Identifier:
keyid:60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/p9o5xCxQnwkJfyz1r_y_kdJ8bRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.164.0/24
45.130.153.0-45.130.155.255
103.202.52.0/22
188.210.236.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:a6:25:ac:35:d3:4d:8b:82:df:cc:4f:43:d1:9a:ce:3f:c7:
f1:27:c9:7b:2d:b1:2c:cf:78:79:54:48:78:b6:6f:fd:e9:b6:
a1:83:2f:f3:03:7b:54:3b:59:fd:5c:c2:a6:0e:68:5a:64:75:
b4:5f:0b:7c:db:e7:27:d4:4f:f1:b0:53:2d:a8:da:d3:a1:0e:
2a:9f:04:1e:0e:5f:c3:c2:c8:91:fe:71:57:12:98:5c:f3:84:
8d:bd:4a:26:d6:ff:ff:54:f0:cb:ef:72:06:9c:38:73:88:8f:
7a:e4:b6:04:0c:da:54:b5:02:f7:c8:09:99:13:c9:59:f2:e0:
36:11:cf:4a:6a:a3:50:bd:39:b4:e2:aa:f6:25:f0:ce:f5:ad:
30:0b:8e:e9:d7:6f:ab:17:d5:9a:18:e6:27:64:9b:48:05:f8:
cd:78:5d:5b:17:3d:12:45:23:41:f0:b7:28:5d:db:ac:3d:0d:
da:07:e0:3b:62:9e:74:d7:39:3f:c9:4a:6e:5c:fc:22:66:5b:
b0:b1:09:9e:9f:15:d4:08:f9:fc:74:8f:9e:12:02:2b:7b:d4:
64:f8:da:3b:14:65:c9:1c:22:54:09:6c:98:dc:49:00:3e:12:
1d:72:fc:79:3b:ef:5c:e4:79:ee:e6:5e:04:4b:fb:ff:5a:6f:
34:29:91:5a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZLk/y3RJSzS7Kc7tElp55s0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTU0MGNlNDUwNDU2MzQ1ZWM4ZTA5OGVmNGY1MzYzNGQ3
NGJmMWYwHhcNMjQxMDMxMjM1MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2RhMzljNDJjNTA5ZjA5MDk3ZjJjZjVhZmZjYmY5MWQyN2M2ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHFFkPM2LQKz0Cr0z6NJipY9bM2v
KS+45Cn5eZmyNVzlu7tttxbtZD4+IUape6wmPFIEiqvrG/mH1YRvK43bTBSQ71Fl
0Tqo90wWf2pHSwJaEZIsUwNJ98E8InoL3GSzbOszAiO0cAntGFmJWaewWs+3bpec
oDBf1hag0uMgWhV8xIJgP1s2lLWSUPlQlAtfnp/hCsCNsdYg6P8am9Ykzl4+uS9G
E9JGsmk602QaCkfLKCAk/IrbJKneR1LkFoTeX5uJJXXhb6muLxQE3TPE4GU+Iu/h
c8ZtGdCvnMBZWpEQUxfg79zzgsGkUSlENGGerArYmC+LNAgQgZIr/1SE/wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKfaOcQsUJ8JCX8s9a/8v5HSfG0ZMB8GA1UdIwQY
MBaAFGClQM5FBFY0XsjgmO9PU2NNdL8fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEt
ZTQ3MzUzMWY2ZmU4LzEvcDlvNXhDeFFud2tKZnl6MXJfeV9rZEo4YlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEtZTQ3MzUzMWY2ZmU4
LzEvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQABfykMAwD
BAAtgpkDBAItgpgDBAJnyjQDBAC80uwwDQYJKoZIhvcNAQELBQADggEBALSmJaw1
002Lgt/MT0PRms4/x/EnyXstsSzPeHlUSHi2b/3ptqGDL/MDe1Q7Wf1cwqYOaFpk
dbRfC3zb5yfUT/GwUy2o2tOhDiqfBB4OX8PCyJH+cVcSmFzzhI29SibW//9U8Mvv
cgacOHOIj3rktgQM2lS1AvfICZkTyVny4DYRz0pqo1C9ObTiqvYl8M71rTALjunX
b6sX1ZoY5idkm0gF+M14XVsXPRJFI0Hwtyhd26w9DdoH4DtinnTXOT/JSm5c/CJm
W7CxCZ6fFdQI+fx0j54SAit71GT42jsUZckcIlQJbJjcSQA+Eh1y/Hk771zkee7m
XgRL+/9abzQpkVo=
-----END CERTIFICATE-----
Generated at Thu Nov 14 21:58:15 2024 by rpki-client on console-ams.rpki-client.org