Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/iOh7qhtXGXLSJkzwHPXsTWpFeCg.roa
File: iOh7qhtXGXLSJkzwHPXsTWpFeCg.roa (raw, json)
Hash identifier: ceL91ayh8KLbaTI9zVhJb60JA6TcMnBAYixg/wdQFaE=
Subject key identifier: 88:E8:7B:AA:1B:57:19:72:D2:26:4C:F0:1C:F5:EC:4D:6A:45:78:28
Certificate issuer: /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial: 0191D790FBCCFD9A9D8986E4D71C27784A8D
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/iOh7qhtXGXLSJkzwHPXsTWpFeCg.roa
Signing time: Mon 09 Sep 2024 16:14:48 +0000
ROA not before: Mon 09 Sep 2024 16:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.143.238.0/24 maxlen: 24
45.143.239.0/24 maxlen: 24
103.228.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d7:90:fb:cc:fd:9a:9d:89:86:e4:d7:1c:27:78:4a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Validity
Not Before: Sep 9 16:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88e87baa1b571972d2264cf01cf5ec4d6a457828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7c:47:da:8b:52:31:1f:31:f5:54:a2:a9:5c:
11:2f:1e:dd:8c:d0:4a:e2:7e:a5:65:0d:29:f3:75:
3a:cb:5a:dd:8c:9b:92:10:1c:22:8e:f6:22:c5:cf:
7a:3f:c6:21:fc:e7:3e:d1:31:a9:ea:21:24:ee:ee:
ab:27:b4:a4:9d:3c:db:c5:55:04:a8:6b:53:8b:f7:
c4:66:19:b3:d2:5f:76:e2:b2:5a:63:cf:98:ae:cf:
f8:b6:ce:24:24:fb:62:e4:8d:b8:b7:6d:0e:04:34:
3e:43:6e:2c:6c:87:6e:0b:59:57:13:1a:d7:77:48:
1f:3d:71:0e:95:21:be:36:8b:9b:33:9e:5d:7a:9b:
72:d9:6a:40:6a:52:9a:17:83:0f:1d:82:56:6b:d5:
00:ea:cc:6b:98:27:b5:42:2e:38:9b:46:c9:30:73:
3b:80:f9:37:73:49:73:c6:24:d4:f0:6d:80:08:88:
2f:b2:df:60:5e:f2:e8:6a:eb:43:d4:27:cf:1a:02:
0f:82:9b:30:7e:89:3d:4a:01:48:1e:75:ee:1d:72:
8e:c1:e2:58:2d:d6:47:17:51:df:e5:ec:c1:ff:b9:
96:ba:be:93:71:1d:29:af:b1:25:35:18:0d:39:a2:
c2:92:c4:ea:a2:ae:a3:e9:ee:15:c4:f2:29:8a:f0:
35:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E8:7B:AA:1B:57:19:72:D2:26:4C:F0:1C:F5:EC:4D:6A:45:78:28
X509v3 Authority Key Identifier:
keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/iOh7qhtXGXLSJkzwHPXsTWpFeCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.238.0/23
103.228.2.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:e1:55:13:fb:ee:bc:bb:d3:1f:12:b2:99:f8:bc:75:08:28:
18:6f:64:3d:fc:69:82:3f:36:81:d8:01:23:96:f1:99:91:9a:
02:3d:88:f9:c6:d9:fa:28:41:41:5d:61:0f:15:2d:ce:f9:2e:
3f:f3:57:d0:c3:83:4e:a1:ce:4c:a2:1d:0c:cc:8c:19:61:3f:
2b:db:54:d9:87:fc:61:48:f9:01:8a:dc:a3:3f:69:91:11:28:
3b:9a:d1:05:61:cb:37:53:89:3b:69:be:23:26:01:98:95:fe:
a5:88:18:1e:ff:c3:89:02:1e:5b:80:71:27:dc:3c:1b:52:6e:
04:8d:3e:1d:ae:19:6e:6a:e6:eb:10:38:06:e0:cd:04:0e:fb:
0d:20:8d:91:4a:38:c0:3e:1b:d1:2b:34:aa:e3:54:6b:f9:ff:
f0:d1:3c:65:d9:6c:04:ae:b6:57:d6:d8:86:2b:94:8a:91:d4:
f8:69:f2:1f:98:ae:ce:05:f8:e3:7a:18:de:09:ef:ab:d0:8b:
eb:a8:e4:40:97:ef:f1:7b:8b:73:49:41:66:63:a7:0d:fb:72:
cb:fd:c5:c0:e9:2e:4b:18:51:67:c0:18:a4:ed:02:1d:79:80:
8e:b4:54:46:34:20:67:a5:da:09:df:ea:e5:9e:c6:1b:3d:74:
94:2e:c0:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHXkPvM/ZqdiYbk1xwneEqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjQwOTA5MTYxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGU4N2JhYTFiNTcxOTcyZDIyNjRjZjAxY2Y1ZWM0ZDZhNDU3ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXxH2otSMR8x9VSiqVwRLx7djNBK
4n6lZQ0p83U6y1rdjJuSEBwijvYixc96P8Yh/Oc+0TGp6iEk7u6rJ7SknTzbxVUE
qGtTi/fEZhmz0l924rJaY8+Yrs/4ts4kJPti5I24t20OBDQ+Q24sbIduC1lXExrX
d0gfPXEOlSG+NoubM55depty2WpAalKaF4MPHYJWa9UA6sxrmCe1Qi44m0bJMHM7
gPk3c0lzxiTU8G2ACIgvst9gXvLoautD1CfPGgIPgpswfok9SgFIHnXuHXKOweJY
LdZHF1Hf5ezB/7mWur6TcR0pr7ElNRgNOaLCksTqoq6j6e4VxPIpivA1zwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIjoe6obVxly0iZM8Bz17E1qRXgoMB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEvaU9oN3FodFhHWExTSmt6d0hQWHNUV3BGZUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLY/uAwQA
Z+QCMA0GCSqGSIb3DQEBCwUAA4IBAQCa4VUT++68u9MfErKZ+Lx1CCgYb2Q9/GmC
PzaB2AEjlvGZkZoCPYj5xtn6KEFBXWEPFS3O+S4/81fQw4NOoc5Moh0MzIwZYT8r
21TZh/xhSPkBityjP2mRESg7mtEFYcs3U4k7ab4jJgGYlf6liBge/8OJAh5bgHEn
3DwbUm4EjT4drhluaubrEDgG4M0EDvsNII2RSjjAPhvRKzSq41Rr+f/w0Txl2WwE
rrZX1tiGK5SKkdT4afIfmK7OBfjjehjeCe+r0IvrqORAl+/xe4tzSUFmY6cN+3LL
/cXA6S5LGFFnwBik7QIdeYCOtFRGNCBnpdoJ3+rlnsYbPXSULsBM
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:18 2025 by rpki-client