Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/ZoDx7T-ictfMPgpt1ECO47r3Wdk.roa
File: ZoDx7T-ictfMPgpt1ECO47r3Wdk.roa (raw, json)
Hash identifier: kGUuaTFg/fF5rvFht+tuWu7Ma0+JuYXzWOwRUuj65fM=
Subject key identifier: 66:80:F1:ED:3F:A2:72:D7:CC:3E:0A:6D:D4:40:8E:E3:BA:F7:59:D9
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 0192B3F4CA8B0BD3857631BF414ABA7C6387
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/ZoDx7T-ictfMPgpt1ECO47r3Wdk.roa
Signing time: Tue 22 Oct 2024 11:20:17 +0000
ROA not before: Tue 22 Oct 2024 11:20:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212939
IP address blocks: 103.215.220.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
195.234.191.0/24 maxlen: 24
195.238.231.0/24 maxlen: 24
195.238.240.0/24 maxlen: 24
195.238.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 20:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:f4:ca:8b:0b:d3:85:76:31:bf:41:4a:ba:7c:63:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Oct 22 11:20:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6680f1ed3fa272d7cc3e0a6dd4408ee3baf759d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f2:4f:78:5e:3b:b4:38:20:2b:3b:df:3a:44:
d9:c8:2a:bf:40:c6:ec:69:cb:5c:2a:0b:e5:5b:42:
a0:73:60:96:41:bf:7a:d9:65:b7:00:e7:cd:3f:4f:
d9:2f:7c:66:fb:51:21:ef:f2:05:b4:cf:64:d6:90:
ed:1c:dd:51:bd:1b:29:9a:1f:91:4b:73:c2:c2:fc:
87:08:45:14:9b:ea:e5:5f:b4:76:d5:16:a9:e3:75:
41:6f:fd:26:9e:85:cb:9f:04:6d:e8:ed:94:97:ed:
c9:61:2b:2b:d2:00:31:c2:78:ee:b1:f6:de:01:14:
52:c8:8f:eb:4b:46:07:eb:0b:39:96:67:2d:d7:4c:
52:77:22:f4:8c:5e:16:d6:05:8d:6b:50:78:35:a7:
08:49:4d:00:93:e5:94:bb:e4:f4:b2:3b:45:6a:15:
bc:cd:0b:59:ef:7f:f0:c4:11:b4:1b:fb:b9:35:0c:
b0:b1:b4:05:d6:0c:1b:22:2c:c5:b1:1f:d5:f9:19:
90:5d:05:08:77:f6:0a:cc:b1:27:95:d8:1d:43:aa:
25:dd:15:1e:8d:e3:d6:59:4d:f2:e4:c3:73:5f:45:
a0:1a:17:40:98:41:30:9e:23:56:2b:db:04:83:40:
7a:f1:89:8f:bd:f6:3d:19:e9:21:bf:13:06:d5:2b:
07:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:80:F1:ED:3F:A2:72:D7:CC:3E:0A:6D:D4:40:8E:E3:BA:F7:59:D9
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/ZoDx7T-ictfMPgpt1ECO47r3Wdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.220.0/24
103.215.222.0/24
195.234.191.0/24
195.238.231.0/24
195.238.240.0/24
195.238.247.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:5e:ef:2b:08:d3:85:f4:6f:b4:f4:40:9e:ca:7e:79:ec:e5:
3b:af:ce:4c:28:ce:2f:30:fd:53:ab:4c:a6:5c:e7:54:62:76:
f9:43:d1:0e:4d:87:6a:24:15:95:f8:5a:e9:1d:27:d6:dc:77:
d7:19:dc:a3:21:aa:da:4b:b8:e9:8e:a8:ee:d2:75:1a:30:97:
b7:81:0e:92:51:ee:6f:36:48:ef:4b:05:b1:a1:f9:99:a5:41:
80:aa:e6:57:fb:73:a3:2f:a4:1a:d4:b8:a1:2d:c4:cc:f4:cf:
c0:3a:1d:ae:e1:9c:c1:6c:73:21:1a:81:d7:93:51:e3:67:2d:
25:ef:1f:0b:f0:77:51:d7:04:75:f1:0f:a9:15:6d:f2:4d:c3:
e1:a3:cf:6f:1b:d3:0b:a1:5f:b4:19:c5:f6:1b:29:93:d1:40:
61:15:ee:04:21:02:45:c5:2b:a7:8d:d7:59:ed:32:f4:96:91:
0b:4a:51:9d:c1:89:09:02:d8:2f:aa:bc:2f:ec:c0:09:65:fa:
28:bb:e4:2c:d2:91:72:68:03:bd:97:3b:15:07:02:f8:aa:c4:
33:7c:88:5f:86:17:93:ce:8d:a0:b1:77:ac:0f:2f:e5:72:8f:
34:fe:e4:c7:50:ef:1c:f0:4f:18:03:31:f2:0b:39:63:73:67:
6b:dc:db:6c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZKz9MqLC9OFdjG/QUq6fGOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjQxMDIyMTEyMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjgwZjFlZDNmYTI3MmQ3Y2MzZTBhNmRkNDQwOGVlM2JhZjc1OWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifJPeF47tDggKzvfOkTZyCq/QMbs
actcKgvlW0Kgc2CWQb962WW3AOfNP0/ZL3xm+1Eh7/IFtM9k1pDtHN1RvRspmh+R
S3PCwvyHCEUUm+rlX7R21Rap43VBb/0mnoXLnwRt6O2Ul+3JYSsr0gAxwnjusfbe
ARRSyI/rS0YH6ws5lmct10xSdyL0jF4W1gWNa1B4NacISU0Ak+WUu+T0sjtFahW8
zQtZ73/wxBG0G/u5NQywsbQF1gwbIizFsR/V+RmQXQUId/YKzLEnldgdQ6ol3RUe
jePWWU3y5MNzX0WgGhdAmEEwniNWK9sEg0B68YmPvfY9GekhvxMG1SsHPwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGaA8e0/onLXzD4KbdRAjuO691nZMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvWm9EeDdULWljdGZNUGdwdDFFQ080N3IzV2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAZ9fcAwQA
Z9feAwQAw+q/AwQAw+7nAwQAw+7wAwQAw+73MA0GCSqGSIb3DQEBCwUAA4IBAQAq
Xu8rCNOF9G+09ECeyn557OU7r85MKM4vMP1Tq0ymXOdUYnb5Q9EOTYdqJBWV+Frp
HSfW3HfXGdyjIaraS7jpjqju0nUaMJe3gQ6SUe5vNkjvSwWxofmZpUGAquZX+3Oj
L6Qa1LihLcTM9M/AOh2u4ZzBbHMhGoHXk1HjZy0l7x8L8HdR1wR18Q+pFW3yTcPh
o89vG9MLoV+0GcX2GymT0UBhFe4EIQJFxSunjddZ7TL0lpELSlGdwYkJAtgvqrwv
7MAJZfoou+Qs0pFyaAO9lzsVBwL4qsQzfIhfhheTzo2gsXesDy/lco80/uTHUO8c
8E8YAzHyCzljc2dr3Nts
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:35 2025 by rpki-client