Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/w5ovayYg3rIhCzBuXDoKovgBtdA.roa
File: w5ovayYg3rIhCzBuXDoKovgBtdA.roa (raw, json)
Hash identifier: NmKeRzOspSJZ+25Z4EwswZHsuF0t7zduuaqfLAHqLm8=
Subject key identifier: C3:9A:2F:6B:26:20:DE:B2:21:0B:30:6E:5C:3A:0A:A2:F8:01:B5:D0
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 018CC42484CA68DC7D887B9F16802B86AC6E
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/w5ovayYg3rIhCzBuXDoKovgBtdA.roa
Signing time: Mon 01 Jan 2024 08:29:36 +0000
ROA not before: Mon 01 Jan 2024 08:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206388
IP address blocks: 103.215.221.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:84:ca:68:dc:7d:88:7b:9f:16:80:2b:86:ac:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 08:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c39a2f6b2620deb2210b306e5c3a0aa2f801b5d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:94:47:bf:bc:4a:d6:9f:1f:b6:ad:f1:85:ca:
c0:6a:3b:4e:77:48:7c:ed:b5:0e:96:90:92:bd:71:
3d:bd:9d:65:35:b3:73:c4:67:76:dc:7a:c0:91:ec:
ee:6b:00:fe:d1:46:5d:64:b2:2b:4a:42:d6:5d:10:
6c:7f:52:ea:b5:9d:43:ff:22:82:3e:98:9a:a1:19:
f0:cd:16:b3:15:4b:83:e7:8b:ed:ae:b3:08:6c:6c:
98:39:c0:5f:72:00:2f:3a:3f:e7:4a:d0:f1:b5:0c:
94:9a:4f:10:f3:a7:f1:07:d7:35:1f:ce:58:2d:e5:
8b:79:c7:64:f4:6c:24:ac:aa:7e:50:a4:f0:4a:9b:
ea:87:cb:8d:44:64:71:a0:34:53:1a:a2:8a:3f:e0:
db:25:85:5b:51:e5:e1:5b:d1:c8:22:2c:2a:8d:55:
a2:bd:df:8c:0c:2d:74:f5:b4:0f:7d:5c:2b:d3:0f:
3e:a4:0d:e4:64:e5:18:00:22:06:93:14:12:56:55:
dc:e6:06:11:06:57:9a:2c:ba:af:e7:0b:8c:3a:0d:
9f:0f:82:65:6f:95:f4:fe:24:67:24:82:23:fe:3d:
8e:ea:0c:64:62:28:63:9f:44:00:58:1a:71:34:60:
8d:d1:ac:69:26:61:e4:d3:b6:80:6d:c7:39:8b:59:
61:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:9A:2F:6B:26:20:DE:B2:21:0B:30:6E:5C:3A:0A:A2:F8:01:B5:D0
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/w5ovayYg3rIhCzBuXDoKovgBtdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.221.0-103.215.222.255
Signature Algorithm: sha256WithRSAEncryption
74:9a:eb:df:e7:5c:52:ac:75:f0:d3:58:bb:16:5d:f5:68:6f:
14:52:f1:7d:b7:6b:1e:7e:9a:fd:ad:85:78:c8:50:4c:1c:bb:
4f:ff:91:7b:20:1c:fa:d8:7a:b7:9d:7f:94:6c:c9:3f:a0:a5:
9f:7f:65:14:a9:63:7a:56:a9:73:af:5f:17:b5:19:3b:32:69:
6d:17:19:ef:5c:71:70:68:05:83:07:0c:1e:c8:31:90:09:67:
25:8e:c0:69:15:f8:92:ec:2b:4a:d8:30:8b:ca:fc:52:0a:a4:
c8:42:d3:93:93:41:6d:63:ec:73:4a:37:66:b6:56:8a:57:68:
6f:6b:92:32:1d:3f:9c:af:4b:40:d2:f2:5c:40:3c:a4:ff:58:
87:eb:75:26:df:33:d2:51:f4:ca:51:54:6e:a7:70:c5:b2:10:
82:0c:68:8b:c8:07:39:00:81:6d:86:40:93:39:0c:f9:49:b8:
03:1f:7d:90:8a:66:0d:b1:94:59:6f:a6:4b:50:4b:61:da:c8:
87:a7:2a:48:a8:1d:7f:ab:e1:35:d8:51:40:93:3e:31:51:8e:
c2:de:b2:d4:47:2c:c6:25:04:c5:f6:29:7d:c6:41:ca:dd:d2:
5b:6e:aa:18:d3:15:74:93:4b:7b:2f:aa:f7:c9:c9:58:d7:8a:
6b:1b:b0:52
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEJITKaNx9iHufFoArhqxuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjQwMTAxMDgyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzlhMmY2YjI2MjBkZWIyMjEwYjMwNmU1YzNhMGFhMmY4MDFiNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJRHv7xK1p8ftq3xhcrAajtOd0h8
7bUOlpCSvXE9vZ1lNbNzxGd23HrAkezuawD+0UZdZLIrSkLWXRBsf1LqtZ1D/yKC
PpiaoRnwzRazFUuD54vtrrMIbGyYOcBfcgAvOj/nStDxtQyUmk8Q86fxB9c1H85Y
LeWLecdk9GwkrKp+UKTwSpvqh8uNRGRxoDRTGqKKP+DbJYVbUeXhW9HIIiwqjVWi
vd+MDC109bQPfVwr0w8+pA3kZOUYACIGkxQSVlXc5gYRBleaLLqv5wuMOg2fD4Jl
b5X0/iRnJIIj/j2O6gxkYihjn0QAWBpxNGCN0axpJmHk07aAbcc5i1lhtwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMOaL2smIN6yIQswblw6CqL4AbXQMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvdzVvdmF5WWczckloQ3pCdVhEb0tvdmdCdGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABn190D
BABn194wDQYJKoZIhvcNAQELBQADggEBAHSa69/nXFKsdfDTWLsWXfVobxRS8X23
ax5+mv2thXjIUEwcu0//kXsgHPrYeredf5RsyT+gpZ9/ZRSpY3pWqXOvXxe1GTsy
aW0XGe9ccXBoBYMHDB7IMZAJZyWOwGkV+JLsK0rYMIvK/FIKpMhC05OTQW1j7HNK
N2a2VopXaG9rkjIdP5yvS0DS8lxAPKT/WIfrdSbfM9JR9MpRVG6ncMWyEIIMaIvI
BzkAgW2GQJM5DPlJuAMffZCKZg2xlFlvpktQS2HayIenKkioHX+r4TXYUUCTPjFR
jsLestRHLMYlBMX2KX3GQcrd0ltuqhjTFXSTS3svqvfJyVjXimsbsFI=
-----END CERTIFICATE-----
Generated at Tue Oct 8 13:43:46 2024 by rpki-client on console-ams.rpki-client.org