Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/1slcpXg7ULW1HQCaMDiIGxe9iiA.roa
File: 1slcpXg7ULW1HQCaMDiIGxe9iiA.roa (raw, json)
Hash identifier: wMB6yJady7mFtNEqM273R/cEJL9SXgDdqmMZuq2kRZA=
Subject key identifier: D6:C9:5C:A5:78:3B:50:B5:B5:1D:00:9A:30:38:88:1B:17:BD:8A:20
Certificate issuer: /CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Certificate serial: 018DF9FDFC638D60FAADB6E2F7FD8F5C6894
Authority key identifier: B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/1slcpXg7ULW1HQCaMDiIGxe9iiA.roa
Signing time: Fri 01 Mar 2024 12:29:48 +0000
ROA not before: Fri 01 Mar 2024 12:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 103.95.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 15 Apr 2024 10:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:fd:fc:63:8d:60:fa:ad:b6:e2:f7:fd:8f:5c:68:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Validity
Not Before: Mar 1 12:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6c95ca5783b50b5b51d009a3038881b17bd8a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:77:d3:f7:12:80:c2:df:91:14:f3:ea:30:81:
ce:f8:3e:bb:55:df:3b:c9:38:b5:43:d0:18:fe:af:
07:1a:6e:d3:0f:06:4d:49:05:81:7c:87:02:c1:f2:
6d:86:75:10:c6:c8:b2:a4:6b:9d:40:9b:a0:86:1d:
94:8a:c0:90:8e:0d:1d:e4:ca:02:3b:ae:ca:fa:58:
0a:28:94:04:49:d7:de:b4:09:a3:2d:18:03:be:d5:
bd:9f:e0:ae:8f:a9:a2:8d:4c:e8:81:cb:69:d2:97:
73:c8:1f:e2:b6:e9:4b:6c:81:ce:e5:35:05:03:ac:
4e:30:4f:17:d1:86:10:85:35:c0:56:ce:59:a9:98:
36:bd:c5:a1:e8:c1:86:93:2c:e0:26:01:81:97:e9:
40:e0:03:b4:6c:3a:0d:cb:a5:f3:ee:ad:76:a7:78:
35:37:23:29:34:53:53:c4:f5:a3:df:52:9b:36:94:
c3:cf:6e:b9:f7:fd:c4:ff:74:44:34:93:03:53:a1:
15:fd:ea:49:e6:7c:7e:fc:98:17:d0:5a:2e:0c:01:
7f:74:f5:b2:26:40:85:99:eb:76:52:9b:4b:ab:6d:
d8:78:5f:d3:22:6c:d5:3a:c2:b9:f9:c3:b4:91:23:
6d:f2:56:b1:0b:d4:f5:0e:da:c3:95:e7:48:fb:c9:
f9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C9:5C:A5:78:3B:50:B5:B5:1D:00:9A:30:38:88:1B:17:BD:8A:20
X509v3 Authority Key Identifier:
keyid:B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/1slcpXg7ULW1HQCaMDiIGxe9iiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.95.124.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:83:ef:9a:98:b2:5f:a3:ac:69:73:ef:0c:93:bd:b1:8c:d1:
90:98:50:40:aa:37:10:4a:ca:07:47:a4:38:84:69:7d:60:6b:
e7:93:05:99:d3:5f:9c:69:f2:ba:53:5f:83:78:0f:10:b1:a7:
1d:a5:57:af:e2:60:f7:83:5b:c1:9a:96:72:4a:05:c9:32:b1:
8b:89:78:ec:9a:52:50:9e:c3:e2:88:9e:54:dc:ce:3d:4d:c2:
d0:48:fc:2e:a4:eb:6c:02:75:1e:0d:7d:c2:9a:2a:81:91:d3:
a8:06:df:b4:0f:82:db:ba:4f:2f:7d:28:b0:33:42:40:cf:1f:
ca:5f:24:7c:92:ca:a4:9d:ba:34:ab:e5:71:8f:2c:b4:1e:7d:
55:6e:e7:21:e1:92:d5:fb:72:15:a4:b8:59:eb:09:6b:d9:87:
d1:47:74:24:89:4b:83:36:b7:77:88:b2:23:7f:0f:32:d3:07:
5f:60:69:29:df:87:ff:9f:61:47:7c:3d:4e:6c:79:57:e4:65:
c7:4d:23:6e:5a:1c:61:d8:5f:b6:ff:38:f8:b8:9f:65:e6:a1:
70:ee:c6:61:33:80:f4:aa:eb:cf:5d:40:44:43:bd:b8:ea:f6:
46:26:d4:b2:32:38:25:e7:4e:c5:39:42:a8:10:98:4b:e8:f5:
ff:c9:c5:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY35/fxjjWD6rbbi9/2PXGiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODY3OGJkNjU0Y2E2YjEwYTVjNzczYmMyNjk3NTRkYzIz
NGNmZDUwHhcNMjQwMzAxMTIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmM5NWNhNTc4M2I1MGI1YjUxZDAwOWEzMDM4ODgxYjE3YmQ4YTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXfT9xKAwt+RFPPqMIHO+D67Vd87
yTi1Q9AY/q8HGm7TDwZNSQWBfIcCwfJthnUQxsiypGudQJughh2UisCQjg0d5MoC
O67K+lgKKJQESdfetAmjLRgDvtW9n+Cuj6mijUzogctp0pdzyB/itulLbIHO5TUF
A6xOME8X0YYQhTXAVs5ZqZg2vcWh6MGGkyzgJgGBl+lA4AO0bDoNy6Xz7q12p3g1
NyMpNFNTxPWj31KbNpTDz2659/3E/3RENJMDU6EV/epJ5nx+/JgX0FouDAF/dPWy
JkCFmet2UptLq23YeF/TImzVOsK5+cO0kSNt8laxC9T1DtrDledI+8n5bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbJXKV4O1C1tR0AmjA4iBsXvYogMB8GA1UdIwQY
MBaAFLeGeL1lTKaxClx3O8JpdU3CNM/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgt
ZTMyOTI0YWM3YjYzLzEvMXNsY3BYZzdVTFcxSFFDYU1EaUlHeGU5aWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgtZTMyOTI0YWM3YjYz
LzEvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ198MA0G
CSqGSIb3DQEBCwUAA4IBAQBbg++amLJfo6xpc+8Mk72xjNGQmFBAqjcQSsoHR6Q4
hGl9YGvnkwWZ01+cafK6U1+DeA8QsacdpVev4mD3g1vBmpZySgXJMrGLiXjsmlJQ
nsPiiJ5U3M49TcLQSPwupOtsAnUeDX3CmiqBkdOoBt+0D4Lbuk8vfSiwM0JAzx/K
XyR8ksqknbo0q+Vxjyy0Hn1Vbuch4ZLV+3IVpLhZ6wlr2YfRR3QkiUuDNrd3iLIj
fw8y0wdfYGkp34f/n2FHfD1ObHlX5GXHTSNuWhxh2F+2/zj4uJ9l5qFw7sZhM4D0
quvPXUBEQ7246vZGJtSyMjgl507FOUKoEJhL6PX/ycWg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:02 2025 by rpki-client