Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/XLd_3drtzi1cKAWs-n1fO9ew5pI.roa
File: XLd_3drtzi1cKAWs-n1fO9ew5pI.roa (raw, json)
Hash identifier: uhU9DOiwMuUyp1u5xF2hZyBAszmZfUIZUOqPkvVXupU=
Subject key identifier: 5C:B7:7F:DD:DA:ED:CE:2D:5C:28:05:AC:FA:7D:5F:3B:D7:B0:E6:92
Certificate issuer: /CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Certificate serial: 018EE151526AC6FED303178AEC3D5BBBEC95
Authority key identifier: B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/XLd_3drtzi1cKAWs-n1fO9ew5pI.roa
Signing time: Mon 15 Apr 2024 10:33:06 +0000
ROA not before: Mon 15 Apr 2024 10:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 103.95.124.0/22 maxlen: 22
103.132.4.0/22 maxlen: 22
103.204.220.0/23 maxlen: 23
192.140.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 16 May 2024 09:58:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:51:52:6a:c6:fe:d3:03:17:8a:ec:3d:5b:bb:ec:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Validity
Not Before: Apr 15 10:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cb77fdddaedce2d5c2805acfa7d5f3bd7b0e692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:13:9c:91:a3:b0:9c:b4:42:d4:a3:1d:b1:33:
39:17:9a:e1:49:97:a7:f3:09:eb:ef:ed:5a:6f:60:
78:30:d4:cb:1f:31:8e:89:2d:67:a8:ba:79:fe:c1:
73:05:34:05:21:0d:b4:97:4f:8b:60:47:2f:a8:f3:
8d:7b:00:3d:f5:ce:60:1b:b5:c3:e0:b6:1c:29:db:
0c:1a:cc:31:fe:f6:87:72:d2:c3:82:59:21:3b:15:
4b:53:55:33:d6:bb:73:1c:59:d3:d7:cf:04:e0:a3:
36:9f:50:a8:d1:c4:d3:8f:21:69:8e:18:28:14:c8:
a4:ce:fc:51:d8:93:4e:af:27:d6:fe:6a:fc:6e:0a:
8f:d3:46:0a:d9:53:c2:ff:81:de:61:f1:46:f4:28:
b2:15:f7:bd:dd:c0:c3:3d:e6:a7:4c:15:41:88:97:
6d:b9:47:3e:02:67:11:c1:6a:71:c7:73:dd:b9:cb:
2e:84:6d:70:d2:d1:31:7b:fb:05:aa:e1:96:af:30:
76:b4:e3:bf:a3:96:45:7d:3f:ff:e4:f6:ae:f4:5a:
95:1c:19:d9:d8:c5:0c:33:2f:fb:25:b5:42:7b:75:
b8:92:7b:b8:d1:10:58:50:09:fe:f8:a4:ec:f3:13:
92:bf:7e:fb:74:31:7a:7b:54:69:08:b4:a9:1d:e5:
88:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B7:7F:DD:DA:ED:CE:2D:5C:28:05:AC:FA:7D:5F:3B:D7:B0:E6:92
X509v3 Authority Key Identifier:
keyid:B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/XLd_3drtzi1cKAWs-n1fO9ew5pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.95.124.0/22
103.132.4.0/22
103.204.220.0/23
192.140.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:6f:15:f2:b1:f7:ac:f4:a1:05:3a:11:c2:85:31:b2:bf:61:
d4:f7:27:8d:37:c6:0d:80:9a:0e:3c:09:0e:45:b8:e3:ce:e8:
1c:28:e2:45:40:bb:e4:1f:94:43:69:d8:b3:8b:17:f4:1a:11:
28:a6:65:e7:42:2e:c4:85:82:b1:2e:ab:ed:0a:73:87:1d:5d:
6c:8c:96:6d:bb:4c:c0:42:4e:00:2d:2c:db:15:69:56:6e:5f:
dd:29:4b:3b:55:67:7e:63:7d:b9:a6:64:69:55:ae:8a:65:7b:
74:af:98:c6:08:3c:c5:11:a4:7e:7a:36:3e:74:32:da:59:4c:
36:0f:83:4c:7f:0f:f7:4d:76:0a:9b:45:93:a3:00:21:83:22:
1d:82:85:f4:89:01:0e:19:40:9f:b8:9e:9f:36:82:81:e2:33:
53:1d:54:af:6d:5e:81:0f:d3:8d:05:a8:15:10:8e:b7:8e:a6:
3c:fe:c9:fe:8b:4a:e9:9d:c0:60:1e:86:d1:49:e6:85:36:27:
b4:db:bc:4e:6e:39:58:b2:73:c5:9f:4a:92:62:14:43:a5:ef:
1f:b2:ce:d3:c7:1b:71:26:bf:18:82:19:56:61:b9:df:3d:51:
70:4d:e1:46:f1:22:ac:fd:49:8d:36:07:9c:9d:e9:c4:98:70:
53:04:9b:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7hUVJqxv7TAxeK7D1bu+yVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODY3OGJkNjU0Y2E2YjEwYTVjNzczYmMyNjk3NTRkYzIz
NGNmZDUwHhcNMjQwNDE1MTAzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2I3N2ZkZGRhZWRjZTJkNWMyODA1YWNmYTdkNWYzYmQ3YjBlNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBOckaOwnLRC1KMdsTM5F5rhSZen
8wnr7+1ab2B4MNTLHzGOiS1nqLp5/sFzBTQFIQ20l0+LYEcvqPONewA99c5gG7XD
4LYcKdsMGswx/vaHctLDglkhOxVLU1Uz1rtzHFnT188E4KM2n1Co0cTTjyFpjhgo
FMikzvxR2JNOryfW/mr8bgqP00YK2VPC/4HeYfFG9CiyFfe93cDDPeanTBVBiJdt
uUc+AmcRwWpxx3PducsuhG1w0tExe/sFquGWrzB2tOO/o5ZFfT//5Pau9FqVHBnZ
2MUMMy/7JbVCe3W4knu40RBYUAn++KTs8xOSv377dDF6e1RpCLSpHeWIdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFy3f93a7c4tXCgFrPp9XzvXsOaSMB8GA1UdIwQY
MBaAFLeGeL1lTKaxClx3O8JpdU3CNM/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgt
ZTMyOTI0YWM3YjYzLzEvWExkXzNkcnR6aTFjS0FXcy1uMWZPOWV3NXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgtZTMyOTI0YWM3YjYz
LzEvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCZ198AwQC
Z4QEAwQBZ8zcAwQCwIzkMA0GCSqGSIb3DQEBCwUAA4IBAQA6bxXysfes9KEFOhHC
hTGyv2HU9yeNN8YNgJoOPAkORbjjzugcKOJFQLvkH5RDadizixf0GhEopmXnQi7E
hYKxLqvtCnOHHV1sjJZtu0zAQk4ALSzbFWlWbl/dKUs7VWd+Y325pmRpVa6KZXt0
r5jGCDzFEaR+ejY+dDLaWUw2D4NMfw/3TXYKm0WTowAhgyIdgoX0iQEOGUCfuJ6f
NoKB4jNTHVSvbV6BD9ONBagVEI63jqY8/sn+i0rpncBgHobRSeaFNie027xObjlY
snPFn0qSYhRDpe8fss7TxxtxJr8YghlWYbnfPVFwTeFG8SKs/UmNNgecnenEmHBT
BJv1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:40 2024 by rpki-client on console-fra.rpki-client.org