Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/CaCP2AMCU7j59Y2Xo_fvzliQHJI.roa
File: CaCP2AMCU7j59Y2Xo_fvzliQHJI.roa (raw, json)
Hash identifier: 9qX+S2i/mvpdIbVjSpJjKc9Oo8Fo+d323UjFgeqCIQA=
Subject key identifier: 09:A0:8F:D8:03:02:53:B8:F9:F5:8D:97:A3:F7:EF:CE:58:90:1C:92
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 019424B37713C0A56EB59A17A90C36F394A8
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/CaCP2AMCU7j59Y2Xo_fvzliQHJI.roa
Signing time: Thu 02 Jan 2025 01:48:48 +0000
ROA not before: Thu 02 Jan 2025 01:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216321
IP address blocks: 202.181.204.0/24 maxlen: 24
2a13:d8c0::/29 maxlen: 48
2a13:d8c0::/32 maxlen: 32
2a13:d8c1::/32 maxlen: 32
2a13:d8c1:ce00::/40 maxlen: 40
2a13:d8c1:fe00::/40 maxlen: 40
2a13:d8c2::/32 maxlen: 32
2a13:d8c3::/32 maxlen: 32
2a13:d8c4::/32 maxlen: 32
2a13:d8c5::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 Jan 2025 14:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:77:13:c0:a5:6e:b5:9a:17:a9:0c:36:f3:94:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Jan 2 01:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09a08fd8030253b8f9f58d97a3f7efce58901c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f6:a1:e9:bc:bd:e2:74:3b:b7:cd:c3:ad:33:
64:76:b1:44:04:c9:b9:a4:0e:ef:c6:f6:84:2f:4b:
04:4b:4f:b7:19:22:67:b9:8c:a4:d7:db:6c:45:a8:
61:b0:dd:8f:31:d2:cf:e5:26:c8:d8:3b:bc:fa:a3:
09:2a:c6:a7:44:65:2a:da:a3:01:d6:f4:8a:8b:a8:
4a:d9:1a:42:04:b3:b6:ec:0c:37:d7:69:15:2c:fd:
bd:95:90:38:d7:ed:0a:c5:23:dd:06:86:30:59:56:
6c:ab:15:04:bd:33:a7:d0:f4:a7:18:7e:54:cd:1a:
56:cc:d6:64:ec:7a:61:9f:bc:ae:8d:65:b4:00:53:
7a:a0:18:78:a5:82:7e:ef:f1:47:b8:e7:52:8f:32:
70:0e:b2:e9:fa:f8:2b:d7:e9:0d:47:c1:e4:53:ba:
f7:be:cc:d2:a1:17:ce:7b:8d:93:d9:e1:fb:f1:77:
fa:cb:39:52:c8:88:e7:17:ca:19:89:b6:f0:72:7a:
6a:6c:4b:71:d3:2e:a7:48:d9:e3:02:b4:71:1c:54:
0f:a4:17:2f:9d:ae:d1:a5:1f:8a:45:6b:8b:94:a3:
4d:3f:35:38:60:bd:fc:5b:8f:e4:52:b0:8d:2a:36:
c7:60:f0:a2:ea:e0:48:e4:c9:0e:3b:b2:5f:2c:30:
91:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A0:8F:D8:03:02:53:B8:F9:F5:8D:97:A3:F7:EF:CE:58:90:1C:92
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/CaCP2AMCU7j59Y2Xo_fvzliQHJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.181.204.0/24
IPv6:
2a13:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
79:fb:e3:95:91:ce:e8:7e:c5:b2:35:d0:2b:00:93:95:cd:49:
e3:32:a6:6b:9e:30:69:88:65:24:55:e5:bf:2f:f1:bd:77:2e:
e4:d1:9c:40:03:70:35:bc:64:f1:56:0e:fc:c4:65:04:fb:f7:
1a:19:f5:2c:22:4b:b2:46:78:9a:39:70:ca:90:c1:10:4c:4f:
f0:86:1a:d6:46:7b:d2:99:9e:8f:75:cc:f2:f3:71:1c:04:cb:
ed:c4:45:9c:36:18:56:c6:cf:df:a3:12:86:dc:1d:03:5a:d2:
40:00:30:9c:e4:0d:9e:8a:73:50:54:7b:9c:70:19:a3:e5:5e:
26:aa:2c:62:be:5b:d0:cd:d0:fe:f3:77:21:db:6b:2d:f4:7c:
a1:66:c1:49:cb:2d:1d:3f:22:8c:a0:46:44:1a:af:8b:c5:5d:
e3:b6:23:27:18:b3:80:60:dd:4b:5a:28:e1:9d:62:99:8f:8f:
46:b9:96:7f:e8:46:58:b0:c9:68:5b:ad:22:3c:3d:1e:bc:43:
87:30:4a:31:da:95:a8:ae:7f:ac:bc:83:32:cf:a9:15:19:77:
9b:04:51:dc:95:9c:ff:8c:2a:77:7d:7f:20:4e:0d:00:ee:d4:
90:77:d8:e7:f1:f1:54:68:5c:50:dc:f8:69:39:04:a0:17:9c:
42:96:eb:64
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks3cTwKVutZoXqQw285SoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjUwMTAyMDE0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWEwOGZkODAzMDI1M2I4ZjlmNThkOTdhM2Y3ZWZjZTU4OTAxYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/ah6by94nQ7t83DrTNkdrFEBMm5
pA7vxvaEL0sES0+3GSJnuYyk19tsRahhsN2PMdLP5SbI2Du8+qMJKsanRGUq2qMB
1vSKi6hK2RpCBLO27Aw312kVLP29lZA41+0KxSPdBoYwWVZsqxUEvTOn0PSnGH5U
zRpWzNZk7Hphn7yujWW0AFN6oBh4pYJ+7/FHuOdSjzJwDrLp+vgr1+kNR8HkU7r3
vszSoRfOe42T2eH78Xf6yzlSyIjnF8oZibbwcnpqbEtx0y6nSNnjArRxHFQPpBcv
na7RpR+KRWuLlKNNPzU4YL38W4/kUrCNKjbHYPCi6uBI5MkOO7JfLDCRNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAmgj9gDAlO4+fWNl6P3785YkBySMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvQ2FDUDJBTUNVN2o1OVkyWG9fZnZ6bGlRSEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAyrXMMA0E
AgACMAcDBQMqE9jAMA0GCSqGSIb3DQEBCwUAA4IBAQB5++OVkc7ofsWyNdArAJOV
zUnjMqZrnjBpiGUkVeW/L/G9dy7k0ZxAA3A1vGTxVg78xGUE+/caGfUsIkuyRnia
OXDKkMEQTE/whhrWRnvSmZ6Pdczy83EcBMvtxEWcNhhWxs/foxKG3B0DWtJAADCc
5A2einNQVHuccBmj5V4mqixivlvQzdD+83ch22st9HyhZsFJyy0dPyKMoEZEGq+L
xV3jtiMnGLOAYN1LWijhnWKZj49GuZZ/6EZYsMloW60iPD0evEOHMEox2pWorn+s
vIMyz6kVGXebBFHclZz/jCp3fX8gTg0A7tSQd9jn8fFUaFxQ3PhpOQSgF5xClutk
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:05:06 2025 by rpki-client