Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/douDlLtYfiAvu39Ojy3G6OnHWS4.roa
File: douDlLtYfiAvu39Ojy3G6OnHWS4.roa (raw, json)
Hash identifier: tfvT9Ws5OqAV0vUazigOxdau7Lo43q6G401RHQEv42I=
Subject key identifier: 76:8B:83:94:BB:58:7E:20:2F:BB:7F:4E:8F:2D:C6:E8:E9:C7:59:2E
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 018CCE4FB13908C8EB9C693C9A890BCE60E6
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/douDlLtYfiAvu39Ojy3G6OnHWS4.roa
Signing time: Wed 03 Jan 2024 07:52:58 +0000
ROA not before: Wed 03 Jan 2024 07:52:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216321
IP address blocks: 202.181.204.0/24 maxlen: 24
2a13:d8c0::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c5::/32 maxlen: 32
2a13:d8c2::/32 maxlen: 32
2a13:d8c1::/32 maxlen: 32
2a13:d8c1:fe00::/40 maxlen: 40
2a13:d8c1:ce00::/40 maxlen: 40
2a13:d8c3::/32 maxlen: 32
2a13:d8c4::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 17 Jan 2024 03:32:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:4f:b1:39:08:c8:eb:9c:69:3c:9a:89:0b:ce:60:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Jan 3 07:52:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=768b8394bb587e202fbb7f4e8f2dc6e8e9c7592e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:75:1f:17:5f:9d:1e:c3:53:19:9f:62:ae:84:
0a:4c:d2:6e:7e:44:2e:c5:58:7e:8f:06:6b:c3:2b:
fb:f3:8b:7c:84:1b:9c:28:57:1d:af:61:38:a6:a7:
97:92:cc:40:73:65:77:fe:0a:5d:87:87:84:8c:33:
4e:c3:d1:ee:47:27:ea:20:b1:9e:22:d7:b6:11:e3:
71:0e:00:ca:ce:ea:a4:7e:15:c4:5a:64:de:cb:55:
d3:db:0a:da:4e:6d:fe:0a:49:92:95:d4:06:d7:37:
0a:3a:56:ad:8a:5e:cf:ab:d4:91:3b:14:e9:9f:06:
c3:66:54:4a:8e:96:89:27:2c:1b:8c:ed:e3:33:35:
cc:6b:15:70:d8:eb:35:60:3a:98:54:57:9f:99:02:
4d:d5:01:a3:55:f1:a4:14:79:ff:c5:13:d2:bc:74:
12:dc:91:92:f0:3c:f4:1d:c4:06:6a:b6:81:d2:7e:
27:d6:2b:c7:43:38:fe:9a:e0:64:1f:54:ac:f4:2e:
70:0c:ca:29:36:ba:75:2b:06:a5:37:50:ca:8a:51:
0b:a6:4f:cc:97:bd:ff:99:c0:46:8e:d7:ea:8d:c6:
9b:99:af:17:ab:34:fc:6f:59:a8:b1:26:cb:2f:11:
a6:2c:db:36:76:ea:55:0c:00:00:3d:d8:c0:2d:67:
4f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8B:83:94:BB:58:7E:20:2F:BB:7F:4E:8F:2D:C6:E8:E9:C7:59:2E
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/douDlLtYfiAvu39Ojy3G6OnHWS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.181.204.0/24
IPv6:
2a13:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:fe:8f:49:bd:5e:de:eb:ac:56:3d:80:6a:0e:e0:da:09:91:
b8:b4:d6:2b:e9:47:f4:14:57:bf:70:f5:c7:c7:c9:df:33:ee:
9c:47:9c:a5:c9:3d:8b:3f:13:ec:70:d0:cd:6f:1e:f8:f1:c2:
9e:94:32:f8:44:18:15:07:be:1a:48:c7:40:0b:17:ee:9f:9e:
1a:f8:bf:c9:f5:7f:2d:b1:90:59:2b:9e:d9:aa:00:b8:9a:e1:
a7:06:55:6b:ab:b6:16:a2:28:d5:33:90:74:ed:ba:66:28:87:
7e:c2:a4:dc:85:8c:27:03:05:88:2d:e6:e1:7c:8e:6d:15:03:
e5:0b:09:53:5b:f1:21:af:86:ef:df:31:96:83:8c:c4:e9:b8:
34:70:83:c8:4f:1d:e9:9f:3a:a7:89:bd:7c:2e:24:6f:1e:22:
75:f6:bb:de:48:a4:bc:83:5d:5b:35:e8:7b:55:12:4b:33:8c:
9f:da:4a:99:60:00:00:38:a2:60:13:55:53:a5:67:f0:50:5c:
f9:fd:fd:cb:9c:35:93:76:97:5d:dd:b3:14:5a:85:79:87:62:
92:ae:6d:6e:cb:33:21:88:d6:3e:d0:42:6c:d5:f2:5b:7f:e2:
ff:4d:fa:91:a7:a4:fd:c1:95:3b:76:1a:c8:cb:32:f1:c3:17:
b5:1d:bc:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzOT7E5CMjrnGk8mokLzmDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjQwMTAzMDc1MjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhiODM5NGJiNTg3ZTIwMmZiYjdmNGU4ZjJkYzZlOGU5Yzc1OTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinUfF1+dHsNTGZ9iroQKTNJufkQu
xVh+jwZrwyv784t8hBucKFcdr2E4pqeXksxAc2V3/gpdh4eEjDNOw9HuRyfqILGe
Ite2EeNxDgDKzuqkfhXEWmTey1XT2wraTm3+CkmSldQG1zcKOlatil7Pq9SROxTp
nwbDZlRKjpaJJywbjO3jMzXMaxVw2Os1YDqYVFefmQJN1QGjVfGkFHn/xRPSvHQS
3JGS8Dz0HcQGaraB0n4n1ivHQzj+muBkH1Ss9C5wDMopNrp1KwalN1DKilELpk/M
l73/mcBGjtfqjcabma8XqzT8b1mosSbLLxGmLNs2dupVDAAAPdjALWdP3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHaLg5S7WH4gL7t/To8txujpx1kuMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvZG91RGxMdFlmaUF2dTM5T2p5M0c2T25IV1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAyrXMMA0E
AgACMAcDBQMqE9jAMA0GCSqGSIb3DQEBCwUAA4IBAQAa/o9JvV7e66xWPYBqDuDa
CZG4tNYr6Uf0FFe/cPXHx8nfM+6cR5ylyT2LPxPscNDNbx748cKelDL4RBgVB74a
SMdACxfun54a+L/J9X8tsZBZK57ZqgC4muGnBlVrq7YWoijVM5B07bpmKId+wqTc
hYwnAwWILebhfI5tFQPlCwlTW/Ehr4bv3zGWg4zE6bg0cIPITx3pnzqnib18LiRv
HiJ19rveSKS8g11bNeh7VRJLM4yf2kqZYAAAOKJgE1VTpWfwUFz5/f3LnDWTdpdd
3bMUWoV5h2KSrm1uyzMhiNY+0EJs1fJbf+L/TfqRp6T9wZU7dhrIyzLxwxe1HbyX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:16 2025 by rpki-client