Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/123y3csBB71nn-dhA_ONbXzO8TU.roa
File: 123y3csBB71nn-dhA_ONbXzO8TU.roa (raw, json)
Hash identifier: +NKrLKC4DtjLOmJW0AZVbu89hU5VGOUQSRIkoqP2MRE=
Subject key identifier: D7:6D:F2:DD:CB:01:07:BD:67:9F:E7:61:03:F3:8D:6D:7C:CE:F1:35
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194691C05963352E40F7F8EA1AAF7DA8675
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/123y3csBB71nn-dhA_ONbXzO8TU.roa
Signing time: Wed 15 Jan 2025 08:37:11 +0000
ROA not before: Wed 15 Jan 2025 08:37:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 103.114.40.0/24 maxlen: 24
2a06:a600::/29 maxlen: 29
2a06:b5c0::/29 maxlen: 29
2a06:bf40::/29 maxlen: 29
2a0e:1a84::/32 maxlen: 32
2a0f:1e80:100::/48 maxlen: 48
2a0f:1e80:1986::/48 maxlen: 48
2a0f:1e84:20::/48 maxlen: 48
2a0f:3d80:bac::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e6c6:5532::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
2a13:e102:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Jan 2025 08:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:1c:05:96:33:52:e4:0f:7f:8e:a1:aa:f7:da:86:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 15 08:37:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d76df2ddcb0107bd679fe76103f38d6d7ccef135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1e:51:e8:a1:5f:fe:0d:87:ae:3d:01:12:32:
c4:bd:00:8d:2e:45:e0:cc:e5:e0:e2:e1:0d:0e:7a:
b2:eb:ed:f0:63:cd:d0:ef:b6:c5:48:64:ef:d7:d3:
a6:f0:7b:24:89:35:46:e8:f9:bb:ac:5e:46:f0:cf:
e8:e3:a9:70:1f:b4:b5:84:0a:32:9d:a0:06:f0:be:
5d:b4:5c:51:1f:6e:5f:32:79:0e:64:a9:a9:4c:e2:
fb:03:6c:66:8f:58:15:a1:12:d5:a0:2e:54:f8:4f:
db:cd:80:29:d2:4c:c0:e5:59:81:1d:b5:c4:ff:37:
2e:9c:64:42:dc:e5:fd:cf:32:52:e5:00:c7:d7:38:
c9:07:2a:ac:8c:c7:d4:20:01:fb:00:9b:61:b6:63:
da:fb:9f:24:27:59:54:34:ea:68:15:38:9a:dc:1c:
00:fa:5c:7e:62:2f:95:0a:b1:9c:92:b6:93:46:80:
98:f6:48:77:92:45:96:6d:6b:54:0e:64:a8:d8:f0:
80:a0:df:50:3d:c5:2c:f0:38:0d:e3:91:a7:2e:c4:
64:ed:05:3a:29:cc:7d:5c:eb:8b:ec:32:20:1e:39:
cd:32:76:f0:97:32:75:47:54:75:4f:14:44:78:20:
ae:1f:92:39:14:2d:ff:9f:ac:bc:b0:74:95:2d:0e:
03:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:6D:F2:DD:CB:01:07:BD:67:9F:E7:61:03:F3:8D:6D:7C:CE:F1:35
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/123y3csBB71nn-dhA_ONbXzO8TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.114.40.0/24
IPv6:
2a06:a600::/29
2a06:b5c0::/29
2a06:bf40::/29
2a0e:1a84::/32
2a0f:1e80:100::/48
2a0f:1e80:1986::/48
2a0f:1e84:20::/48
2a0f:3d80:bac::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a0f:e6c6:5532::/48
2a13:2b40::/29
2a13:e102:10::/48
Signature Algorithm: sha256WithRSAEncryption
a9:19:57:a0:bc:c6:5d:a2:9c:cb:ac:eb:27:fe:a7:8f:49:2c:
bf:c8:c3:fe:e4:f8:cb:37:8c:5f:d1:57:48:36:8d:01:a6:8d:
43:91:32:c5:35:7c:38:93:42:51:85:50:6f:ec:07:01:ae:10:
58:0c:89:8f:82:a9:bb:63:47:de:5e:46:3b:c5:74:2e:3c:f7:
e0:2c:a0:13:a0:cc:cc:c6:18:5b:a7:de:5a:d6:df:24:da:ac:
65:68:c6:7a:3e:86:6b:72:f7:ae:d5:f6:b1:23:6c:dd:67:77:
54:35:61:8e:81:7c:7c:22:7b:1d:b9:7f:20:24:ee:2f:dd:d3:
49:8b:71:09:20:75:7f:fb:78:4f:26:1f:a9:72:32:e3:a8:43:
ad:09:d5:77:38:69:54:41:e1:88:e1:57:a2:b3:c5:8a:d5:62:
df:c9:c8:db:90:59:8c:04:aa:54:da:b5:34:bf:10:08:33:fe:
63:f6:7a:a0:bf:65:11:e2:d9:59:b4:ea:c3:b3:42:eb:bd:3c:
c1:08:59:6c:61:c7:a7:ca:7a:eb:a5:e0:26:43:e9:a3:b1:c7:
39:68:94:2e:f9:55:e1:0c:d7:b5:96:fa:d5:fb:63:0e:3c:ed:
4f:31:0f:44:8b:0c:41:02:04:db:94:bf:ac:dd:14:06:3a:5f:
8e:1f:a7:3a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZRpHAWWM1LkD3+Ooar32oZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTE1MDgzNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzZkZjJkZGNiMDEwN2JkNjc5ZmU3NjEwM2YzOGQ2ZDdjY2VmMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h5R6KFf/g2Hrj0BEjLEvQCNLkXg
zOXg4uENDnqy6+3wY83Q77bFSGTv19Om8HskiTVG6Pm7rF5G8M/o46lwH7S1hAoy
naAG8L5dtFxRH25fMnkOZKmpTOL7A2xmj1gVoRLVoC5U+E/bzYAp0kzA5VmBHbXE
/zcunGRC3OX9zzJS5QDH1zjJByqsjMfUIAH7AJthtmPa+58kJ1lUNOpoFTia3BwA
+lx+Yi+VCrGckraTRoCY9kh3kkWWbWtUDmSo2PCAoN9QPcUs8DgN45GnLsRk7QU6
Kcx9XOuL7DIgHjnNMnbwlzJ1R1R1TxREeCCuH5I5FC3/n6y8sHSVLQ4D7QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFNdt8t3LAQe9Z5/nYQPzjW18zvE1MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMTIzeTNjc0JCNzFubi1kaEFfT05iWHpPOFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTAMBAIAATAGAwQAZ3Io
MHEEAgACMGsDBQMqBqYAAwUDKga1wAMFAyoGv0ADBQAqDhqEAwcAKg8egAEAAwcA
Kg8egBmGAwcAKg8ehAAgAwcAKg89gAusAwcAKg99AAABAwcAKg+8AKHEAwcAKg/m
xlUyAwUDKhMrQAMHACoT4QIAEDANBgkqhkiG9w0BAQsFAAOCAQEAqRlXoLzGXaKc
y6zrJ/6nj0ksv8jD/uT4yzeMX9FXSDaNAaaNQ5EyxTV8OJNCUYVQb+wHAa4QWAyJ
j4Kpu2NH3l5GO8V0Ljz34CygE6DMzMYYW6feWtbfJNqsZWjGej6Ga3L3rtX2sSNs
3Wd3VDVhjoF8fCJ7Hbl/ICTuL93TSYtxCSB1f/t4TyYfqXIy46hDrQnVdzhpVEHh
iOFXorPFitVi38nI25BZjASqVNq1NL8QCDP+Y/Z6oL9lEeLZWbTqw7NC6708wQhZ
bGHHp8p666XgJkPpo7HHOWiULvlV4QzXtZb61ftjDjztTzEPRIsMQQIE25S/rN0U
Bjpfjh+nOg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:06:35 2025 by rpki-client