Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JRfhLhL4lS8Mv3g7wpitmZNEXU8.roa
File: JRfhLhL4lS8Mv3g7wpitmZNEXU8.roa (raw, json)
Hash identifier: R6U+TQ2DEAP3I7l84CWQqmD8wei8wuXRYyNv1ZQVF6E=
Subject key identifier: 25:17:E1:2E:12:F8:95:2F:0C:BF:78:3B:C2:98:AD:99:93:44:5D:4F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019299352E189E5815FEB1AAD971D927F76C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JRfhLhL4lS8Mv3g7wpitmZNEXU8.roa
Signing time: Thu 17 Oct 2024 06:40:52 +0000
ROA not before: Thu 17 Oct 2024 06:40:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.152.198.0/24 maxlen: 24
103.114.40.0/24 maxlen: 24
2a0a:2d07:44::/48 maxlen: 48
2a0e:1a84::/32 maxlen: 32
2a0e:f600:5f::/48 maxlen: 48
2a0f:3d80:bac::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e6c6:5532::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 30 Oct 2024 19:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:35:2e:18:9e:58:15:fe:b1:aa:d9:71:d9:27:f7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 17 06:40:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2517e12e12f8952f0cbf783bc298ad9993445d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:83:dc:8d:e6:f8:c3:9d:dc:2b:39:f8:43:0e:
8b:78:bb:ce:b2:21:77:ca:b8:09:2b:b6:61:7e:46:
da:d3:ac:81:fd:08:0a:8f:9b:24:96:08:10:af:42:
ff:c9:58:4d:8f:59:2d:ed:44:66:ea:91:c3:9d:47:
4b:13:5d:36:35:68:04:f6:cf:2e:9c:b9:7a:f8:90:
0e:9e:69:fa:2f:24:eb:a3:d3:a8:00:e3:b7:4e:bd:
e3:a7:f8:6f:fb:d4:b3:d9:3b:21:ec:09:8a:34:4f:
df:09:14:67:c9:43:10:c2:da:1a:dd:05:8a:db:44:
fe:4e:3c:c7:cc:c5:93:22:be:a2:36:63:1b:f5:e0:
59:3a:ef:3e:5a:06:8a:89:4c:83:a8:f9:09:0a:ce:
96:ac:5a:6f:23:cf:d4:7d:f2:de:54:56:b0:3a:e4:
52:d5:58:67:b3:75:47:9e:bc:41:8f:d5:b3:57:db:
50:2d:79:a1:c3:4f:f5:44:04:62:5e:47:a2:0d:c9:
62:ea:de:18:21:b0:83:e1:ef:45:df:9f:30:41:80:
3d:aa:de:e8:4c:85:03:07:70:16:88:fd:c2:62:9c:
1f:1d:56:f0:70:8f:9c:b1:7d:9b:05:aa:38:a3:a4:
2b:2a:50:d4:4d:34:10:02:72:01:38:62:15:d8:ad:
49:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:17:E1:2E:12:F8:95:2F:0C:BF:78:3B:C2:98:AD:99:93:44:5D:4F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JRfhLhL4lS8Mv3g7wpitmZNEXU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.198.0/24
103.114.40.0/24
IPv6:
2a0a:2d07:44::/48
2a0e:1a84::/32
2a0e:f600:5f::/48
2a0f:3d80:bac::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a0f:e6c6:5532::/48
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
63:a2:ed:f2:4d:e7:b5:83:34:cb:e6:c3:12:3f:12:a7:80:1f:
5e:23:b3:9e:37:61:13:e9:cb:86:24:bd:b8:7f:6c:73:0a:d1:
24:9b:1b:d1:4d:da:9e:44:fa:7f:8f:50:3c:00:fe:49:00:cd:
a3:94:17:55:40:64:3b:aa:be:d0:89:e0:96:6b:60:1e:8e:88:
99:fd:03:8e:0b:a2:bb:6e:c1:b3:8d:8e:6f:cb:c2:cd:14:8b:
d6:30:63:52:d8:12:88:23:0b:e3:73:7c:dc:2a:18:ba:76:2f:
70:a3:93:bd:2a:0e:ac:50:af:a0:67:e1:f9:9c:52:c3:64:e3:
a5:c3:85:d2:45:bd:5d:ab:e9:6e:47:1c:cb:8c:cb:c1:e8:1d:
f9:b5:31:f8:3e:1e:0d:de:98:fd:bb:e4:5c:0c:5b:39:87:48:
3a:4e:5b:e0:43:82:38:02:ab:60:dd:62:3d:90:30:3f:02:92:
34:9c:99:1e:ff:e3:3e:6e:c3:a9:55:58:83:fe:09:c7:5d:e1:
dd:35:d2:c9:0f:b9:91:fa:5f:32:98:de:c5:35:e6:ff:9d:1a:
67:c9:62:2d:51:92:30:a7:6a:12:a2:fe:6c:88:35:c3:c0:e2:
cc:58:1b:2b:4b:0e:dd:9a:51:ad:a4:0a:14:25:cc:0f:4d:87:
66:a9:7c:70
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZKZNS4YnlgV/rGq2XHZJ/dsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDE3MDY0MDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTE3ZTEyZTEyZjg5NTJmMGNiZjc4M2JjMjk4YWQ5OTkzNDQ1ZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4Pcjeb4w53cKzn4Qw6LeLvOsiF3
yrgJK7Zhfkba06yB/QgKj5sklggQr0L/yVhNj1kt7URm6pHDnUdLE102NWgE9s8u
nLl6+JAOnmn6LyTro9OoAOO3Tr3jp/hv+9Sz2Tsh7AmKNE/fCRRnyUMQwtoa3QWK
20T+TjzHzMWTIr6iNmMb9eBZOu8+WgaKiUyDqPkJCs6WrFpvI8/UffLeVFawOuRS
1Vhns3VHnrxBj9WzV9tQLXmhw0/1RARiXkeiDcli6t4YIbCD4e9F358wQYA9qt7o
TIUDB3AWiP3CYpwfHVbwcI+csX2bBao4o6QrKlDUTTQQAnIBOGIV2K1JjwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFCUX4S4S+JUvDL94O8KYrZmTRF1PMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSlJmaExoTDRsUzhNdjNnN3dwaXRtWk5FWFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDASBAIAATAMAwQALZjGAwQA
Z3IoMEoEAgACMEQDBwAqCi0HAEQDBQAqDhqEAwcAKg72AABfAwcAKg89gAusAwcA
Kg99AAABAwcAKg+8AKHEAwcAKg/mxlUyAwUDKhMrQDANBgkqhkiG9w0BAQsFAAOC
AQEAY6Lt8k3ntYM0y+bDEj8Sp4AfXiOznjdhE+nLhiS9uH9scwrRJJsb0U3ankT6
f49QPAD+SQDNo5QXVUBkO6q+0InglmtgHo6Imf0Djguiu27Bs42Ob8vCzRSL1jBj
UtgSiCML43N83CoYunYvcKOTvSoOrFCvoGfh+ZxSw2TjpcOF0kW9Xavpbkccy4zL
wegd+bUx+D4eDd6Y/bvkXAxbOYdIOk5b4EOCOAKrYN1iPZAwPwKSNJyZHv/jPm7D
qVVYg/4Jx13h3TXSyQ+5kfpfMpjexTXm/50aZ8liLVGSMKdqEqL+bIg1w8DizFgb
K0sO3ZpRraQKFCXMD02HZql8cA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:29 2025 by rpki-client