Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Kvzjrn0SHQxWDAJagmqyxfd-Asg.roa
File: Kvzjrn0SHQxWDAJagmqyxfd-Asg.roa (raw, json)
Hash identifier: yi+TkyO2p+nbtUCgzpOXk/+FzG39HXxiVrBYb7ws9XA=
Subject key identifier: 2A:FC:E3:AE:7D:12:1D:0C:56:0C:02:5A:82:6A:B2:C5:F7:7E:02:C8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019222C77175A4BFC246040E1983357C6480
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Kvzjrn0SHQxWDAJagmqyxfd-Asg.roa
Signing time: Tue 24 Sep 2024 06:45:48 +0000
ROA not before: Tue 24 Sep 2024 06:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63023
IP address blocks: 103.114.41.0/24 maxlen: 24
2a13:1480::/29 maxlen: 29
2a13:8c87::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 25 Sep 2024 08:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:22:c7:71:75:a4:bf:c2:46:04:0e:19:83:35:7c:64:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 24 06:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2afce3ae7d121d0c560c025a826ab2c5f77e02c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dc:e4:27:70:b4:22:79:28:06:b8:b0:fb:c9:
cd:6e:1e:99:20:82:ec:60:25:78:64:21:b4:9a:bf:
88:ed:18:b6:eb:5f:2d:44:03:a3:ca:b1:38:12:9f:
fa:f1:cf:48:eb:37:e8:f5:60:fd:40:b4:cd:cb:57:
11:9c:fd:f1:3e:53:e9:da:f2:29:07:bc:c1:cd:1c:
10:fc:fb:4c:b5:4d:11:bf:62:f6:f2:73:01:5d:5d:
2e:2d:32:79:e6:77:8d:23:a8:fd:46:46:74:e8:0b:
5b:7f:04:7d:f0:52:21:0f:38:88:67:6f:d2:ab:8f:
00:1e:50:2b:96:68:a6:a4:bc:cb:74:e9:fb:4e:df:
eb:ce:fa:af:a1:e6:d2:f0:c7:50:72:a6:c2:fb:6e:
7f:ce:77:d6:69:2b:38:bd:e5:4c:64:29:55:dd:b5:
94:34:0a:ee:d2:c5:96:20:2a:ad:de:5a:e7:28:79:
4b:fa:ed:0d:ff:9a:98:ea:75:a9:6b:15:61:7f:da:
cd:ff:09:68:a8:f9:ca:b0:2a:04:cf:66:a1:ce:8d:
e8:ac:21:36:ea:4d:e5:b3:3e:d5:fd:7e:fd:98:3f:
b5:19:55:88:37:ee:62:f7:fb:35:71:12:e7:ae:0f:
73:9c:2c:64:57:60:42:8f:43:97:46:b3:5d:58:69:
e8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FC:E3:AE:7D:12:1D:0C:56:0C:02:5A:82:6A:B2:C5:F7:7E:02:C8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Kvzjrn0SHQxWDAJagmqyxfd-Asg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.114.41.0/24
IPv6:
2a13:1480::/29
2a13:8c87::/32
Signature Algorithm: sha256WithRSAEncryption
16:d7:c5:33:05:55:a6:8e:9e:5a:61:22:23:0f:fd:5c:45:8c:
e1:03:89:74:bc:7e:b2:18:25:42:9e:e2:7d:19:94:e8:7e:c1:
07:e8:44:31:8e:f5:8e:b0:d8:3a:e6:4a:ef:32:ff:a1:0d:53:
64:52:3e:4e:af:3e:44:29:ab:23:bf:32:31:d0:8d:39:ef:75:
c2:b2:b3:a0:08:ad:c6:fd:99:f3:87:b1:04:9f:b9:f8:f5:66:
85:e7:4c:7f:16:88:cb:6c:c8:9e:33:c6:dc:9a:63:2d:e1:0a:
d2:d2:14:d7:55:f7:f6:48:d4:45:28:e3:c8:f0:33:3d:ab:e2:
68:71:b3:74:92:41:08:a7:28:04:cb:56:ca:16:9e:ba:b2:b0:
97:c2:fe:d7:ea:f8:a3:89:78:4b:20:57:b2:97:83:34:be:d3:
d4:2c:3c:76:8b:8e:01:29:8e:0e:1c:28:d0:a2:72:fe:b0:44:
81:c3:0e:39:fa:c3:2a:a7:a6:85:14:cd:ae:6b:3c:b4:f2:63:
00:cd:c6:7a:a8:40:68:14:40:b4:67:83:13:cf:2a:18:5e:c1:
b0:ef:57:7f:e5:32:7d:68:0b:88:07:e8:60:78:46:2d:e4:12:
cd:db:0b:e8:c4:43:01:ec:83:41:13:85:09:54:fe:d9:fb:4d:
af:06:f7:6e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZIix3F1pL/CRgQOGYM1fGSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTI0MDY0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZjZTNhZTdkMTIxZDBjNTYwYzAyNWE4MjZhYjJjNWY3N2UwMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNzkJ3C0InkoBriw+8nNbh6ZIILs
YCV4ZCG0mr+I7Ri2618tRAOjyrE4Ep/68c9I6zfo9WD9QLTNy1cRnP3xPlPp2vIp
B7zBzRwQ/PtMtU0Rv2L28nMBXV0uLTJ55neNI6j9RkZ06AtbfwR98FIhDziIZ2/S
q48AHlArlmimpLzLdOn7Tt/rzvqvoebS8MdQcqbC+25/znfWaSs4veVMZClV3bWU
NAru0sWWICqt3lrnKHlL+u0N/5qY6nWpaxVhf9rN/wloqPnKsCoEz2ahzo3orCE2
6k3lsz7V/X79mD+1GVWIN+5i9/s1cRLnrg9znCxkV2BCj0OXRrNdWGnoEQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCr84659Eh0MVgwCWoJqssX3fgLIMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvS3Z6anJuMFNIUXhXREFKYWdtcXl4ZmQtQXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAZ3IpMBQE
AgACMA4DBQMqExSAAwUAKhOMhzANBgkqhkiG9w0BAQsFAAOCAQEAFtfFMwVVpo6e
WmEiIw/9XEWM4QOJdLx+shglQp7ifRmU6H7BB+hEMY71jrDYOuZK7zL/oQ1TZFI+
Tq8+RCmrI78yMdCNOe91wrKzoAitxv2Z84exBJ+5+PVmhedMfxaIy2zInjPG3Jpj
LeEK0tIU11X39kjURSjjyPAzPaviaHGzdJJBCKcoBMtWyhaeurKwl8L+1+r4o4l4
SyBXspeDNL7T1Cw8douOASmODhwo0KJy/rBEgcMOOfrDKqemhRTNrms8tPJjAM3G
eqhAaBRAtGeDE88qGF7BsO9Xf+UyfWgLiAfoYHhGLeQSzdsL6MRDAeyDQROFCVT+
2ftNrwb3bg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:09:46 2025 by rpki-client