Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vfD1XA3MTJK66-IKWDOc8ldGFnE.roa
File: vfD1XA3MTJK66-IKWDOc8ldGFnE.roa (raw, json)
Hash identifier: OgwOaNKilLM66OJe7IMVBYkVsoWRzXTPTTqYiGZZ+AM=
Subject key identifier: BD:F0:F5:5C:0D:CC:4C:92:BA:EB:E2:0A:58:33:9C:F2:57:46:16:71
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194274827735952130D1E6CA554B97A27A5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vfD1XA3MTJK66-IKWDOc8ldGFnE.roa
Signing time: Thu 02 Jan 2025 13:50:27 +0000
ROA not before: Thu 02 Jan 2025 13:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 103.227.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 06:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:27:73:59:52:13:0d:1e:6c:a5:54:b9:7a:27:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdf0f55c0dcc4c92baebe20a58339cf257461671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:49:16:a8:c8:74:a6:33:09:d8:bd:4e:5b:cc:
c1:75:e7:e5:b9:73:e6:50:52:bc:6d:52:4f:bd:ba:
8b:9f:1b:b6:a5:b5:4c:29:96:91:76:47:d4:4a:34:
7b:3e:19:f1:65:e5:ab:88:df:b8:80:56:90:5b:cb:
86:8c:1b:ac:31:f2:a9:59:a6:5b:75:8e:88:d7:8e:
c7:df:93:9b:05:f0:2d:7c:cb:5b:9a:28:94:f2:40:
01:09:e0:eb:b3:ea:c3:91:d9:58:ef:6b:5e:0f:a9:
37:c8:bf:5f:76:a1:be:00:36:34:b4:a5:ed:a8:21:
6d:45:9b:7f:15:35:e4:e0:6f:7f:c5:1f:37:bf:70:
7c:3a:e3:1a:ac:0b:b0:6b:06:97:f6:2c:83:68:df:
2e:d5:94:9c:63:45:12:0a:1e:1e:e4:0c:31:2c:e0:
37:a0:4b:12:65:e7:2d:4a:90:d8:c4:c7:34:46:55:
61:ba:71:70:49:76:0d:6b:87:f7:a9:a2:dc:9f:45:
19:00:32:a2:0a:03:dd:f5:f0:7f:8d:60:44:c5:0b:
57:bc:6c:ad:5e:91:45:fa:93:16:92:70:f9:c1:b9:
bf:2a:8d:27:ae:c3:49:ab:4a:51:c5:e2:a4:d4:4b:
43:71:e6:59:50:5c:00:77:7f:f8:9a:17:34:db:c1:
1c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F0:F5:5C:0D:CC:4C:92:BA:EB:E2:0A:58:33:9C:F2:57:46:16:71
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vfD1XA3MTJK66-IKWDOc8ldGFnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.227.87.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:dc:eb:76:10:41:d3:8c:90:9b:fb:4d:ef:96:2d:42:8c:80:
0c:46:08:c3:e3:2e:c5:cd:29:ee:a6:53:1c:91:11:45:94:d2:
84:57:42:f1:4f:4c:81:fc:3a:ac:e9:c9:58:3a:d3:a2:3b:a7:
eb:ed:63:11:90:88:40:da:02:eb:88:e4:80:93:bc:58:2b:31:
56:0e:82:67:30:48:6b:b4:55:4f:cb:f3:da:bd:56:39:9f:fe:
69:1e:d1:aa:36:e2:53:f3:c2:d4:a4:10:65:26:1d:8c:1b:6b:
f8:71:e8:1c:a1:00:48:24:f5:24:b2:3a:9d:8a:c0:b8:3c:e2:
11:39:61:df:e9:69:5b:3b:d7:0d:4d:d2:f6:3b:18:05:8d:ab:
fd:90:3a:59:0a:9c:65:81:ab:59:9d:8c:9a:df:ef:da:99:68:
2a:92:6b:24:f6:fd:ba:c7:d3:ef:f5:90:52:13:a8:28:5c:9a:
6e:0f:72:b7:66:f3:c1:86:f3:f7:b7:16:83:9a:99:d8:c8:61:
a1:58:3b:33:e1:d7:a7:7f:d0:e1:f7:86:ca:85:fd:38:5e:9b:
26:d3:8e:a8:db:dd:7f:91:76:75:a5:eb:19:f9:2e:7e:2e:34:
0e:52:ed:4c:90:92:b0:f1:c4:47:48:24:1e:31:e0:b5:9a:bd:
f5:30:b6:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSCdzWVITDR5spVS5eielMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGYwZjU1YzBkY2M0YzkyYmFlYmUyMGE1ODMzOWNmMjU3NDYxNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEkWqMh0pjMJ2L1OW8zBdefluXPm
UFK8bVJPvbqLnxu2pbVMKZaRdkfUSjR7PhnxZeWriN+4gFaQW8uGjBusMfKpWaZb
dY6I147H35ObBfAtfMtbmiiU8kABCeDrs+rDkdlY72teD6k3yL9fdqG+ADY0tKXt
qCFtRZt/FTXk4G9/xR83v3B8OuMarAuwawaX9iyDaN8u1ZScY0USCh4e5AwxLOA3
oEsSZectSpDYxMc0RlVhunFwSXYNa4f3qaLcn0UZADKiCgPd9fB/jWBExQtXvGyt
XpFF+pMWknD5wbm/Ko0nrsNJq0pRxeKk1EtDceZZUFwAd3/4mhc028Ec8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3w9VwNzEySuuviClgznPJXRhZxMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdmZEMVhBM01USks2Ni1JS1dET2M4bGRHRm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+NXMA0G
CSqGSIb3DQEBCwUAA4IBAQBu3Ot2EEHTjJCb+03vli1CjIAMRgjD4y7FzSnuplMc
kRFFlNKEV0LxT0yB/Dqs6clYOtOiO6fr7WMRkIhA2gLriOSAk7xYKzFWDoJnMEhr
tFVPy/PavVY5n/5pHtGqNuJT88LUpBBlJh2MG2v4cegcoQBIJPUksjqdisC4POIR
OWHf6WlbO9cNTdL2OxgFjav9kDpZCpxlgatZnYya3+/amWgqkmsk9v26x9Pv9ZBS
E6goXJpuD3K3ZvPBhvP3txaDmpnYyGGhWDsz4denf9Dh94bKhf04Xpsm046o291/
kXZ1pesZ+S5+LjQOUu1MkJKw8cRHSCQeMeC1mr31MLZb
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:34:45 2025 by rpki-client