Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x3JYZRdl5kMcMDUJUHuqr2ClWiU.roa
File: x3JYZRdl5kMcMDUJUHuqr2ClWiU.roa (raw, json)
Hash identifier: k8vHwJdl394Lo5/AsJMYDMuJuF1W9H4OSVqiqM6nyw0=
Subject key identifier: C7:72:58:65:17:65:E6:43:1C:30:35:09:50:7B:AA:AF:60:A5:5A:25
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193DE188D2DEBAF6D4BEA247A59DC9090DD
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x3JYZRdl5kMcMDUJUHuqr2ClWiU.roa
Signing time: Thu 19 Dec 2024 08:46:11 +0000
ROA not before: Thu 19 Dec 2024 08:46:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 103.114.40.0/24 maxlen: 24
2a0e:1a84::/32 maxlen: 32
2a0e:f600:5f::/48 maxlen: 48
2a0f:1e80:100::/48 maxlen: 48
2a0f:1e80:1986::/48 maxlen: 48
2a0f:3d80:bac::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e6c6:5532::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 19 Dec 2024 13:40:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:de:18:8d:2d:eb:af:6d:4b:ea:24:7a:59:dc:90:90:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 19 08:46:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c77258651765e6431c303509507baaaf60a55a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c2:82:22:d7:0a:2f:2e:2e:17:5e:a0:5b:ed:
a1:04:47:72:fc:d3:83:9e:e3:a1:89:7e:33:99:2a:
f2:99:c9:7b:88:c6:94:e8:ab:63:55:0f:c2:fb:85:
9d:dc:e2:c9:42:23:a8:72:ec:36:7f:d7:a3:ac:46:
fb:e2:f1:b3:d7:b0:11:ef:1f:12:8d:a6:19:af:3c:
17:57:77:b4:56:27:29:96:57:6a:5d:f2:2a:55:66:
aa:eb:aa:8b:9b:5a:4c:79:2d:c9:d7:cf:09:4f:a7:
25:9f:19:7f:b7:8c:53:dc:4b:62:2c:3c:65:e8:36:
fd:6e:31:71:78:6e:29:6d:16:94:78:98:2f:ec:b4:
9b:9a:54:08:7d:0e:0d:4e:aa:a0:30:ef:05:87:cf:
4c:e5:53:98:dd:8a:7a:0c:e9:35:ae:8b:5c:a2:33:
12:cd:af:36:d3:ff:21:5d:b9:fb:6b:12:1e:66:33:
b4:19:0a:b9:e2:75:fa:bb:9d:f4:1b:95:96:55:e0:
a9:16:42:5f:31:86:17:91:af:84:2b:10:c3:9d:86:
c1:e7:ff:9c:9a:39:96:fa:f7:2f:1a:31:5b:bf:ef:
be:8e:8c:f2:d8:55:75:22:58:b5:f3:57:21:df:8e:
3d:7f:07:98:89:43:fb:c4:28:b1:ba:7a:68:a5:78:
96:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:72:58:65:17:65:E6:43:1C:30:35:09:50:7B:AA:AF:60:A5:5A:25
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/x3JYZRdl5kMcMDUJUHuqr2ClWiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.114.40.0/24
IPv6:
2a0e:1a84::/32
2a0e:f600:5f::/48
2a0f:1e80:100::/48
2a0f:1e80:1986::/48
2a0f:3d80:bac::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a0f:e6c6:5532::/48
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
95:ff:c8:f3:a4:6f:c7:00:e8:76:40:6f:51:1a:47:40:fc:79:
a7:a4:c4:b2:25:cc:52:4d:1c:5b:b6:7a:9f:51:ee:4b:30:97:
88:c4:29:66:55:8f:2c:26:9a:c1:ab:ee:6e:b7:72:76:50:92:
0e:e2:78:bd:54:90:3a:29:48:ab:0a:66:69:1e:fd:de:1f:e5:
d3:52:20:03:88:d0:bf:33:01:3e:62:b6:8f:0e:dd:27:d5:79:
3e:fd:a9:11:98:86:02:ae:25:d4:7f:a0:8f:d4:9a:fe:ed:94:
f7:d5:c4:59:00:af:d4:d1:b8:17:40:6a:40:10:16:a2:40:96:
6a:80:2b:bc:b5:54:25:ed:7e:39:c0:09:b2:a1:d6:cf:3b:80:
5a:38:ab:e3:73:f5:e8:56:f1:d1:56:a4:8d:4e:01:13:74:5b:
63:58:fb:c3:a7:ef:ab:75:18:a7:b5:57:34:86:f7:b6:37:ac:
a4:75:21:07:7f:87:20:71:e3:7c:79:88:85:8f:9e:56:95:c9:
bb:01:13:25:a1:38:60:c2:c4:b1:29:9f:97:71:c8:fe:35:40:
c4:c6:31:12:5a:6e:bc:c0:f7:dc:83:cb:b7:f7:f3:73:6f:ca:
94:f9:5f:aa:13:3a:9b:c0:74:e1:c9:dd:7d:52:1e:f4:9e:fb:
b1:56:e5:73
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZPeGI0t669tS+okelnckJDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjE5MDg0NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzcyNTg2NTE3NjVlNjQzMWMzMDM1MDk1MDdiYWFhZjYwYTU1YTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsKCItcKLy4uF16gW+2hBEdy/NOD
nuOhiX4zmSrymcl7iMaU6KtjVQ/C+4Wd3OLJQiOocuw2f9ejrEb74vGz17AR7x8S
jaYZrzwXV3e0VicplldqXfIqVWaq66qLm1pMeS3J188JT6clnxl/t4xT3EtiLDxl
6Db9bjFxeG4pbRaUeJgv7LSbmlQIfQ4NTqqgMO8Fh89M5VOY3Yp6DOk1rotcojMS
za820/8hXbn7axIeZjO0GQq54nX6u530G5WWVeCpFkJfMYYXka+EKxDDnYbB5/+c
mjmW+vcvGjFbv+++jozy2FV1Ili181ch3449fweYiUP7xCixunpopXiWCwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFMdyWGUXZeZDHDA1CVB7qq9gpVolMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveDNKWVpSZGw1a01jTURVSlVIdXFyMkNsV2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzAMBAIAATAGAwQAZ3IoMFME
AgACME0DBQAqDhqEAwcAKg72AABfAwcAKg8egAEAAwcAKg8egBmGAwcAKg89gAus
AwcAKg99AAABAwcAKg+8AKHEAwcAKg/mxlUyAwUDKhMrQDANBgkqhkiG9w0BAQsF
AAOCAQEAlf/I86RvxwDodkBvURpHQPx5p6TEsiXMUk0cW7Z6n1HuSzCXiMQpZlWP
LCaawavubrdydlCSDuJ4vVSQOilIqwpmaR793h/l01IgA4jQvzMBPmK2jw7dJ9V5
Pv2pEZiGAq4l1H+gj9Sa/u2U99XEWQCv1NG4F0BqQBAWokCWaoArvLVUJe1+OcAJ
sqHWzzuAWjir43P16Fbx0VakjU4BE3RbY1j7w6fvq3UYp7VXNIb3tjespHUhB3+H
IHHjfHmIhY+eVpXJuwETJaE4YMLEsSmfl3HI/jVAxMYxElpuvMD33IPLt/fzc2/K
lPlfqhM6m8B04cndfVIe9J77sVblcw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:19 2025 by rpki-client