Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/hBNslN5GMINONaHTM3k6TwqgOCE.roa
File: hBNslN5GMINONaHTM3k6TwqgOCE.roa (raw, json)
Hash identifier: AHD71J9ZFpDc55NlYID8lmyXBCRYFAO/8AEyg04KjuM=
Subject key identifier: 84:13:6C:94:DE:46:30:83:4E:35:A1:D3:33:79:3A:4F:0A:A0:38:21
Certificate issuer: /CN=46f01771d1cc8fd114c46a616206aa4c59dbdc19
Certificate serial: 018CC26D4FBDB5E92096C9471CFBCB59B9EA
Authority key identifier: 46:F0:17:71:D1:CC:8F:D1:14:C4:6A:61:62:06:AA:4C:59:DB:DC:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/hBNslN5GMINONaHTM3k6TwqgOCE.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49157
IP address blocks: 103.95.118.0/24 maxlen: 24
103.95.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Feb 2024 14:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4f:bd:b5:e9:20:96:c9:47:1c:fb:cb:59:b9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46f01771d1cc8fd114c46a616206aa4c59dbdc19
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84136c94de4630834e35a1d333793a4f0aa03821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:05:fd:7a:01:58:6e:12:e0:47:93:c2:8c:32:
c7:88:42:0b:f1:35:b1:fc:17:82:81:2b:b3:09:05:
a6:e1:11:36:f8:72:a8:cc:32:d1:9d:27:0a:51:24:
21:b0:4f:99:3c:51:48:51:65:ed:bc:9d:62:0a:9c:
08:51:06:17:df:c4:fa:51:95:1d:3a:a4:38:99:12:
3e:b6:ba:13:ac:58:d3:e3:3a:8e:f6:42:0d:77:4b:
15:49:55:76:8d:20:bd:b6:24:f1:7f:c5:43:da:32:
16:83:e9:71:f9:d6:2f:e8:d8:48:39:7b:ca:f0:4c:
e0:3a:54:36:80:f0:2e:ce:5f:5a:c4:a9:53:e8:f6:
09:53:3c:53:77:02:ab:8d:0b:23:fd:24:36:93:95:
49:0f:f4:03:37:be:f6:4a:43:18:ba:46:6e:31:71:
22:7e:6a:c6:70:21:d5:dc:7b:b1:98:bb:c4:35:26:
13:4b:62:4f:30:27:7e:71:f5:87:e0:e6:dd:0a:1c:
92:b2:d0:11:8e:ba:60:9b:fc:ea:3a:d3:b4:7a:fd:
61:6c:2a:a4:e6:97:e5:2f:53:d2:03:a5:11:1d:e3:
02:28:a2:e1:67:1a:a9:8a:19:f7:10:f3:35:55:36:
ac:51:48:d0:2e:ab:87:59:c6:9a:30:1e:71:52:a8:
c2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:13:6C:94:DE:46:30:83:4E:35:A1:D3:33:79:3A:4F:0A:A0:38:21
X509v3 Authority Key Identifier:
keyid:46:F0:17:71:D1:CC:8F:D1:14:C4:6A:61:62:06:AA:4C:59:DB:DC:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/hBNslN5GMINONaHTM3k6TwqgOCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/RvAXcdHMj9EUxGphYgaqTFnb3Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.95.118.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:ec:e3:43:9d:09:e3:7a:ef:01:27:d1:30:27:4b:a9:a8:0c:
c2:be:d1:ef:20:ab:87:4c:e6:e2:4b:60:f5:0c:53:f8:96:b5:
0c:82:da:5f:fe:72:f6:62:79:8b:7b:83:4e:63:20:63:d0:70:
7f:e3:56:b2:73:46:23:5d:e0:79:7f:f0:e5:cf:dd:05:3d:87:
43:cc:1c:02:ed:95:13:24:d0:f8:e4:fd:b3:4c:26:67:31:04:
74:a6:e2:99:be:63:de:0d:20:7d:9c:3b:78:29:80:3b:fb:6d:
80:e8:12:28:e9:df:de:91:42:21:4f:60:7a:2f:70:7d:aa:f8:
7b:e3:25:60:15:e6:c9:e8:b7:e2:bf:85:f5:ac:a0:a8:76:2a:
69:d2:98:4c:eb:5e:a5:cc:84:13:74:80:a6:d7:34:56:84:6c:
4c:14:98:e6:80:4a:6a:d9:ad:3a:11:9f:95:cc:5f:a3:ea:7a:
d2:ea:52:ac:ac:51:19:c5:3e:4f:c8:e8:3b:cb:72:3e:8c:69:
ad:b2:6a:78:67:70:19:61:de:1b:10:fc:c5:fc:23:a6:88:fb:
c0:ef:8e:19:2f:c4:cd:64:22:7d:81:64:1c:47:0b:7b:f2:72:
0c:37:ce:d2:f7:5a:51:3b:06:f7:f9:66:f7:7c:f0:06:8d:29:
e4:5e:0b:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbU+9tekglslHHPvLWbnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZjAxNzcxZDFjYzhmZDExNGM0NmE2MTYyMDZhYTRjNTlk
YmRjMTkwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDEzNmM5NGRlNDYzMDgzNGUzNWExZDMzMzc5M2E0ZjBhYTAzODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwX9egFYbhLgR5PCjDLHiEIL8TWx
/BeCgSuzCQWm4RE2+HKozDLRnScKUSQhsE+ZPFFIUWXtvJ1iCpwIUQYX38T6UZUd
OqQ4mRI+troTrFjT4zqO9kINd0sVSVV2jSC9tiTxf8VD2jIWg+lx+dYv6NhIOXvK
8EzgOlQ2gPAuzl9axKlT6PYJUzxTdwKrjQsj/SQ2k5VJD/QDN772SkMYukZuMXEi
fmrGcCHV3HuxmLvENSYTS2JPMCd+cfWH4ObdChySstARjrpgm/zqOtO0ev1hbCqk
5pflL1PSA6URHeMCKKLhZxqpihn3EPM1VTasUUjQLquHWcaaMB5xUqjCFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQTbJTeRjCDTjWh0zN5Ok8KoDghMB8GA1UdIwQY
MBaAFEbwF3HRzI/RFMRqYWIGqkxZ29wZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnZBWGNkSE1qOUVVeEdwaFlnYXFURm5iM0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ZTU3YTMtYTE4MS00NWRmLWI0YWUt
MzE2ZjZkYWJmZmJmLzEvaEJOc2xONUdNSU5PTmFIVE0zazZUd3FnT0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ZTU3YTMtYTE4MS00NWRmLWI0YWUtMzE2ZjZkYWJmZmJm
LzEvUnZBWGNkSE1qOUVVeEdwaFlnYXFURm5iM0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ192MA0G
CSqGSIb3DQEBCwUAA4IBAQA97ONDnQnjeu8BJ9EwJ0upqAzCvtHvIKuHTObiS2D1
DFP4lrUMgtpf/nL2YnmLe4NOYyBj0HB/41ayc0YjXeB5f/Dlz90FPYdDzBwC7ZUT
JND45P2zTCZnMQR0puKZvmPeDSB9nDt4KYA7+22A6BIo6d/ekUIhT2B6L3B9qvh7
4yVgFebJ6Lfiv4X1rKCodipp0phM616lzIQTdICm1zRWhGxMFJjmgEpq2a06EZ+V
zF+j6nrS6lKsrFEZxT5PyOg7y3I+jGmtsmp4Z3AZYd4bEPzF/COmiPvA744ZL8TN
ZCJ9gWQcRwt78nIMN87S91pROwb3+Wb3fPAGjSnkXgt4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:21 2025 by rpki-client