Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/SmhTTXhPfk7IwizMi1LtZJxzs3I.roa
File: SmhTTXhPfk7IwizMi1LtZJxzs3I.roa (raw, json)
Hash identifier: nW8bQ9yfdXFqv6XbMKmBE51sy+9iQheE84uyh+A1o/g=
Subject key identifier: 4A:68:53:4D:78:4F:7E:4E:C8:C2:2C:CC:8B:52:ED:64:9C:73:B3:72
Certificate issuer: /CN=0f025fa357c20abbf118426234658e62d7dc7076
Certificate serial: 0191FF8E689AF8CCEEFA7FFB0D4EE2D665C3
Authority key identifier: 0F:02:5F:A3:57:C2:0A:BB:F1:18:42:62:34:65:8E:62:D7:DC:70:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/SmhTTXhPfk7IwizMi1LtZJxzs3I.roa
Signing time: Tue 17 Sep 2024 10:36:48 +0000
ROA not before: Tue 17 Sep 2024 10:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214294
IP address blocks: 123.100.225.0/24 maxlen: 24
2a01:ee80:1::/48 maxlen: 48
2a01:ee80:2::/48 maxlen: 48
2a01:ee80:141::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Oct 2024 02:28:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:8e:68:9a:f8:cc:ee:fa:7f:fb:0d:4e:e2:d6:65:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f025fa357c20abbf118426234658e62d7dc7076
Validity
Not Before: Sep 17 10:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a68534d784f7e4ec8c22ccc8b52ed649c73b372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7d:8e:c1:e3:15:1c:5a:ee:f9:d1:81:3e:ee:
4d:d3:c9:1c:6a:a4:aa:cf:8f:76:da:25:47:4a:b7:
a0:1a:14:02:79:fe:77:8b:12:f7:65:a4:92:d5:2a:
a3:d4:46:aa:e7:1c:c5:08:1d:2d:55:6b:a3:63:c5:
16:43:1d:0f:37:52:7c:0f:ec:b1:13:e3:84:c4:7f:
60:73:65:de:fa:67:97:5e:78:0e:5c:49:8f:24:0a:
d7:58:a1:ec:4c:70:fc:43:51:cc:3f:73:30:f3:30:
6f:0f:e4:b1:09:42:f0:c3:0f:b7:92:96:fb:a7:46:
ca:fd:fc:56:09:81:18:8a:35:06:ff:ac:99:a9:0b:
f9:a4:a0:b5:57:af:d5:67:14:84:fc:64:35:9d:9a:
8a:4c:22:bc:d9:3a:34:d0:c0:1e:ce:a0:f2:d8:8f:
e4:f1:7e:24:8b:cd:d9:58:0f:7a:a6:d9:91:d8:a4:
15:c7:c1:ed:1b:48:8e:65:96:b5:92:16:51:d1:c7:
48:01:90:04:9d:18:94:36:ff:a3:6f:17:d9:88:7e:
15:5d:ca:d8:d9:7a:3a:97:01:fe:3c:96:8a:77:48:
2d:35:5c:74:d1:69:5c:59:cf:06:33:57:2d:cf:8e:
a2:0d:3c:84:42:3a:0f:3b:08:3e:04:dc:09:8b:52:
f1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:68:53:4D:78:4F:7E:4E:C8:C2:2C:CC:8B:52:ED:64:9C:73:B3:72
X509v3 Authority Key Identifier:
keyid:0F:02:5F:A3:57:C2:0A:BB:F1:18:42:62:34:65:8E:62:D7:DC:70:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/SmhTTXhPfk7IwizMi1LtZJxzs3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/DwJfo1fCCrvxGEJiNGWOYtfccHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.100.225.0/24
IPv6:
2a01:ee80:1::-2a01:ee80:2:ffff:ffff:ffff:ffff:ffff
2a01:ee80:141::/48
Signature Algorithm: sha256WithRSAEncryption
90:42:f8:7c:c0:b8:5c:8f:5d:bb:e3:0a:02:6b:18:46:86:dc:
d8:c2:2e:c9:18:29:7a:3c:c6:ef:b7:87:f6:3f:3f:0a:b8:e2:
77:98:40:64:e6:6a:44:b6:98:78:c0:2d:0d:0c:e2:8d:19:13:
55:ce:92:29:1c:fb:c3:57:0d:1b:61:25:c8:dd:77:47:f0:63:
f0:c0:68:16:f1:30:21:7c:08:41:de:23:b3:d7:02:c2:a2:cb:
1c:80:b9:a4:59:82:97:bb:44:48:1c:b7:d9:41:7f:e0:d3:5f:
22:68:ad:36:ea:62:25:ee:55:8e:34:e0:36:4d:66:b2:2d:f2:
e3:ec:00:07:49:7d:a5:03:66:c1:26:38:67:ba:78:a7:49:3c:
2b:c4:ba:e0:e8:09:04:eb:fb:83:b6:60:3f:bc:17:0b:66:6f:
30:d4:86:dd:3d:33:90:14:91:c2:46:a3:38:1a:fe:d1:43:3d:
3d:ec:2e:0b:48:da:f3:c1:00:49:4e:38:3a:4b:56:83:24:f1:
ec:fc:d5:25:e5:cb:91:f0:cb:bc:23:1c:31:5c:9d:b8:1d:57:
38:3e:8c:88:56:29:14:1a:f2:78:a4:28:3a:93:8c:3e:a0:fa:
4d:e1:ac:67:b1:80:de:20:d2:16:1b:b1:5d:5b:b6:af:a1:89:
58:2e:b3:0e
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZH/jmia+Mzu+n/7DU7i1mXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDI1ZmEzNTdjMjBhYmJmMTE4NDI2MjM0NjU4ZTYyZDdk
YzcwNzYwHhcNMjQwOTE3MTAzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTY4NTM0ZDc4NGY3ZTRlYzhjMjJjY2M4YjUyZWQ2NDljNzNiMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkn2OweMVHFru+dGBPu5N08kcaqSq
z4922iVHSregGhQCef53ixL3ZaSS1Sqj1Eaq5xzFCB0tVWujY8UWQx0PN1J8D+yx
E+OExH9gc2Xe+meXXngOXEmPJArXWKHsTHD8Q1HMP3Mw8zBvD+SxCULwww+3kpb7
p0bK/fxWCYEYijUG/6yZqQv5pKC1V6/VZxSE/GQ1nZqKTCK82To00MAezqDy2I/k
8X4ki83ZWA96ptmR2KQVx8HtG0iOZZa1khZR0cdIAZAEnRiUNv+jbxfZiH4VXcrY
2Xo6lwH+PJaKd0gtNVx00WlcWc8GM1ctz46iDTyEQjoPOwg+BNwJi1LxrQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFEpoU014T35OyMIszItS7WScc7NyMB8GA1UdIwQY
MBaAFA8CX6NXwgq78RhCYjRljmLX3HB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdKZm8xZkNDcnZ4R0VKaU5HV09ZdGZjY0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xMTRhMTAtOGVmNy00OTAzLTk2M2Ut
ZDRkNTlhMDk1YzdmLzEvU21oVFRYaFBmazdJd2l6TWkxTHRaSnh6czNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xMTRhMTAtOGVmNy00OTAzLTk2M2UtZDRkNTlhMDk1Yzdm
LzEvRHdKZm8xZkNDcnZ4R0VKaU5HV09ZdGZjY0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQAe2ThMCME
AgACMB0wEgMHACoB7oAAAQMHACoB7oAAAgMHACoB7oABQTANBgkqhkiG9w0BAQsF
AAOCAQEAkEL4fMC4XI9du+MKAmsYRobc2MIuyRgpejzG77eH9j8/Crjid5hAZOZq
RLaYeMAtDQzijRkTVc6SKRz7w1cNG2ElyN13R/Bj8MBoFvEwIXwIQd4js9cCwqLL
HIC5pFmCl7tESBy32UF/4NNfImitNupiJe5VjjTgNk1msi3y4+wAB0l9pQNmwSY4
Z7p4p0k8K8S64OgJBOv7g7ZgP7wXC2ZvMNSG3T0zkBSRwkajOBr+0UM9PewuC0ja
88EASU44OktWgyTx7PzVJeXLkfDLvCMcMVyduB1XOD6MiFYpFBryeKQoOpOMPqD6
TeGsZ7GA3iDSFhuxXVu2r6GJWC6zDg==
Generated at Thu Oct 24 04:01:21 2024 by rpki-client on console-fra.rpki-client.org