Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/8gBB5lSlW7B0HZSyqdqcFqYNOfI.roa
File: 8gBB5lSlW7B0HZSyqdqcFqYNOfI.roa (raw, json)
Hash identifier: OVoKKpercFEpXYpUK59OJ3VGPR9pbK6A9xeTbwtIc7Y=
Subject key identifier: F2:00:41:E6:54:A5:5B:B0:74:1D:94:B2:A9:DA:9C:16:A6:0D:39:F2
Certificate issuer: /CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Certificate serial: 018CC64B23562414B2A5706C3AFC813D3B84
Authority key identifier: 26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/8gBB5lSlW7B0HZSyqdqcFqYNOfI.roa
Signing time: Mon 01 Jan 2024 18:31:02 +0000
ROA not before: Mon 01 Jan 2024 18:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49596
IP address blocks: 103.231.136.0/24 maxlen: 24
103.231.137.0/24 maxlen: 24
103.231.139.0/24 maxlen: 24
103.231.138.0/24 maxlen: 24
185.137.111.0/24 maxlen: 24
185.137.109.0/24 maxlen: 24
185.137.110.0/24 maxlen: 24
185.137.108.0/24 maxlen: 24
185.137.108.0/22 maxlen: 22
2a0a:40c0::/29 maxlen: 29
2a07:387::/32 maxlen: 32
2a07:380::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 26 Mar 2024 19:04:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:23:56:24:14:b2:a5:70:6c:3a:fc:81:3d:3b:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f20041e654a55bb0741d94b2a9da9c16a60d39f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2a:ff:cc:79:65:e6:1d:d9:d0:ac:ac:14:fa:
ee:77:6b:34:f1:96:31:51:41:5d:e7:a7:ac:7d:36:
1d:1f:5c:98:9a:56:2f:10:1e:fd:9f:c3:24:e9:05:
c4:5a:2d:b1:95:76:f4:f0:fc:0f:15:22:17:72:78:
71:10:0f:f6:75:14:4e:75:70:4a:bf:d7:01:1b:70:
5b:94:91:22:1c:32:bb:d4:e8:70:35:6b:5a:5f:06:
d6:fc:44:23:71:a4:6d:7a:0a:ba:ec:0c:1b:9f:71:
e0:19:dd:6d:ad:20:8e:ad:5f:59:1f:4d:95:51:42:
e6:8e:74:5d:4e:7c:4a:0d:6f:9e:72:07:9a:2e:09:
f4:20:ef:1b:4a:70:69:bd:0c:1c:3f:16:3f:c0:ed:
5d:a6:1a:33:6e:fa:22:71:cb:e7:2c:51:7f:92:d2:
22:de:a3:e6:07:54:39:61:be:4e:54:c8:ac:65:32:
4c:40:d4:95:ec:88:2f:57:75:67:7c:0b:82:93:cb:
c8:39:24:d5:e7:8b:af:5c:49:3b:20:fa:4f:fe:e1:
59:82:31:aa:96:23:d7:a9:8f:2a:32:9e:61:a6:77:
99:a8:f6:fe:ad:5e:7b:6f:f0:5f:0f:e8:bb:85:13:
6b:aa:45:35:89:6d:eb:51:ef:6e:1b:0b:cb:6d:ea:
bb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:00:41:E6:54:A5:5B:B0:74:1D:94:B2:A9:DA:9C:16:A6:0D:39:F2
X509v3 Authority Key Identifier:
keyid:26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/8gBB5lSlW7B0HZSyqdqcFqYNOfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.231.136.0/22
185.137.108.0/22
IPv6:
2a07:380::/29
2a0a:40c0::/29
Signature Algorithm: sha256WithRSAEncryption
88:ec:c0:3c:36:37:46:1d:9a:5f:ed:f3:1c:17:a1:28:2f:ad:
66:52:6e:b8:db:a1:43:44:ba:91:9d:94:83:04:f8:50:9e:ff:
07:a4:77:cf:5e:63:ea:bc:13:25:98:f1:3b:43:32:9b:93:75:
91:43:7a:f6:b5:21:0a:8d:d9:8a:94:1a:7c:cc:18:cd:b4:9d:
b3:05:03:a1:c4:1a:11:76:00:88:92:64:31:65:ae:be:ab:1b:
28:f7:fb:9c:06:a7:0b:93:db:63:63:c2:96:68:40:b7:2d:70:
60:0c:9f:f9:2f:1c:c3:67:2c:fd:f1:2a:e0:d4:42:0f:45:9d:
19:a8:7e:ee:66:fb:d7:50:b8:91:63:99:d6:f3:de:4e:e5:2d:
88:25:e1:a3:80:d2:6e:fc:20:76:86:48:8f:75:8a:e7:ab:6c:
27:7f:c5:3e:a5:7b:50:66:86:af:33:3b:4a:83:94:87:9b:51:
24:a5:23:fc:77:ac:6b:d4:3f:19:90:fd:7b:89:3a:94:30:31:
41:28:4b:d9:e9:1b:41:58:33:a2:8c:b2:16:d8:2f:15:30:c8:
d2:d0:ec:65:45:2c:3d:77:84:ab:23:21:e3:5f:50:34:e2:9c:
b2:9f:51:8d:32:ce:8c:e1:4d:70:a2:73:ec:0f:af:94:11:e5:
3f:bb:c2:8d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGSyNWJBSypXBsOvyBPTuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRkYWUwNGRiY2IxZjgyZjU1YjA3ODMwN2JhNGIwODRi
OTk0YmIwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjAwNDFlNjU0YTU1YmIwNzQxZDk0YjJhOWRhOWMxNmE2MGQzOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCr/zHll5h3Z0KysFPrud2s08ZYx
UUFd56esfTYdH1yYmlYvEB79n8Mk6QXEWi2xlXb08PwPFSIXcnhxEA/2dRROdXBK
v9cBG3BblJEiHDK71OhwNWtaXwbW/EQjcaRtegq67Awbn3HgGd1trSCOrV9ZH02V
UULmjnRdTnxKDW+ecgeaLgn0IO8bSnBpvQwcPxY/wO1dphozbvoiccvnLFF/ktIi
3qPmB1Q5Yb5OVMisZTJMQNSV7IgvV3VnfAuCk8vIOSTV54uvXEk7IPpP/uFZgjGq
liPXqY8qMp5hpneZqPb+rV57b/BfD+i7hRNrqkU1iW3rUe9uGwvLbeq7PwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPIAQeZUpVuwdB2UsqnanBamDTnyMB8GA1UdIwQY
MBaAFCa92uBNvLH4L1WweDB7pLCEuZS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAt
ZjYxNzlhOTEwYjE1LzEvOGdCQjVsU2xXN0IwSFpTeXFkcWNGcVlOT2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAtZjYxNzlhOTEwYjE1
LzEvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCZ+eIAwQC
uYlsMBQEAgACMA4DBQMqBwOAAwUDKgpAwDANBgkqhkiG9w0BAQsFAAOCAQEAiOzA
PDY3Rh2aX+3zHBehKC+tZlJuuNuhQ0S6kZ2UgwT4UJ7/B6R3z15j6rwTJZjxO0My
m5N1kUN69rUhCo3ZipQafMwYzbSdswUDocQaEXYAiJJkMWWuvqsbKPf7nAanC5Pb
Y2PClmhAty1wYAyf+S8cw2cs/fEq4NRCD0WdGah+7mb711C4kWOZ1vPeTuUtiCXh
o4DSbvwgdoZIj3WK56tsJ3/FPqV7UGaGrzM7SoOUh5tRJKUj/Hesa9Q/GZD9e4k6
lDAxQShL2ekbQVgzooyyFtgvFTDI0tDsZUUsPXeEqyMh419QNOKcsp9RjTLOjOFN
cKJz7A+vlBHlP7vCjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:45 2024 by rpki-client on console-ams.rpki-client.org