Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/4225b9-e9c3-4b8e-8bff-3a533cedc301/1/QwXAU1i9aPyBbVkZgwjaUxgTBb0.roa
File: QwXAU1i9aPyBbVkZgwjaUxgTBb0.roa (raw, json)
Hash identifier: bRsO3rzwh1sza9GtZ97B6kTtk41PTU2hl6FF1ygpTSg=
Subject key identifier: 43:05:C0:53:58:BD:68:FC:81:6D:59:19:83:08:DA:53:18:13:05:BD
Certificate issuer: /CN=2e1ce7bcec7fd7c29f098bbae0d312b5ee3a345e
Certificate serial: 01937339132796E1B802B54EDA46E6706052
Authority key identifier: 2E:1C:E7:BC:EC:7F:D7:C2:9F:09:8B:BA:E0:D3:12:B5:EE:3A:34:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhznvOx_18KfCYu64NMSte46NF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/4225b9-e9c3-4b8e-8bff-3a533cedc301/1/QwXAU1i9aPyBbVkZgwjaUxgTBb0.roa
Signing time: Thu 28 Nov 2024 14:42:20 +0000
ROA not before: Thu 28 Nov 2024 14:42:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35820
IP address blocks: 103.145.40.0/23 maxlen: 24
103.145.80.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:39:13:27:96:e1:b8:02:b5:4e:da:46:e6:70:60:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1ce7bcec7fd7c29f098bbae0d312b5ee3a345e
Validity
Not Before: Nov 28 14:42:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4305c05358bd68fc816d59198308da53181305bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d9:63:bb:8f:2a:f5:ef:bd:13:90:ef:2d:41:
b9:ad:c8:4f:80:f0:e4:8b:cc:eb:83:8b:c5:74:10:
9f:2d:e2:79:94:14:f4:f5:bc:a3:b4:e0:93:05:3f:
d8:1a:cd:2b:f7:bb:fb:37:90:d5:1f:80:d7:96:25:
1a:a1:19:05:2e:53:50:4c:32:81:48:24:4b:88:ee:
f7:ea:fd:8d:1d:8f:50:b1:d8:6b:e9:d9:32:c8:40:
f0:48:a6:13:65:9f:ac:6d:ae:27:3f:88:dd:53:67:
4b:b9:74:d3:a7:a6:3f:a8:bf:d1:41:78:18:48:3e:
35:da:ec:b4:84:a7:64:14:77:31:98:b8:7f:63:f4:
64:e2:9c:d4:1e:1b:2e:ca:23:a1:3d:bc:10:4e:60:
66:7a:cb:c8:9c:0a:46:c9:a9:3e:aa:1f:0e:1a:21:
e8:4f:74:ce:5b:18:16:3e:21:dc:eb:b7:60:b0:12:
02:3e:b5:b3:bc:d0:93:f7:a5:97:cd:16:2c:ba:91:
08:a1:14:cf:14:13:61:54:19:77:ac:84:7f:f8:3e:
44:95:d9:ff:15:38:af:da:13:5a:46:06:12:c8:82:
c4:92:4a:ff:c4:f3:91:d9:ac:78:92:28:85:6c:33:
19:1e:c7:b5:d0:f9:3b:d0:95:4b:4f:c3:47:ab:ab:
81:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:05:C0:53:58:BD:68:FC:81:6D:59:19:83:08:DA:53:18:13:05:BD
X509v3 Authority Key Identifier:
keyid:2E:1C:E7:BC:EC:7F:D7:C2:9F:09:8B:BA:E0:D3:12:B5:EE:3A:34:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhznvOx_18KfCYu64NMSte46NF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/4225b9-e9c3-4b8e-8bff-3a533cedc301/1/QwXAU1i9aPyBbVkZgwjaUxgTBb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/4225b9-e9c3-4b8e-8bff-3a533cedc301/1/LhznvOx_18KfCYu64NMSte46NF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.145.40.0/23
103.145.80.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:83:cc:92:3a:26:f2:eb:6d:be:01:79:42:90:a0:3b:b0:7b:
87:e7:6c:69:cf:b4:4c:42:e7:a8:f0:42:97:0a:22:7c:49:20:
1b:94:4e:9e:ce:49:be:6b:3e:89:77:bc:fd:12:fa:16:29:37:
f8:50:d8:bb:8d:71:6a:82:ae:25:58:a0:df:45:52:76:99:5f:
ca:f9:a4:58:06:89:78:2b:c8:8e:9d:53:12:af:fd:f4:ae:1e:
39:80:ea:18:2b:4a:af:d2:df:15:58:13:4e:da:43:ce:42:a5:
e1:24:bb:9a:72:96:b0:38:22:9f:3a:65:68:8a:65:b5:80:1e:
51:48:82:9c:b5:12:14:82:c7:58:80:97:27:a7:9c:4d:4b:50:
62:fc:9f:c1:9c:92:94:b3:c4:5f:a0:77:e8:a9:3c:76:de:f0:
76:52:1f:ee:20:63:81:fc:9b:27:4f:98:bf:82:e7:d5:bd:24:
d2:dc:5c:d1:54:74:40:ed:59:7a:e8:1c:8b:37:83:c9:f0:5f:
78:a9:df:42:25:2f:3d:1d:88:ef:91:77:5f:46:18:32:07:ed:
8b:7f:5b:27:c5:2a:a9:8a:99:53:4d:71:1f:e2:dc:f6:59:b9:
00:da:61:23:6a:3a:05:f2:99:30:e5:49:1b:a3:a7:10:68:65:
30:e7:f6:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNzORMnluG4ArVO2kbmcGBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMWNlN2JjZWM3ZmQ3YzI5ZjA5OGJiYWUwZDMxMmI1ZWUz
YTM0NWUwHhcNMjQxMTI4MTQ0MjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzA1YzA1MzU4YmQ2OGZjODE2ZDU5MTk4MzA4ZGE1MzE4MTMwNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNlju48q9e+9E5DvLUG5rchPgPDk
i8zrg4vFdBCfLeJ5lBT09byjtOCTBT/YGs0r97v7N5DVH4DXliUaoRkFLlNQTDKB
SCRLiO736v2NHY9Qsdhr6dkyyEDwSKYTZZ+sba4nP4jdU2dLuXTTp6Y/qL/RQXgY
SD412uy0hKdkFHcxmLh/Y/Rk4pzUHhsuyiOhPbwQTmBmesvInApGyak+qh8OGiHo
T3TOWxgWPiHc67dgsBICPrWzvNCT96WXzRYsupEIoRTPFBNhVBl3rIR/+D5Eldn/
FTiv2hNaRgYSyILEkkr/xPOR2ax4kiiFbDMZHse10Pk70JVLT8NHq6uBdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEMFwFNYvWj8gW1ZGYMI2lMYEwW9MB8GA1UdIwQY
MBaAFC4c57zsf9fCnwmLuuDTErXuOjReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGh6bnZPeF8xOEtmQ1l1NjROTVN0ZTQ2TkY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS80MjI1YjktZTljMy00YjhlLThiZmYt
M2E1MzNjZWRjMzAxLzEvUXdYQVUxaTlhUHlCYlZrWmd3amFVeGdUQmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS80MjI1YjktZTljMy00YjhlLThiZmYtM2E1MzNjZWRjMzAx
LzEvTGh6bnZPeF8xOEtmQ1l1NjROTVN0ZTQ2TkY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBZ5EoAwQB
Z5FQMA0GCSqGSIb3DQEBCwUAA4IBAQAMg8ySOiby622+AXlCkKA7sHuH52xpz7RM
Queo8EKXCiJ8SSAblE6ezkm+az6Jd7z9EvoWKTf4UNi7jXFqgq4lWKDfRVJ2mV/K
+aRYBol4K8iOnVMSr/30rh45gOoYK0qv0t8VWBNO2kPOQqXhJLuacpawOCKfOmVo
imW1gB5RSIKctRIUgsdYgJcnp5xNS1Bi/J/BnJKUs8RfoHfoqTx23vB2Uh/uIGOB
/JsnT5i/gufVvSTS3FzRVHRA7Vl66ByLN4PJ8F94qd9CJS89HYjvkXdfRhgyB+2L
f1snxSqpiplTTXEf4tz2WbkA2mEjajoF8pkw5Ukbo6cQaGUw5/Yo
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:08:19 2025 by rpki-client