Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/dab6ae-dba8-4b28-9c8f-b248cfa96a69/1/rPqtxvymDuHPCsInCMf1GAHN1a0.roa
File: rPqtxvymDuHPCsInCMf1GAHN1a0.roa (raw, json)
Hash identifier: vUrIDKKH4hzhje5ekxNcvj6U7jYh4W0jCowrCwODthg=
Subject key identifier: AC:FA:AD:C6:FC:A6:0E:E1:CF:0A:C2:27:08:C7:F5:18:01:CD:D5:AD
Certificate issuer: /CN=905a109336de89712e249c9846c9dbb1b3c98c7e
Certificate serial: 018C0092AC8730392CD004834F6284920EA0
Authority key identifier: 90:5A:10:93:36:DE:89:71:2E:24:9C:98:46:C9:DB:B1:B3:C9:8C:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kFoQkzbeiXEuJJyYRsnbsbPJjH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/dab6ae-dba8-4b28-9c8f-b248cfa96a69/1/rPqtxvymDuHPCsInCMf1GAHN1a0.roa
Signing time: Fri 24 Nov 2023 09:04:21 +0000
ROA not before: Fri 24 Nov 2023 09:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216053
IP address blocks: 202.37.103.0/24 maxlen: 24
203.21.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:00:92:ac:87:30:39:2c:d0:04:83:4f:62:84:92:0e:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=905a109336de89712e249c9846c9dbb1b3c98c7e
Validity
Not Before: Nov 24 09:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acfaadc6fca60ee1cf0ac22708c7f51801cdd5ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:30:a5:05:f4:48:26:83:2e:b8:af:c2:e8:0e:
23:b9:6a:23:50:d0:6e:4a:79:b4:35:4b:75:50:3e:
83:9a:34:66:76:ac:fe:af:1a:2f:cf:4c:41:48:bc:
46:1a:ce:bb:4c:4a:a5:03:32:2f:a6:39:51:28:78:
1d:a9:9c:59:cd:a0:a1:b8:82:6c:21:d6:76:01:1c:
37:74:10:a5:78:d2:d1:d2:80:9a:18:9c:41:25:ca:
5f:bb:4f:9d:15:4d:62:46:32:98:83:f2:fd:3f:63:
64:2b:52:38:46:ed:ce:f9:73:13:9f:38:31:6f:8e:
45:56:dd:3c:de:3a:23:f3:50:5b:82:5a:61:2f:fb:
8b:c8:5d:fe:41:f5:75:8d:37:4c:94:6b:77:f7:3a:
59:35:01:20:60:58:10:3d:fd:21:76:eb:79:52:c5:
6b:60:a5:35:4d:d3:66:fc:68:0b:10:f3:a3:0b:8c:
3b:24:fe:b7:12:cc:9e:ee:c1:6a:3c:c5:53:9e:d7:
5c:46:4c:54:8c:05:1b:4d:23:ce:48:27:79:fd:a6:
aa:fb:e8:cd:5f:13:63:b5:a7:0b:99:ea:59:73:5e:
4c:d0:e8:78:2f:b0:22:b4:81:2a:14:93:26:b6:40:
de:fb:70:22:03:68:46:c8:a8:41:73:a2:03:51:04:
81:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FA:AD:C6:FC:A6:0E:E1:CF:0A:C2:27:08:C7:F5:18:01:CD:D5:AD
X509v3 Authority Key Identifier:
keyid:90:5A:10:93:36:DE:89:71:2E:24:9C:98:46:C9:DB:B1:B3:C9:8C:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kFoQkzbeiXEuJJyYRsnbsbPJjH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/dab6ae-dba8-4b28-9c8f-b248cfa96a69/1/rPqtxvymDuHPCsInCMf1GAHN1a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/dab6ae-dba8-4b28-9c8f-b248cfa96a69/1/kFoQkzbeiXEuJJyYRsnbsbPJjH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.37.103.0/24
203.21.4.0/24
Signature Algorithm: sha256WithRSAEncryption
23:5d:e8:33:bd:44:54:39:39:71:21:5f:ca:1c:35:88:f3:80:
6d:be:88:8d:94:9d:07:25:12:a1:6a:48:b0:fd:ba:09:24:ab:
4e:22:c0:e1:ce:ee:80:01:e8:55:09:72:aa:0d:12:32:0f:d4:
a6:a1:e7:da:fa:c5:4b:f0:50:f3:ad:e4:cd:e7:e8:04:41:f9:
8c:cc:10:87:a2:00:c8:60:6d:5c:1a:e0:51:6e:c5:87:33:cb:
79:00:c1:4d:12:b8:70:7b:ba:c2:6f:fc:11:dd:51:2e:25:f7:
d0:b0:d8:32:8b:20:db:9e:ec:d1:19:30:55:85:a3:0f:da:18:
e8:c5:81:17:b2:15:78:da:e8:75:ea:ae:ac:de:6f:22:a2:e7:
e2:0f:b1:8b:b4:2c:32:10:ad:6f:29:e6:2f:cc:53:d0:d0:67:
02:42:3b:d8:2c:89:c3:27:2e:3a:05:b0:fd:4e:bd:9f:80:f6:
dd:fa:bd:14:9c:e6:57:2a:59:0c:22:06:95:65:90:8c:aa:47:
e8:0c:bf:c9:e6:55:8d:c8:cd:84:d2:7a:1e:b5:fc:43:bb:41:
91:ae:20:a8:64:5c:29:3a:84:b4:12:b2:bc:38:1d:2d:ae:53:
29:2b:0f:ea:ad:b1:a4:48:f4:0d:1c:29:86:a9:ea:94:c7:23:
e9:e2:87:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwAkqyHMDks0ASDT2KEkg6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNWExMDkzMzZkZTg5NzEyZTI0OWM5ODQ2YzlkYmIxYjNj
OThjN2UwHhcNMjMxMTI0MDkwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ZhYWRjNmZjYTYwZWUxY2YwYWMyMjcwOGM3ZjUxODAxY2RkNWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojClBfRIJoMuuK/C6A4juWojUNBu
Snm0NUt1UD6DmjRmdqz+rxovz0xBSLxGGs67TEqlAzIvpjlRKHgdqZxZzaChuIJs
IdZ2ARw3dBCleNLR0oCaGJxBJcpfu0+dFU1iRjKYg/L9P2NkK1I4Ru3O+XMTnzgx
b45FVt083joj81BbglphL/uLyF3+QfV1jTdMlGt39zpZNQEgYFgQPf0hdut5UsVr
YKU1TdNm/GgLEPOjC4w7JP63Esye7sFqPMVTntdcRkxUjAUbTSPOSCd5/aaq++jN
XxNjtacLmepZc15M0Oh4L7AitIEqFJMmtkDe+3AiA2hGyKhBc6IDUQSBUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKz6rcb8pg7hzwrCJwjH9RgBzdWtMB8GA1UdIwQY
MBaAFJBaEJM23olxLiScmEbJ27GzyYx+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0ZvUWt6YmVpWEV1Skp5WVJzbmJzYlBKakg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kYWI2YWUtZGJhOC00YjI4LTljOGYt
YjI0OGNmYTk2YTY5LzEvclBxdHh2eW1EdUhQQ3NJbkNNZjFHQUhOMWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kYWI2YWUtZGJhOC00YjI4LTljOGYtYjI0OGNmYTk2YTY5
LzEva0ZvUWt6YmVpWEV1Skp5WVJzbmJzYlBKakg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAyiVnAwQA
yxUEMA0GCSqGSIb3DQEBCwUAA4IBAQAjXegzvURUOTlxIV/KHDWI84BtvoiNlJ0H
JRKhakiw/boJJKtOIsDhzu6AAehVCXKqDRIyD9Smoefa+sVL8FDzreTN5+gEQfmM
zBCHogDIYG1cGuBRbsWHM8t5AMFNErhwe7rCb/wR3VEuJffQsNgyiyDbnuzRGTBV
haMP2hjoxYEXshV42uh16q6s3m8ioufiD7GLtCwyEK1vKeYvzFPQ0GcCQjvYLInD
Jy46BbD9Tr2fgPbd+r0UnOZXKlkMIgaVZZCMqkfoDL/J5lWNyM2E0noetfxDu0GR
riCoZFwpOoS0ErK8OB0trlMpKw/qrbGkSPQNHCmGqeqUxyPp4oeF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:11 2024 by rpki-client on console-fra.rpki-client.org