Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/AZIyItxjbWmRy6nERjPl0zsco1U.roa
File: AZIyItxjbWmRy6nERjPl0zsco1U.roa (raw, json)
Hash identifier: lO5rnN4x2yrtw6VFgUlisEw92fuU4uEEbzIpia61OrA=
Subject key identifier: 01:92:32:22:DC:63:6D:69:91:CB:A9:C4:46:33:E5:D3:3B:1C:A3:55
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018DEC7B1EC26E3E5C4863DFBB93B27B8A56
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/AZIyItxjbWmRy6nERjPl0zsco1U.roa
Signing time: Tue 27 Feb 2024 21:31:48 +0000
ROA not before: Tue 27 Feb 2024 21:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 14.102.231.0/24 maxlen: 24
103.47.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 03:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ec:7b:1e:c2:6e:3e:5c:48:63:df:bb:93:b2:7b:8a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Feb 27 21:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01923222dc636d6991cba9c44633e5d33b1ca355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:15:b0:32:78:be:29:0e:dc:bc:11:fe:84:5f:
b8:26:ed:8b:d4:26:4d:fe:74:a8:0c:e8:12:79:eb:
1e:1c:76:60:67:26:4d:e6:3b:4a:5b:58:dc:e5:03:
6c:11:fc:ea:50:80:5f:be:2c:f8:a7:83:63:d8:71:
cc:ef:cd:bf:26:20:11:a7:38:b3:03:67:6f:71:b7:
19:13:36:f7:7f:42:89:ae:d5:fd:fa:90:39:7e:0f:
44:a9:b2:9c:8c:24:3e:cd:40:2e:ed:9d:5b:9c:a6:
3b:2f:d6:28:1f:77:3a:b8:26:29:fc:4e:a6:99:bc:
8e:1f:f8:21:46:11:4f:8d:63:3b:5c:f6:a2:70:71:
56:f9:a6:5b:a5:75:bd:50:14:d8:eb:bb:f6:33:e5:
58:61:0e:b9:d7:97:5b:ff:b1:5a:00:0a:d9:14:7c:
b6:81:43:18:be:88:b7:d7:1f:69:a8:f6:4b:22:32:
a5:bf:c7:31:de:12:ee:aa:b6:35:d0:40:03:33:ac:
7b:4d:b2:85:06:cc:dc:9a:5d:b3:20:a5:64:6b:73:
db:cf:53:f5:fb:6d:ca:b6:5d:05:e3:df:ea:20:2d:
7e:0a:80:01:f0:a7:df:61:1c:76:70:8f:f0:dd:78:
fd:29:cc:2e:7f:08:6e:4e:80:d0:b8:f1:a1:34:bb:
82:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:92:32:22:DC:63:6D:69:91:CB:A9:C4:46:33:E5:D3:3B:1C:A3:55
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/AZIyItxjbWmRy6nERjPl0zsco1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.231.0/24
103.47.56.0/24
Signature Algorithm: sha256WithRSAEncryption
17:e0:68:dd:4a:ca:cf:bd:f3:52:44:2a:6f:7c:b4:34:e5:0a:
ea:11:95:fc:2a:15:3b:50:d9:3b:f9:83:3a:ac:fc:d0:a7:7e:
83:db:eb:9d:a8:09:87:be:42:ad:20:8d:5e:c7:50:ec:08:46:
c7:e9:b6:6a:79:48:37:70:71:ff:35:33:98:ab:33:2d:53:fa:
5a:fe:0e:d4:61:49:04:b5:aa:c3:18:1b:cf:a6:c1:68:01:07:
dd:2c:e2:7d:58:aa:7e:32:ec:17:97:49:6c:98:7d:6c:9a:51:
cb:2e:1b:95:61:05:f0:48:2e:a3:0d:be:57:3a:1d:0c:c1:b0:
18:d1:fd:37:2c:93:a1:3b:80:ec:95:2f:7d:21:12:33:e9:1b:
2f:b8:e1:f6:ff:1a:8f:fc:09:8d:22:60:29:d0:b4:76:51:6e:
f3:bf:a5:9b:55:55:55:a3:61:f8:cb:82:bd:19:0b:71:27:e4:
bf:9d:36:ba:de:f3:72:4d:49:f8:1b:1b:1c:b4:a4:93:6e:b6:
f7:d6:f1:aa:dd:0c:b4:d1:a1:ce:2f:2a:14:81:97:7e:c7:26:
68:85:30:b4:8f:67:3d:95:5a:7e:6a:ea:4b:85:84:c2:03:b1:
58:eb:46:b2:10:b6:16:23:ca:a6:96:9f:4e:42:d9:87:75:90:
28:23:c0:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3sex7Cbj5cSGPfu5Oye4pWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwMjI3MjEzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTkyMzIyMmRjNjM2ZDY5OTFjYmE5YzQ0NjMzZTVkMzNiMWNhMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRWwMni+KQ7cvBH+hF+4Ju2L1CZN
/nSoDOgSeeseHHZgZyZN5jtKW1jc5QNsEfzqUIBfviz4p4Nj2HHM782/JiARpziz
A2dvcbcZEzb3f0KJrtX9+pA5fg9EqbKcjCQ+zUAu7Z1bnKY7L9YoH3c6uCYp/E6m
mbyOH/ghRhFPjWM7XPaicHFW+aZbpXW9UBTY67v2M+VYYQ6515db/7FaAArZFHy2
gUMYvoi31x9pqPZLIjKlv8cx3hLuqrY10EADM6x7TbKFBszcml2zIKVka3Pbz1P1
+23Ktl0F49/qIC1+CoAB8KffYRx2cI/w3Xj9KcwufwhuToDQuPGhNLuCjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAGSMiLcY21pkcupxEYz5dM7HKNVMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvQVpJeUl0eGpiV21SeTZuRVJqUGwwenNjbzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQADmbnAwQA
Zy84MA0GCSqGSIb3DQEBCwUAA4IBAQAX4GjdSsrPvfNSRCpvfLQ05QrqEZX8KhU7
UNk7+YM6rPzQp36D2+udqAmHvkKtII1ex1DsCEbH6bZqeUg3cHH/NTOYqzMtU/pa
/g7UYUkEtarDGBvPpsFoAQfdLOJ9WKp+MuwXl0lsmH1smlHLLhuVYQXwSC6jDb5X
Oh0MwbAY0f03LJOhO4DslS99IRIz6RsvuOH2/xqP/AmNImAp0LR2UW7zv6WbVVVV
o2H4y4K9GQtxJ+S/nTa63vNyTUn4GxsctKSTbrb31vGq3Qy00aHOLyoUgZd+xyZo
hTC0j2c9lVp+aupLhYTCA7FY60ayELYWI8qmlp9OQtmHdZAoI8AK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:40 2025 by rpki-client