Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/U7efTHfis-k1sjsR30jdDV2fnUk.roa
File: U7efTHfis-k1sjsR30jdDV2fnUk.roa (raw, json)
Hash identifier: tNIkd3chovZY4D+3DzULvCf6IsxyxUzHYvgfVV5ZG0c=
Subject key identifier: 53:B7:9F:4C:77:E2:B3:E9:35:B2:3B:11:DF:48:DD:0D:5D:9F:9D:49
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019422201867F18E53E83EF112E14B55159E
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/U7efTHfis-k1sjsR30jdDV2fnUk.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151734
IP address blocks: 103.47.56.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 19:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:18:67:f1:8e:53:e8:3e:f1:12:e1:4b:55:15:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53b79f4c77e2b3e935b23b11df48dd0d5d9f9d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:aa:83:92:ae:43:74:33:25:2b:8d:cd:88:30:
d7:14:93:04:d6:8b:5e:6d:3f:ea:d8:f7:9a:28:20:
b2:92:f3:2c:5b:d6:f8:30:22:ba:5c:f7:98:20:11:
2a:19:24:2b:b8:56:ba:de:4f:09:2e:fc:a1:24:dd:
32:f8:97:56:33:9a:f3:46:ae:1e:1d:1a:a3:9b:cb:
86:97:4e:53:7a:14:30:4e:d9:a8:0e:6e:be:1b:e8:
11:83:44:37:cd:74:7a:fc:6c:21:84:51:3f:59:69:
aa:b8:dc:7d:33:46:6d:92:16:ac:38:bc:d9:f7:6f:
27:89:d2:d4:fd:6a:2a:4e:43:a2:20:d1:41:51:4b:
50:78:8f:60:4d:ba:c1:ea:98:a1:e5:e8:3a:e2:59:
b4:b0:d3:0b:1d:e1:90:fa:75:c7:cb:42:2a:e5:21:
7a:c5:0d:d7:8b:de:50:e6:c7:4c:3b:90:ce:fa:18:
81:9a:e0:06:af:8b:24:a3:00:39:31:74:5d:39:3d:
ea:86:b4:cd:fd:71:f0:74:a9:28:73:f9:2c:cc:a1:
3b:f1:88:10:ee:77:4e:f0:9f:b0:07:b6:ab:00:e1:
9a:37:72:a7:6c:14:54:32:3f:d3:15:03:6d:0e:68:
c5:34:16:8e:f1:32:28:89:9a:e7:50:77:76:1c:13:
42:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B7:9F:4C:77:E2:B3:E9:35:B2:3B:11:DF:48:DD:0D:5D:9F:9D:49
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/U7efTHfis-k1sjsR30jdDV2fnUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.47.56.0/24
103.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
05:f0:df:0f:d3:f7:52:95:31:cb:8e:84:e0:47:59:e5:4f:92:
29:4a:ac:f2:34:8b:a5:9f:b7:b3:8e:7c:f0:ad:0a:2f:b9:e2:
5a:bc:90:7f:39:80:2b:c9:93:ed:b6:df:87:a3:91:c9:38:0c:
0f:9e:de:65:9c:22:41:28:e1:9b:7a:67:2d:a3:3c:c8:36:64:
a2:90:58:4a:7d:03:fc:75:e9:68:ed:38:e5:e6:b8:a7:45:d8:
59:0a:10:b3:03:e5:33:2b:f0:46:b5:96:ae:b7:44:e0:fe:1b:
ed:ec:44:94:47:2a:9a:dd:b5:17:7e:54:9a:a4:5c:fe:c5:2e:
28:ad:cc:6d:f8:81:b7:b6:2d:11:96:65:a1:0f:a3:e4:67:36:
38:b6:99:87:a8:bc:e4:c4:99:1c:6e:81:9d:76:ff:65:7d:66:
73:f8:62:89:64:29:7a:a3:88:45:26:f7:fa:24:66:1f:15:2b:
22:ad:ab:d1:7a:53:8d:45:49:8b:b0:32:5a:9e:61:e9:1a:02:
48:36:f7:a3:91:8a:e6:5e:9f:56:81:e0:82:36:76:88:3e:92:
06:91:75:0c:1b:98:53:21:9c:bb:75:f5:8c:ed:e9:2b:ea:6d:
0b:06:d8:42:88:b8:73:c1:96:a9:a0:f3:f7:fc:21:18:0a:5f:
d7:4b:dc:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiIBhn8Y5T6D7xEuFLVRWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2I3OWY0Yzc3ZTJiM2U5MzViMjNiMTFkZjQ4ZGQwZDVkOWY5ZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaqDkq5DdDMlK43NiDDXFJME1ote
bT/q2PeaKCCykvMsW9b4MCK6XPeYIBEqGSQruFa63k8JLvyhJN0y+JdWM5rzRq4e
HRqjm8uGl05TehQwTtmoDm6+G+gRg0Q3zXR6/GwhhFE/WWmquNx9M0ZtkhasOLzZ
928nidLU/WoqTkOiINFBUUtQeI9gTbrB6pih5eg64lm0sNMLHeGQ+nXHy0Iq5SF6
xQ3Xi95Q5sdMO5DO+hiBmuAGr4skowA5MXRdOT3qhrTN/XHwdKkoc/kszKE78YgQ
7ndO8J+wB7arAOGaN3KnbBRUMj/TFQNtDmjFNBaO8TIoiZrnUHd2HBNClwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFO3n0x34rPpNbI7Ed9I3Q1dn51JMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvVTdlZlRIZmlzLWsxc2pzUjMwamREVjJmblVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZy84AwQA
Zy87MA0GCSqGSIb3DQEBCwUAA4IBAQAF8N8P0/dSlTHLjoTgR1nlT5IpSqzyNIul
n7ezjnzwrQovueJavJB/OYAryZPttt+Ho5HJOAwPnt5lnCJBKOGbemctozzINmSi
kFhKfQP8delo7Tjl5rinRdhZChCzA+UzK/BGtZaut0Tg/hvt7ESURyqa3bUXflSa
pFz+xS4orcxt+IG3ti0RlmWhD6PkZzY4tpmHqLzkxJkcboGddv9lfWZz+GKJZCl6
o4hFJvf6JGYfFSsiravRelONRUmLsDJanmHpGgJINvejkYrmXp9WgeCCNnaIPpIG
kXUMG5hTIZy7dfWM7ekr6m0LBthCiLhzwZapoPP3/CEYCl/XS9ws
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:58 2025 by rpki-client