Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/dTY5_EMcwxeG3aOyGoRxiJJzu1M.roa
File: dTY5_EMcwxeG3aOyGoRxiJJzu1M.roa (raw, json)
Hash identifier: lbFkcaYBKYsGD038pG6kCpWC6syUvceOrWCvu+Csx0k=
Subject key identifier: 75:36:39:FC:43:1C:C3:17:86:DD:A3:B2:1A:84:71:88:92:73:BB:53
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018F2FF26F53642EF113A32A6718A9F00FC9
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/dTY5_EMcwxeG3aOyGoRxiJJzu1M.roa
Signing time: Tue 30 Apr 2024 16:59:28 +0000
ROA not before: Tue 30 Apr 2024 16:59:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 14.102.231.0/24 maxlen: 24
14.102.236.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 May 2024 01:27:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:f2:6f:53:64:2e:f1:13:a3:2a:67:18:a9:f0:0f:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Apr 30 16:59:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=753639fc431cc31786dda3b21a8471889273bb53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6d:dd:63:f5:2a:05:8a:88:f4:d1:24:d4:ee:
b8:da:8d:88:f6:f0:e3:1d:b6:46:c5:aa:d4:8e:ee:
27:85:56:1e:40:cd:b2:20:84:93:8a:32:8a:16:cb:
dc:29:05:f9:fc:b5:1e:1b:ab:2a:40:92:4a:0d:9f:
ce:b6:17:09:9d:8d:28:c3:8f:7d:eb:2e:fc:c6:55:
55:50:3c:81:ba:94:b1:5a:06:d6:86:3f:4d:95:9d:
7c:8c:11:6e:c7:76:9f:5a:9f:86:26:b2:76:91:a8:
aa:8a:9f:4d:36:ce:80:35:7c:00:63:04:04:50:ee:
31:b2:a3:8a:0b:65:d5:41:8a:2f:e5:cf:d2:e2:35:
2f:67:2b:51:7e:9d:72:a8:73:19:34:2d:39:83:37:
39:1b:8f:6d:ae:aa:60:c1:bd:19:0e:62:3b:b3:f8:
b6:15:d6:f1:79:f8:15:7a:4b:c5:31:44:b6:9e:a7:
0f:e2:32:63:43:50:bc:63:02:5b:21:5e:7d:2b:eb:
8e:eb:85:78:92:1b:a2:91:0d:1c:91:88:c7:7d:ed:
46:8c:a2:b6:7c:66:1d:16:fe:5b:58:5f:c2:c0:2d:
cc:8f:62:ec:de:ca:5a:ff:f9:80:c7:85:44:f5:d6:
c3:e9:dd:4c:41:79:7e:c2:c5:a1:8e:a7:30:ee:ec:
f1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:36:39:FC:43:1C:C3:17:86:DD:A3:B2:1A:84:71:88:92:73:BB:53
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/dTY5_EMcwxeG3aOyGoRxiJJzu1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.231.0/24
14.102.236.0/24
103.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
17:60:7a:5d:80:8a:f7:87:34:5a:a5:e7:c4:01:6c:0c:7f:b2:
23:ba:d1:2a:5a:c1:6e:ad:01:a7:93:fe:21:e3:38:38:36:6e:
d3:3a:94:6d:56:68:f7:3e:83:7a:9d:71:8b:79:1c:57:17:b0:
9a:ce:84:4e:7e:6c:2f:45:57:aa:f1:ef:50:b4:23:1c:93:e4:
e7:25:0e:79:5d:55:0a:77:e6:20:da:1b:87:30:00:78:b1:9f:
9e:33:c9:1b:2f:3c:33:1d:c6:22:35:b5:43:8a:18:5b:5a:2e:
8c:cd:c8:03:17:95:2b:ad:6b:df:3b:1d:2f:15:1f:b0:86:09:
7c:db:71:90:98:a0:a9:8f:ad:49:09:26:d2:aa:78:fe:92:4b:
a9:55:3d:e6:4c:e5:45:0b:c5:b8:95:b8:30:a3:35:06:74:e4:
99:e3:ad:b3:61:c1:5d:5f:05:bf:b2:b1:ee:9e:77:c7:17:a3:
77:c4:16:8d:fb:b9:1c:ee:d5:32:bb:8a:4a:0b:34:15:85:bd:
65:c2:5d:af:e6:a6:07:9f:ca:f3:f7:62:22:bf:3b:45:90:a0:
aa:a2:48:9b:91:5f:19:51:ac:1c:7e:fb:5e:5e:98:ce:5d:ec:
c2:b9:94:c6:d7:ee:a5:c4:1c:b4:0e:fd:db:77:f1:3e:20:17:
f4:f4:65:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8v8m9TZC7xE6MqZxip8A/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwNDMwMTY1OTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTM2MzlmYzQzMWNjMzE3ODZkZGEzYjIxYTg0NzE4ODkyNzNiYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7G3dY/UqBYqI9NEk1O642o2I9vDj
HbZGxarUju4nhVYeQM2yIISTijKKFsvcKQX5/LUeG6sqQJJKDZ/OthcJnY0ow499
6y78xlVVUDyBupSxWgbWhj9NlZ18jBFux3afWp+GJrJ2kaiqip9NNs6ANXwAYwQE
UO4xsqOKC2XVQYov5c/S4jUvZytRfp1yqHMZNC05gzc5G49trqpgwb0ZDmI7s/i2
FdbxefgVekvFMUS2nqcP4jJjQ1C8YwJbIV59K+uO64V4khuikQ0ckYjHfe1GjKK2
fGYdFv5bWF/CwC3Mj2Ls3spa//mAx4VE9dbD6d1MQXl+wsWhjqcw7uzxPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHU2OfxDHMMXht2jshqEcYiSc7tTMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvZFRZNV9FTWN3eGVHM2FPeUdvUnhpSkp6dTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQADmbnAwQA
DmbsAwQAZy87MA0GCSqGSIb3DQEBCwUAA4IBAQAXYHpdgIr3hzRapefEAWwMf7Ij
utEqWsFurQGnk/4h4zg4Nm7TOpRtVmj3PoN6nXGLeRxXF7CazoROfmwvRVeq8e9Q
tCMck+TnJQ55XVUKd+Yg2huHMAB4sZ+eM8kbLzwzHcYiNbVDihhbWi6MzcgDF5Ur
rWvfOx0vFR+whgl823GQmKCpj61JCSbSqnj+kkupVT3mTOVFC8W4lbgwozUGdOSZ
462zYcFdXwW/srHunnfHF6N3xBaN+7kc7tUyu4pKCzQVhb1lwl2v5qYHn8rz92Ii
vztFkKCqokibkV8ZUawcfvteXpjOXezCuZTG1+6lxBy0Dv3bd/E+IBf09GVJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:46 2025 by rpki-client