Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/IaGMCvkf1Ozv8WrKI-thOd2EBVs.roa
File: IaGMCvkf1Ozv8WrKI-thOd2EBVs.roa (raw, json)
Hash identifier: Lv0SfJJ+CkX09XGj3XzNnvG8gZSD9R56Qj6O51XlqO8=
Subject key identifier: 21:A1:8C:0A:F9:1F:D4:EC:EF:F1:6A:CA:23:EB:61:39:DD:84:05:5B
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 019422FB0F87D5D31DCA31ABE4661C8747DB
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/IaGMCvkf1Ozv8WrKI-thOd2EBVs.roa
Signing time: Wed 01 Jan 2025 17:47:46 +0000
ROA not before: Wed 01 Jan 2025 17:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216167
IP address blocks: 103.102.230.0/24 maxlen: 24
203.55.81.0/24 maxlen: 24
2a13:c7c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Jan 2025 20:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:0f:87:d5:d3:1d:ca:31:ab:e4:66:1c:87:47:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Jan 1 17:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21a18c0af91fd4eceff16aca23eb6139dd84055b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f7:f5:3f:9e:a3:53:10:bd:cd:38:e0:25:67:
29:a4:5e:19:bf:17:22:a7:20:89:f5:42:26:9b:6c:
bb:d5:b5:13:8b:eb:89:0f:f7:b2:67:af:5c:61:fb:
73:b7:79:ed:3a:9a:55:41:91:52:b5:c4:76:7e:5f:
27:46:e4:2d:2a:3e:d3:fb:73:14:2b:fa:02:6e:b8:
10:80:84:9e:03:64:6b:20:a2:83:32:30:65:ca:e0:
29:dd:7f:39:d3:2e:30:e5:bd:6d:99:7d:20:f8:d3:
04:c3:d3:ba:19:97:23:72:d2:b7:ce:fa:0e:21:5b:
8d:26:16:33:44:55:47:e5:e8:e0:f9:c8:18:fe:30:
0e:3d:9f:94:c1:f1:4d:94:2e:1a:f3:3c:09:a5:50:
75:a3:c0:59:33:37:80:03:c3:42:1f:f1:e0:ca:8b:
05:d9:2e:c6:4c:e2:3f:2e:49:6c:a1:70:3b:62:f0:
3d:da:31:ba:67:70:2a:c2:4f:64:9d:d6:65:cb:f0:
3c:ec:ed:53:b4:93:c1:16:74:33:3b:79:68:e4:26:
29:2f:dd:a0:f8:7b:26:08:35:ca:99:8b:e8:81:8a:
a9:1f:0f:8d:61:49:32:17:ce:da:ce:64:71:bf:cd:
31:92:42:dd:a4:c5:9d:e5:db:39:82:b6:6b:e7:e4:
90:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A1:8C:0A:F9:1F:D4:EC:EF:F1:6A:CA:23:EB:61:39:DD:84:05:5B
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/IaGMCvkf1Ozv8WrKI-thOd2EBVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.230.0/24
203.55.81.0/24
IPv6:
2a13:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
73:86:0f:4a:c4:62:6f:68:f1:33:9f:7d:32:3d:e6:8a:d1:b3:
73:34:cb:1f:23:f8:15:4f:79:3f:db:76:6b:5b:55:9b:c4:07:
10:85:89:6a:06:26:94:32:51:ce:02:19:c6:e3:db:24:fe:2e:
7d:e7:81:f0:8e:61:3e:1e:76:55:1c:32:2b:49:73:a6:ff:2f:
91:ed:59:a9:a6:20:c5:52:66:27:f7:96:cc:12:98:a6:5f:d7:
1c:aa:79:e8:67:38:f6:50:67:97:39:0d:e7:72:13:b9:89:e9:
b2:26:70:dc:fc:da:c5:ea:81:9d:08:76:ae:2d:8a:75:2c:4d:
7e:cb:27:d8:da:43:7f:6a:e0:44:6e:19:03:81:95:b6:5d:8f:
3c:bd:2d:e6:00:74:d9:8b:62:42:85:bf:44:d7:64:fa:47:49:
24:68:2a:37:a5:48:f1:11:1b:a2:e2:90:13:9f:94:79:5d:11:
9a:8f:af:48:8e:c6:88:36:88:1f:81:46:b9:d4:09:11:50:8a:
ec:6e:ba:fb:31:fc:df:92:b2:7f:1a:86:18:25:77:d2:fc:57:
d8:22:cb:69:19:c0:b6:49:f6:63:cc:87:47:b3:fa:d4:54:6a:
7b:41:21:4f:49:65:ca:75:b0:4f:d5:c4:ab:ad:51:a2:a3:1e:
55:62:d1:8c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQi+w+H1dMdyjGr5GYch0fbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjUwMTAxMTc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWExOGMwYWY5MWZkNGVjZWZmMTZhY2EyM2ViNjEzOWRkODQwNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPf1P56jUxC9zTjgJWcppF4Zvxci
pyCJ9UImm2y71bUTi+uJD/eyZ69cYftzt3ntOppVQZFStcR2fl8nRuQtKj7T+3MU
K/oCbrgQgISeA2RrIKKDMjBlyuAp3X850y4w5b1tmX0g+NMEw9O6GZcjctK3zvoO
IVuNJhYzRFVH5ejg+cgY/jAOPZ+UwfFNlC4a8zwJpVB1o8BZMzeAA8NCH/HgyosF
2S7GTOI/LklsoXA7YvA92jG6Z3Aqwk9kndZly/A87O1TtJPBFnQzO3lo5CYpL92g
+HsmCDXKmYvogYqpHw+NYUkyF87azmRxv80xkkLdpMWd5ds5grZr5+SQCQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCGhjAr5H9Ts7/FqyiPrYTndhAVbMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvSWFHTUN2a2YxT3p2OFdyS0ktdGhPZDJFQlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAZ2bmAwQA
yzdRMA0EAgACMAcDBQAqE8fAMA0GCSqGSIb3DQEBCwUAA4IBAQBzhg9KxGJvaPEz
n30yPeaK0bNzNMsfI/gVT3k/23ZrW1WbxAcQhYlqBiaUMlHOAhnG49sk/i5954Hw
jmE+HnZVHDIrSXOm/y+R7VmppiDFUmYn95bMEpimX9ccqnnoZzj2UGeXOQ3nchO5
iemyJnDc/NrF6oGdCHauLYp1LE1+yyfY2kN/auBEbhkDgZW2XY88vS3mAHTZi2JC
hb9E12T6R0kkaCo3pUjxERui4pATn5R5XRGaj69IjsaINogfgUa51AkRUIrsbrr7
MfzfkrJ/GoYYJXfS/FfYIstpGcC2SfZjzIdHs/rUVGp7QSFPSWXKdbBP1cSrrVGi
ox5VYtGM
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:35:08 2025 by rpki-client