Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/R0ffCzVBW6uYPjExOxhnDoM29qo.roa
File: R0ffCzVBW6uYPjExOxhnDoM29qo.roa (raw, json)
Hash identifier: pHe84LWvPSGq4irLO1zUslessNKHzXaAsR/kNg7jUiw=
Subject key identifier: 47:47:DF:0B:35:41:5B:AB:98:3E:31:31:3B:18:67:0E:83:36:F6:AA
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 0192DE6D5A8B65F1FA994B55DC3CFD177118
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/R0ffCzVBW6uYPjExOxhnDoM29qo.roa
Signing time: Wed 30 Oct 2024 17:16:01 +0000
ROA not before: Wed 30 Oct 2024 17:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216167
IP address blocks: 103.102.230.0/24 maxlen: 24
203.55.81.0/24 maxlen: 24
2a13:c7c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:de:6d:5a:8b:65:f1:fa:99:4b:55:dc:3c:fd:17:71:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Oct 30 17:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4747df0b35415bab983e31313b18670e8336f6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:34:c4:84:74:3e:6d:10:09:49:41:13:52:b3:
d9:0f:20:6b:23:a0:ee:31:be:fb:49:d7:da:b0:3d:
ab:76:67:4b:65:e7:d1:04:08:d6:ed:94:a9:fe:fa:
d2:84:f2:42:c0:e6:0f:81:d7:76:d6:dd:e2:6a:df:
e8:fe:03:8a:be:4b:db:99:39:c2:47:58:ba:13:61:
3f:39:11:49:df:c8:42:25:02:d6:c7:4f:e7:ea:ce:
14:c5:d1:5e:71:07:38:3c:fe:11:db:75:4e:1d:c5:
f7:3a:85:a4:b7:0b:9f:08:71:16:71:af:51:c0:b4:
9b:52:54:fc:c0:d8:af:94:62:59:71:58:0d:47:9e:
c2:d9:4a:ae:ce:35:bc:06:67:39:4f:66:a0:6f:76:
a2:4e:05:e4:f7:ff:c0:de:0b:cf:b3:04:ea:04:2d:
f9:d2:55:fd:8f:3d:2a:fb:cf:51:f4:fc:13:b8:ae:
97:c9:f0:dd:c4:9c:2a:40:ea:6c:8e:98:67:4f:fe:
ed:24:fa:c4:68:7f:9e:79:27:d5:ef:fb:f5:f9:a1:
04:f5:23:5e:57:a7:a6:63:ec:f6:ea:26:57:b1:fd:
81:fc:bd:88:e2:90:9d:c2:2c:d5:f1:a9:57:4b:2b:
c9:bf:33:91:e8:86:0e:cc:c8:b2:e6:30:23:43:a4:
0a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:47:DF:0B:35:41:5B:AB:98:3E:31:31:3B:18:67:0E:83:36:F6:AA
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/R0ffCzVBW6uYPjExOxhnDoM29qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.230.0/24
203.55.81.0/24
IPv6:
2a13:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:50:91:b8:fa:c7:9e:b5:87:91:55:15:60:97:55:40:64:ae:
00:b4:3d:16:75:f4:92:d2:0b:29:c2:0e:b7:88:11:5e:6c:97:
a9:33:90:7d:1f:2a:1b:05:4a:cd:93:61:13:a9:c9:3e:80:05:
7c:ae:d1:9c:d6:c0:0b:75:82:14:21:97:79:7d:00:dd:f1:c1:
6e:67:4b:10:ee:80:14:30:50:94:49:ba:e8:3f:9c:be:95:bb:
62:62:34:02:24:b6:c9:d9:50:eb:f4:22:b5:02:5b:c4:1e:0e:
2c:53:54:e5:e3:0b:f8:c5:f3:6e:ca:e6:be:dd:58:7b:49:0b:
31:d2:b3:b3:ed:08:1c:ac:9e:31:39:26:05:ae:60:11:b0:db:
ff:76:c2:3c:cf:01:8e:4c:23:2c:2b:96:c8:03:01:0e:e0:9b:
3f:6f:a0:df:36:ea:39:fa:c9:99:c3:a1:71:29:c4:96:b0:30:
9b:8b:64:25:69:f8:7f:b1:86:99:dc:23:0e:5d:1e:be:46:47:
c9:e2:4b:f9:b6:3c:8f:e5:cd:20:c9:d8:eb:01:80:40:33:73:
e7:8e:d1:5e:cb:f0:e6:7b:2a:da:bf:57:d2:ec:23:e9:12:b0:
9c:bd:1f:b3:52:44:ec:93:4a:b6:be:50:cd:d0:11:65:31:25:
98:f0:16:2c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZLebVqLZfH6mUtV3Dz9F3EYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjQxMDMwMTcxNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzQ3ZGYwYjM1NDE1YmFiOTgzZTMxMzEzYjE4NjcwZTgzMzZmNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDTEhHQ+bRAJSUETUrPZDyBrI6Du
Mb77SdfasD2rdmdLZefRBAjW7ZSp/vrShPJCwOYPgdd21t3iat/o/gOKvkvbmTnC
R1i6E2E/ORFJ38hCJQLWx0/n6s4UxdFecQc4PP4R23VOHcX3OoWktwufCHEWca9R
wLSbUlT8wNivlGJZcVgNR57C2UquzjW8Bmc5T2agb3aiTgXk9//A3gvPswTqBC35
0lX9jz0q+89R9PwTuK6XyfDdxJwqQOpsjphnT/7tJPrEaH+eeSfV7/v1+aEE9SNe
V6emY+z26iZXsf2B/L2I4pCdwizV8alXSyvJvzOR6IYOzMiy5jAjQ6QKFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEdH3ws1QVurmD4xMTsYZw6DNvaqMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvUjBmZkN6VkJXNnVZUGpFeE94aG5Eb00yOXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAZ2bmAwQA
yzdRMA0EAgACMAcDBQAqE8fAMA0GCSqGSIb3DQEBCwUAA4IBAQBuUJG4+seetYeR
VRVgl1VAZK4AtD0WdfSS0gspwg63iBFebJepM5B9HyobBUrNk2ETqck+gAV8rtGc
1sALdYIUIZd5fQDd8cFuZ0sQ7oAUMFCUSbroP5y+lbtiYjQCJLbJ2VDr9CK1AlvE
Hg4sU1Tl4wv4xfNuyua+3Vh7SQsx0rOz7QgcrJ4xOSYFrmARsNv/dsI8zwGOTCMs
K5bIAwEO4Js/b6DfNuo5+smZw6FxKcSWsDCbi2Qlafh/sYaZ3CMOXR6+RkfJ4kv5
tjyP5c0gydjrAYBAM3PnjtFey/Dmeyrav1fS7CPpErCcvR+zUkTsk0q2vlDN0BFl
MSWY8BYs
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:12 2025 by rpki-client