Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/kGB0A1QzZgBOnWtakqTFEq2upNU.roa
File: kGB0A1QzZgBOnWtakqTFEq2upNU.roa (raw, json)
Hash identifier: DXhYh2b1dhwna+Vt4WiuYispRWKUQFzEUwMZePije9E=
Subject key identifier: 90:60:74:03:54:33:66:00:4E:9D:6B:5A:92:A4:C5:12:AD:AE:A4:D5
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018DC3A0A610977AEAEF37E908F59A7C0420
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/kGB0A1QzZgBOnWtakqTFEq2upNU.roa
Signing time: Mon 19 Feb 2024 23:08:21 +0000
ROA not before: Mon 19 Feb 2024 23:08:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198825
IP address blocks: 103.102.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 23:41:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c3:a0:a6:10:97:7a:ea:ef:37:e9:08:f5:9a:7c:04:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Feb 19 23:08:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90607403543366004e9d6b5a92a4c512adaea4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:09:c7:75:4b:42:73:cb:69:ab:62:81:c8:8c:
cf:4e:57:46:97:19:e2:19:46:1e:1d:29:85:4b:09:
92:56:99:7f:b2:e6:5b:ce:64:f2:d4:89:6a:d2:50:
cd:e8:48:ae:7f:33:cf:e9:c1:82:06:66:1d:25:f3:
33:c3:35:54:e7:c5:c1:a0:74:e5:8a:3f:99:c2:ff:
49:c6:17:51:14:30:e7:d5:58:b7:0e:14:f8:63:61:
8c:07:26:05:d4:d5:4d:68:6d:03:80:38:8c:b0:3d:
33:fa:b8:a0:21:47:38:34:bb:03:1f:de:41:ba:fa:
47:28:37:4d:bb:00:2f:20:a5:32:20:9d:53:ef:2f:
8e:57:80:d8:d4:57:9d:02:ed:54:9d:a3:6f:75:13:
6f:c2:9e:51:06:80:20:42:0e:e0:2d:c0:57:80:d2:
40:f2:bf:fd:b9:00:dc:34:ec:6c:84:8e:73:6f:6a:
a7:d0:1d:41:fd:48:e4:86:aa:00:b2:fc:97:2a:ba:
ac:d0:43:21:48:cd:5b:fb:08:b2:45:a1:d8:b8:d2:
c6:d4:94:51:a8:02:34:1b:ff:a3:07:ba:6d:dd:88:
5b:38:27:3d:1a:3a:dd:f9:7c:29:65:c3:36:b4:3a:
a9:35:0e:83:b9:0e:c5:e4:f2:7c:38:ee:af:00:62:
4e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:60:74:03:54:33:66:00:4E:9D:6B:5A:92:A4:C5:12:AD:AE:A4:D5
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/kGB0A1QzZgBOnWtakqTFEq2upNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.230.0/24
Signature Algorithm: sha256WithRSAEncryption
59:9b:14:d3:05:89:91:fa:1b:b2:12:a3:26:24:58:bf:1e:b9:
58:71:cf:f5:17:87:29:f0:35:d1:30:e5:0a:a3:e5:d8:a6:2e:
88:0e:8d:5d:25:28:b7:26:8d:0e:2a:e9:fe:aa:1b:17:e6:32:
bb:b6:02:9d:de:50:f6:25:09:38:1c:72:b0:a6:ed:30:71:af:
34:0e:0c:07:2e:e2:63:d7:dc:ab:dc:aa:5e:3d:21:ed:cc:7d:
a8:9a:92:78:cc:6f:af:c0:55:2f:91:ae:f2:90:0e:65:75:d4:
8d:bc:41:25:b5:92:32:54:c8:b7:91:49:16:02:61:e6:5d:bb:
fe:c4:fe:d3:86:1e:63:b8:53:1b:5b:ba:89:2b:16:ed:a2:65:
6c:87:6d:3a:68:71:a9:17:b0:16:4a:14:0d:ca:57:1c:1a:07:
dc:2d:55:7d:60:12:e1:46:20:42:80:6b:a9:03:63:d0:4d:43:
51:b7:16:bd:b5:e1:ee:ee:6e:72:8e:76:99:5e:8f:98:d5:a1:
30:0b:9c:33:e8:75:68:ce:3a:b5:c1:fa:a5:bf:75:8f:e9:1f:
e2:ab:ad:e1:c0:dd:48:7d:86:30:55:62:dd:7e:db:f8:07:81:
8c:3c:bd:30:fc:55:c0:40:5c:e6:5a:bd:52:7e:23:96:dc:a4:
15:c8:ee:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3DoKYQl3rq7zfpCPWafAQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjQwMjE5MjMwODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDYwNzQwMzU0MzM2NjAwNGU5ZDZiNWE5MmE0YzUxMmFkYWVhNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQnHdUtCc8tpq2KByIzPTldGlxni
GUYeHSmFSwmSVpl/suZbzmTy1Ilq0lDN6EiufzPP6cGCBmYdJfMzwzVU58XBoHTl
ij+Zwv9JxhdRFDDn1Vi3DhT4Y2GMByYF1NVNaG0DgDiMsD0z+rigIUc4NLsDH95B
uvpHKDdNuwAvIKUyIJ1T7y+OV4DY1FedAu1UnaNvdRNvwp5RBoAgQg7gLcBXgNJA
8r/9uQDcNOxshI5zb2qn0B1B/UjkhqoAsvyXKrqs0EMhSM1b+wiyRaHYuNLG1JRR
qAI0G/+jB7pt3YhbOCc9Gjrd+XwpZcM2tDqpNQ6DuQ7F5PJ8OO6vAGJO7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBgdANUM2YATp1rWpKkxRKtrqTVMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEva0dCMEExUXpaZ0JPbld0YWtxVEZFcTJ1cE5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2bmMA0G
CSqGSIb3DQEBCwUAA4IBAQBZmxTTBYmR+huyEqMmJFi/HrlYcc/1F4cp8DXRMOUK
o+XYpi6IDo1dJSi3Jo0OKun+qhsX5jK7tgKd3lD2JQk4HHKwpu0wca80DgwHLuJj
19yr3KpePSHtzH2ompJ4zG+vwFUvka7ykA5lddSNvEEltZIyVMi3kUkWAmHmXbv+
xP7Thh5juFMbW7qJKxbtomVsh206aHGpF7AWShQNylccGgfcLVV9YBLhRiBCgGup
A2PQTUNRtxa9teHu7m5yjnaZXo+Y1aEwC5wz6HVozjq1wfqlv3WP6R/iq63hwN1I
fYYwVWLdftv4B4GMPL0w/FXAQFzmWr1SfiOW3KQVyO7L
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:55:14 2025 by rpki-client