Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/zzo8XJd9mvGROz3xj6SV1cx-AC0.roa
File: zzo8XJd9mvGROz3xj6SV1cx-AC0.roa (raw, json)
Hash identifier: 0oTEjr74fYmDFM/LnP1ZERx+Y5a3AG2GGmYWGUWzWLE=
Subject key identifier: CF:3A:3C:5C:97:7D:9A:F1:91:3B:3D:F1:8F:A4:95:D5:CC:7E:00:2D
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018DA2283BCEA5DFF70F4FEB5A617E0D9485
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/zzo8XJd9mvGROz3xj6SV1cx-AC0.roa
Signing time: Tue 13 Feb 2024 11:09:22 +0000
ROA not before: Tue 13 Feb 2024 11:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36113
IP address blocks: 103.102.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Feb 2024 10:46:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:28:3b:ce:a5:df:f7:0f:4f:eb:5a:61:7e:0d:94:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Feb 13 11:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf3a3c5c977d9af1913b3df18fa495d5cc7e002d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e5:57:d1:5e:a7:25:f7:39:59:71:95:7c:ec:
6d:64:62:c8:02:43:e7:07:9f:4b:89:87:a0:ee:df:
02:e8:bf:3a:5b:f5:20:5a:65:bc:24:fa:6f:aa:cf:
14:d3:15:4e:07:03:0b:03:4b:da:d9:ab:0d:f9:1d:
1b:5a:97:ed:44:0c:37:fd:65:67:af:f1:f6:0b:eb:
3a:11:31:1a:8a:d9:fc:fc:28:9c:3a:29:90:ef:8b:
d5:fb:d9:23:0a:29:c7:79:e6:eb:02:ab:df:47:30:
66:1d:d1:f2:59:57:8a:1d:68:85:e1:51:9c:05:95:
0a:c6:da:06:03:c8:2e:94:bc:12:a7:55:fd:a3:70:
90:24:81:c9:c0:3a:98:58:1a:32:89:61:7a:37:9f:
cc:d0:29:1c:ad:93:82:dc:a4:26:4c:39:c8:22:bc:
8b:a9:8b:4b:4f:b8:c3:2b:75:ef:4f:23:92:67:20:
71:4d:b6:10:d7:01:50:05:1d:39:6f:42:4e:6c:10:
bb:ab:fc:b9:b2:5e:71:d3:da:39:e7:62:51:db:84:
73:c8:6d:c8:25:77:fd:5b:5e:9f:d5:65:6a:9e:e0:
9e:99:3c:dc:29:d7:6d:5c:39:c4:27:81:ae:9e:b1:
d7:5d:30:a2:f0:1e:66:37:e7:cf:10:8c:4a:85:3f:
f1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3A:3C:5C:97:7D:9A:F1:91:3B:3D:F1:8F:A4:95:D5:CC:7E:00:2D
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/zzo8XJd9mvGROz3xj6SV1cx-AC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.231.0/24
Signature Algorithm: sha256WithRSAEncryption
67:5d:80:26:92:fa:29:95:84:27:76:f8:f7:a0:58:e1:49:e1:
1c:c8:9f:84:8b:ff:b4:b3:42:73:59:5c:f9:45:c8:e0:a2:92:
82:39:db:5e:40:a9:6d:63:d2:e9:6a:a9:89:df:0d:9e:f0:4a:
cd:c2:08:ec:77:95:d3:18:a8:bb:43:2b:ad:27:9b:50:44:74:
f5:e5:6b:ce:b8:f1:9a:36:60:70:d8:e0:28:03:81:0b:2e:c5:
b9:ee:d1:d7:38:e8:ff:39:03:fc:e0:e5:2a:77:ca:13:a4:7a:
00:4e:5d:02:2c:58:08:30:c0:03:84:8e:fe:fd:17:fb:a8:e5:
64:0b:9b:60:4b:8e:eb:8e:ab:4e:97:f0:1b:d8:90:4e:21:9a:
e5:44:be:1c:9b:d3:fa:26:73:d2:bd:85:2a:ae:0b:0c:22:5d:
05:7d:80:ea:2b:f5:a8:eb:11:41:93:91:ca:96:3c:e9:d4:e7:
04:94:9f:81:53:c5:4a:0f:b6:79:85:7e:94:24:48:e2:00:44:
24:2a:1d:0e:ae:ff:88:6a:74:44:c0:66:6e:b6:90:f6:4c:da:
48:13:14:09:68:70:93:cb:41:98:f0:6a:2a:84:7e:d5:00:55:
09:7d:c3:e8:9f:da:f6:a3:bf:ba:f0:86:7c:2c:37:b9:58:1d:
7c:b8:48:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2iKDvOpd/3D0/rWmF+DZSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjQwMjEzMTEwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjNhM2M1Yzk3N2Q5YWYxOTEzYjNkZjE4ZmE0OTVkNWNjN2UwMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuVX0V6nJfc5WXGVfOxtZGLIAkPn
B59LiYeg7t8C6L86W/UgWmW8JPpvqs8U0xVOBwMLA0va2asN+R0bWpftRAw3/WVn
r/H2C+s6ETEaitn8/CicOimQ74vV+9kjCinHeebrAqvfRzBmHdHyWVeKHWiF4VGc
BZUKxtoGA8gulLwSp1X9o3CQJIHJwDqYWBoyiWF6N5/M0CkcrZOC3KQmTDnIIryL
qYtLT7jDK3XvTyOSZyBxTbYQ1wFQBR05b0JObBC7q/y5sl5x09o552JR24RzyG3I
JXf9W16f1WVqnuCemTzcKddtXDnEJ4GunrHXXTCi8B5mN+fPEIxKhT/xyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM86PFyXfZrxkTs98Y+kldXMfgAtMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvenpvOFhKZDltdkdST3ozeGo2U1YxY3gtQUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2bnMA0G
CSqGSIb3DQEBCwUAA4IBAQBnXYAmkvoplYQndvj3oFjhSeEcyJ+Ei/+0s0JzWVz5
RcjgopKCOdteQKltY9LpaqmJ3w2e8ErNwgjsd5XTGKi7QyutJ5tQRHT15WvOuPGa
NmBw2OAoA4ELLsW57tHXOOj/OQP84OUqd8oTpHoATl0CLFgIMMADhI7+/Rf7qOVk
C5tgS47rjqtOl/Ab2JBOIZrlRL4cm9P6JnPSvYUqrgsMIl0FfYDqK/Wo6xFBk5HK
ljzp1OcElJ+BU8VKD7Z5hX6UJEjiAEQkKh0Orv+IanREwGZutpD2TNpIExQJaHCT
y0GY8GoqhH7VAFUJfcPon9r2o7+68IZ8LDe5WB18uEh9
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:29:57 2025 by rpki-client