Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/cfHqy-NK8mQtHjPmen2eWoEbHPc.roa
File: cfHqy-NK8mQtHjPmen2eWoEbHPc.roa (raw, json)
Hash identifier: khN8WPc8/65GH/ZpGZvUNdRRyxLmyFiyis8Yc5K1r3M=
Subject key identifier: 71:F1:EA:CB:E3:4A:F2:64:2D:1E:33:E6:7A:7D:9E:5A:81:1B:1C:F7
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018D9D77BC6E67DE1075C387EE8EA54CF03B
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/cfHqy-NK8mQtHjPmen2eWoEbHPc.roa
Signing time: Mon 12 Feb 2024 13:18:06 +0000
ROA not before: Mon 12 Feb 2024 13:18:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216167
IP address blocks: 103.102.228.0/24 maxlen: 24
203.55.81.0/24 maxlen: 24
2a13:c7c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 Apr 2024 15:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:77:bc:6e:67:de:10:75:c3:87:ee:8e:a5:4c:f0:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Feb 12 13:18:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71f1eacbe34af2642d1e33e67a7d9e5a811b1cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:35:ca:fa:d2:79:fe:24:07:dc:73:93:83:f4:
b7:1f:71:04:90:3e:d7:37:fc:ad:77:97:2c:f3:76:
b7:d6:da:18:2e:d7:1a:d1:e8:2c:68:08:81:ef:88:
fd:64:1f:c4:d3:4c:27:42:91:be:8e:7a:6a:54:f6:
cf:8a:51:97:91:a9:88:c8:67:f5:a5:6d:0c:a8:c7:
45:bb:f5:fd:9b:a0:89:c2:d0:f4:70:cd:53:af:9e:
e6:de:e1:f9:47:8d:c8:11:42:76:bc:51:8b:ba:06:
92:a8:cb:9d:96:5c:f7:d1:30:f1:97:8b:8b:7e:53:
db:7e:4c:83:0d:62:64:18:91:8c:55:38:2b:84:69:
a4:09:9d:b8:ad:b4:ad:13:68:bb:62:93:72:4c:a5:
17:fe:c9:4e:87:58:b4:74:63:0f:74:1e:88:ae:14:
5a:ad:e7:da:74:89:3e:23:5d:9a:9e:87:c8:1c:fc:
f2:6d:2f:cc:4d:30:35:bf:03:1e:9d:af:a8:2b:3b:
4f:6b:69:de:f0:15:4d:c3:d4:0d:d3:5e:44:23:ad:
1f:8e:c5:7b:ad:cd:0d:12:76:bf:06:f6:a1:e8:7c:
22:11:f6:ae:32:b2:54:52:b8:ff:a6:b6:95:82:b2:
8f:7b:55:a3:48:7e:30:83:85:7b:78:93:33:8d:89:
c8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F1:EA:CB:E3:4A:F2:64:2D:1E:33:E6:7A:7D:9E:5A:81:1B:1C:F7
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/cfHqy-NK8mQtHjPmen2eWoEbHPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.228.0/24
203.55.81.0/24
IPv6:
2a13:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:c3:ad:f4:fc:d3:c2:e8:93:4a:a0:15:36:05:da:69:7a:a5:
50:65:74:b5:46:73:58:f2:7d:d8:4f:5f:3a:8b:21:34:7e:f1:
d6:0e:47:dd:ea:ee:eb:ef:a6:bf:a9:9b:ab:4d:41:93:7e:a2:
8d:3d:6d:9b:3a:93:0c:4e:42:10:ff:70:ae:13:58:b6:80:cc:
9b:1b:07:7f:d6:06:66:d8:ac:2c:0c:70:03:a4:42:0b:9a:1e:
2b:6e:8b:72:b1:3e:39:3b:06:89:62:f1:fb:b1:cb:35:48:eb:
d0:42:d3:a4:16:a6:69:26:41:16:36:88:25:c7:a2:51:74:77:
62:6e:56:25:8a:65:88:2e:cf:80:cd:3b:a9:68:39:cc:46:5a:
e1:bc:1a:b7:55:34:a1:4d:97:f1:8d:a8:49:1b:00:07:e4:b1:
ba:f7:2e:a3:31:f5:42:95:41:08:e5:21:5a:4b:33:38:13:5c:
da:0b:e2:1c:3c:9c:2e:91:cc:65:61:1e:ac:92:17:e5:65:e7:
34:69:3a:8b:8c:7a:e9:47:fc:8b:03:aa:6d:56:c3:39:c5:3c:
4f:d1:ef:59:e3:c1:b4:99:f8:a9:f4:8f:84:4b:f8:0e:f3:a8:
e3:5f:c6:0b:3d:e0:b7:c2:63:36:d4:00:e2:86:7e:e0:01:71:
a5:5f:e4:3f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2dd7xuZ94QdcOH7o6lTPA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjQwMjEyMTMxODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWYxZWFjYmUzNGFmMjY0MmQxZTMzZTY3YTdkOWU1YTgxMWIxY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzXK+tJ5/iQH3HOTg/S3H3EEkD7X
N/ytd5cs83a31toYLtca0egsaAiB74j9ZB/E00wnQpG+jnpqVPbPilGXkamIyGf1
pW0MqMdFu/X9m6CJwtD0cM1Tr57m3uH5R43IEUJ2vFGLugaSqMudllz30TDxl4uL
flPbfkyDDWJkGJGMVTgrhGmkCZ24rbStE2i7YpNyTKUX/slOh1i0dGMPdB6IrhRa
refadIk+I12anofIHPzybS/MTTA1vwMena+oKztPa2ne8BVNw9QN015EI60fjsV7
rc0NEna/Bvah6HwiEfauMrJUUrj/praVgrKPe1WjSH4wg4V7eJMzjYnIEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHHx6svjSvJkLR4z5np9nlqBGxz3MB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvY2ZIcXktTks4bVF0SGpQbWVuMmVXb0ViSFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAZ2bkAwQA
yzdRMA0EAgACMAcDBQAqE8fAMA0GCSqGSIb3DQEBCwUAA4IBAQAqw630/NPC6JNK
oBU2BdppeqVQZXS1RnNY8n3YT186iyE0fvHWDkfd6u7r76a/qZurTUGTfqKNPW2b
OpMMTkIQ/3CuE1i2gMybGwd/1gZm2KwsDHADpEILmh4rbotysT45OwaJYvH7scs1
SOvQQtOkFqZpJkEWNoglx6JRdHdiblYlimWILs+AzTupaDnMRlrhvBq3VTShTZfx
jahJGwAH5LG69y6jMfVClUEI5SFaSzM4E1zaC+IcPJwukcxlYR6skhflZec0aTqL
jHrpR/yLA6ptVsM5xTxP0e9Z48G0mfip9I+ES/gO86jjX8YLPeC3wmM21ADihn7g
AXGlX+Q/
-----END CERTIFICATE-----
Generated at Fri Apr 19 23:24:45 2024 by rpki-client on console.sobornost.net