Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/lCPzY99olBVhGlr-hA2WttDbIWM.roa
File: lCPzY99olBVhGlr-hA2WttDbIWM.roa (raw, json)
Hash identifier: 2jyGh0CcXtbdZEp+iGyMVZ9eyF/tlTabeY+bDVM2/Bw=
Subject key identifier: 94:23:F3:63:DF:68:94:15:61:1A:5A:FE:84:0D:96:B6:D0:DB:21:63
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 01953BFDC92E95DEA48DB4E946C7C99EAE7C
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/lCPzY99olBVhGlr-hA2WttDbIWM.roa
Signing time: Tue 25 Feb 2025 07:24:02 +0000
ROA not before: Tue 25 Feb 2025 07:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 103.137.162.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 25 Feb 2025 07:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3b:fd:c9:2e:95:de:a4:8d:b4:e9:46:c7:c9:9e:ae:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Feb 25 07:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9423f363df689415611a5afe840d96b6d0db2163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:31:0c:72:38:1c:e2:6c:e8:12:75:0f:a8:21:
22:6c:05:43:0c:84:3a:f3:ef:17:72:31:d3:ba:2d:
83:06:db:ac:93:bd:f3:7e:cb:65:b1:b9:c4:57:c5:
81:f9:09:9c:dc:5a:f6:b7:14:65:ba:df:fe:de:b3:
bc:70:e6:e1:fa:02:cf:00:79:8d:d3:f5:6c:8f:7a:
76:02:17:53:0b:60:09:0b:a4:90:fa:ea:78:00:45:
4c:7c:ad:90:74:d3:2f:4e:8b:19:f9:e5:55:84:f0:
7e:82:53:65:4a:e8:29:7c:e4:01:a5:6f:ee:65:7b:
dc:5e:7e:48:0b:8c:81:40:00:49:c5:70:20:bc:46:
e1:44:c1:00:81:8e:7c:9e:01:21:16:0a:18:d2:c2:
bd:7f:5c:c0:cd:61:17:7f:40:ce:ed:07:00:b2:58:
81:6b:03:bf:52:22:90:8d:90:c3:dd:12:06:ea:7a:
53:8f:a9:0b:13:d5:16:c2:a1:37:87:07:25:ab:ee:
55:87:d5:47:ea:20:7d:bf:b8:b2:d2:00:41:9c:9b:
1f:1f:c1:56:aa:d1:f8:58:6e:6d:37:2b:80:2e:d9:
06:7a:4f:b0:53:5f:59:e7:ca:59:59:89:ad:2f:46:
c8:ff:96:d4:90:f8:24:03:dd:7b:45:c5:50:1b:89:
1f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:23:F3:63:DF:68:94:15:61:1A:5A:FE:84:0D:96:B6:D0:DB:21:63
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/lCPzY99olBVhGlr-hA2WttDbIWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.137.162.0/23
Signature Algorithm: sha256WithRSAEncryption
98:0f:56:ed:19:3b:1e:f7:33:71:e1:cb:0b:30:7d:56:51:44:
b4:90:35:a7:2d:d4:5a:84:c5:61:68:68:15:c4:8f:47:c1:9d:
36:86:1f:64:dd:bd:c2:21:30:ac:1c:00:a6:e0:9a:b5:2a:ae:
b1:95:1c:14:48:65:42:88:57:b2:9b:3d:c8:1d:a2:74:6b:5a:
b1:67:61:1a:52:3b:a2:d9:b9:02:13:0d:7f:fa:12:01:b5:0f:
61:51:23:74:30:90:a7:88:89:3b:92:86:0c:f7:bd:c8:bc:cc:
66:d2:85:9c:ff:0c:45:9b:56:73:30:d8:49:ad:b6:7c:c3:27:
94:4c:78:0d:8c:70:79:3f:95:95:19:f1:81:1f:16:d5:fe:34:
ae:0c:a7:78:ab:d5:c0:58:cb:d1:67:c0:f4:8e:b2:5f:f3:a4:
04:37:a6:92:fb:69:dd:1e:ce:c0:9d:2c:ed:e5:11:5f:6a:d5:
7b:25:a6:d5:bf:b2:63:58:92:10:bb:e9:a2:39:2f:6c:d5:77:
5f:38:e0:fc:f3:44:1c:db:73:21:64:68:bf:94:d2:a7:38:7d:
1f:f1:47:77:f7:77:da:10:82:e0:d5:5c:2e:d6:aa:d9:15:69:
7a:bc:00:20:b8:35:23:12:0b:1e:d6:77:7a:f4:90:a5:f6:bc:
90:13:83:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU7/ckuld6kjbTpRsfJnq58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUwMjI1MDcyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDIzZjM2M2RmNjg5NDE1NjExYTVhZmU4NDBkOTZiNmQwZGIyMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDEMcjgc4mzoEnUPqCEibAVDDIQ6
8+8XcjHTui2DBtusk73zfstlsbnEV8WB+Qmc3Fr2txRlut/+3rO8cObh+gLPAHmN
0/Vsj3p2AhdTC2AJC6SQ+up4AEVMfK2QdNMvTosZ+eVVhPB+glNlSugpfOQBpW/u
ZXvcXn5IC4yBQABJxXAgvEbhRMEAgY58ngEhFgoY0sK9f1zAzWEXf0DO7QcAsliB
awO/UiKQjZDD3RIG6npTj6kLE9UWwqE3hwclq+5Vh9VH6iB9v7iy0gBBnJsfH8FW
qtH4WG5tNyuALtkGek+wU19Z58pZWYmtL0bI/5bUkPgkA917RcVQG4kfNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQj82PfaJQVYRpa/oQNlrbQ2yFjMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvbENQelk5OW9sQlZoR2xyLWhBMld0dERiSVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ4miMA0G
CSqGSIb3DQEBCwUAA4IBAQCYD1btGTse9zNx4csLMH1WUUS0kDWnLdRahMVhaGgV
xI9HwZ02hh9k3b3CITCsHACm4Jq1Kq6xlRwUSGVCiFeymz3IHaJ0a1qxZ2EaUjui
2bkCEw1/+hIBtQ9hUSN0MJCniIk7koYM973IvMxm0oWc/wxFm1ZzMNhJrbZ8wyeU
THgNjHB5P5WVGfGBHxbV/jSuDKd4q9XAWMvRZ8D0jrJf86QEN6aS+2ndHs7AnSzt
5RFfatV7JabVv7JjWJIQu+miOS9s1XdfOOD880Qc23MhZGi/lNKnOH0f8Ud393fa
EILg1Vwu1qrZFWl6vAAguDUjEgse1nd69JCl9ryQE4N2
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:10:01 2025 by rpki-client