Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/5lfmb8imeLv1h0YJWG0nZfVBl2A.roa
File: 5lfmb8imeLv1h0YJWG0nZfVBl2A.roa (raw, json)
Hash identifier: hIhQWYtQfxL45o8SmJM6ACj+0QRcvBVKGM9u+wyB8gg=
Subject key identifier: E6:57:E6:6F:C8:A6:78:BB:F5:87:46:09:58:6D:27:65:F5:41:97:60
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01975839956F1B247ECFB09FD02E606B9DEC
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/5lfmb8imeLv1h0YJWG0nZfVBl2A.roa
Signing time: Tue 10 Jun 2025 05:04:18 +0000
ROA not before: Tue 10 Jun 2025 05:04:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 103.138.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 18:14:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:58:39:95:6f:1b:24:7e:cf:b0:9f:d0:2e:60:6b:9d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 10 05:04:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e657e66fc8a678bbf5874609586d2765f5419760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ee:57:19:74:67:59:4b:48:58:57:36:e7:52:
d3:80:13:fb:81:4d:62:4e:68:70:41:da:d7:41:5b:
ba:71:0e:8e:65:0e:01:72:20:eb:c1:95:62:57:60:
6e:bc:4d:7d:3d:d4:a1:3f:e3:14:9f:13:61:ee:bf:
e7:75:73:b8:81:a2:5e:97:65:bf:ca:d6:28:34:ae:
3a:60:44:ab:3e:1b:d3:6b:79:db:ea:8b:ce:58:b6:
4a:a9:33:c0:88:be:f8:b5:61:0e:c6:b7:2e:c7:48:
31:d5:97:6a:7d:23:e9:fa:fb:78:f5:43:a7:8b:91:
3d:b7:d4:ca:87:3b:4e:c2:70:aa:e3:29:87:09:fc:
b6:c7:7e:2c:3b:cc:bd:13:6b:4f:92:1e:d1:4f:7d:
30:9c:44:b7:23:b2:f7:69:bd:96:97:e5:8b:25:f4:
3c:35:af:ef:1e:6d:20:b1:04:d7:09:8d:55:d8:6e:
8e:6f:28:3a:40:92:af:30:99:43:f6:7b:c7:f6:c1:
be:8b:d1:45:9b:ea:5d:9f:e8:37:3f:8f:c3:55:2e:
1e:98:b7:9a:98:46:32:75:7a:66:70:da:d1:07:2c:
c8:dc:f2:fd:a1:84:4b:b2:f8:d4:a0:7f:59:e1:03:
da:e9:15:93:66:0c:43:6e:03:8d:f5:74:b6:ef:59:
b4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:57:E6:6F:C8:A6:78:BB:F5:87:46:09:58:6D:27:65:F5:41:97:60
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/5lfmb8imeLv1h0YJWG0nZfVBl2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.138.78.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:1a:71:fc:fe:5e:ac:82:9f:9f:4e:d5:45:ec:b5:6e:3f:74:
33:97:ab:17:a7:f4:88:0b:6e:40:c0:01:07:bd:2e:b5:db:c6:
8d:8f:40:d9:ac:e1:4f:91:ca:20:67:db:31:6c:d0:12:6e:e1:
31:02:5e:72:a9:70:64:fb:e7:26:26:57:30:d1:92:9a:19:eb:
f6:0f:f0:e3:85:f5:1b:a3:8b:b5:eb:55:dc:dc:9e:3d:ff:fb:
7b:b1:07:ed:2c:96:b3:ae:98:d5:21:b8:2c:c9:3f:8b:c2:7a:
ba:61:87:d8:8a:d9:98:8e:f2:ff:90:2c:a6:f6:5b:56:fa:09:
2c:88:71:b4:d5:9f:71:2e:4f:eb:05:3d:14:74:bb:27:f2:4a:
56:37:0b:9d:a1:67:c9:00:52:97:24:0d:ee:5a:0b:ab:71:ec:
64:a9:7f:40:55:20:e1:ef:71:5f:38:c6:d7:79:a7:bf:92:78:
f1:98:6f:31:51:40:75:25:b9:f5:12:64:d7:21:98:4d:1b:2c:
e4:9f:ab:42:30:80:ea:fd:97:e9:68:52:af:6f:89:3d:e5:44:
1c:99:d8:fe:cc:b1:ae:1d:0f:ab:68:40:06:c9:c9:c2:1f:27:
12:40:6d:c1:40:71:59:02:86:4e:39:1d:ba:61:26:a8:f5:5c:
b7:34:00:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdYOZVvGyR+z7Cf0C5ga53sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjEwMDUwNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjU3ZTY2ZmM4YTY3OGJiZjU4NzQ2MDk1ODZkMjc2NWY1NDE5NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6O5XGXRnWUtIWFc251LTgBP7gU1i
TmhwQdrXQVu6cQ6OZQ4BciDrwZViV2BuvE19PdShP+MUnxNh7r/ndXO4gaJel2W/
ytYoNK46YESrPhvTa3nb6ovOWLZKqTPAiL74tWEOxrcux0gx1ZdqfSPp+vt49UOn
i5E9t9TKhztOwnCq4ymHCfy2x34sO8y9E2tPkh7RT30wnES3I7L3ab2Wl+WLJfQ8
Na/vHm0gsQTXCY1V2G6Obyg6QJKvMJlD9nvH9sG+i9FFm+pdn+g3P4/DVS4emLea
mEYydXpmcNrRByzI3PL9oYRLsvjUoH9Z4QPa6RWTZgxDbgON9XS271m0aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZX5m/Ipni79YdGCVhtJ2X1QZdgMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvNWxmbWI4aW1lTHYxaDBZSldHMG5aZlZCbDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ4pOMA0G
CSqGSIb3DQEBCwUAA4IBAQCNGnH8/l6sgp+fTtVF7LVuP3Qzl6sXp/SIC25AwAEH
vS6128aNj0DZrOFPkcogZ9sxbNASbuExAl5yqXBk++cmJlcw0ZKaGev2D/DjhfUb
o4u161Xc3J49//t7sQftLJazrpjVIbgsyT+Lwnq6YYfYitmYjvL/kCym9ltW+gks
iHG01Z9xLk/rBT0UdLsn8kpWNwudoWfJAFKXJA3uWgurcexkqX9AVSDh73FfOMbX
eae/knjxmG8xUUB1Jbn1EmTXIZhNGyzkn6tCMIDq/ZfpaFKvb4k95UQcmdj+zLGu
HQ+raEAGycnCHycSQG3BQHFZAoZOOR26YSao9Vy3NACM
-----END CERTIFICATE-----
Generated at Mon Jun 16 16:35:11 2025 by rpki-client