Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/kEkPFxpN9T7fz1s0WJIlTJ_lgec.roa
File: kEkPFxpN9T7fz1s0WJIlTJ_lgec.roa (raw, json)
Hash identifier: kusv304cHevoHTgtrWc2SOaH1sYQvIuYPlXUmtXiAMs=
Subject key identifier: 90:49:0F:17:1A:4D:F5:3E:DF:CF:5B:34:58:92:25:4C:9F:E5:81:E7
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 01962143C6764C40F2D9141B1FF4D3B64F0C
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/kEkPFxpN9T7fz1s0WJIlTJ_lgec.roa
Signing time: Thu 10 Apr 2025 19:53:31 +0000
ROA not before: Thu 10 Apr 2025 19:53:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399486
IP address blocks: 103.102.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 14:05:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:21:43:c6:76:4c:40:f2:d9:14:1b:1f:f4:d3:b6:4f:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Apr 10 19:53:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90490f171a4df53edfcf5b345892254c9fe581e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:78:94:f1:a0:ba:41:d0:5a:ab:eb:2c:76:1c:
a0:4e:5f:8d:c0:cf:50:61:fe:c8:ab:d1:d6:1f:58:
6c:9a:94:ee:11:9d:bd:37:82:6e:e4:2b:a8:0f:f9:
89:bf:59:1c:6a:77:5b:d5:67:03:4e:86:4e:ce:70:
ea:dc:89:bc:03:fd:63:bb:78:9e:7c:b0:1f:99:19:
f8:cd:04:0a:22:d3:fd:ba:5f:b0:4d:27:6b:2b:1a:
cf:d8:62:97:ef:2c:bc:f5:21:b1:d3:a5:b4:a4:36:
9d:14:94:89:98:fd:95:d7:f1:c6:a7:14:6f:fb:ef:
c4:dd:76:56:2c:bf:7f:e2:7f:86:bd:fa:49:c0:d5:
e7:ee:9b:bd:ef:b0:a3:ce:c6:48:39:20:f6:95:c7:
84:81:50:88:e2:d9:22:7e:0e:92:18:86:1a:37:a0:
d2:00:54:80:cd:43:7b:45:76:ff:1d:58:c5:d3:47:
d6:79:ff:10:f9:6c:08:07:e5:25:b4:30:51:35:5b:
1e:83:35:a6:6a:1a:6b:16:1b:5e:78:62:d4:48:ac:
99:e2:e2:cb:a4:c2:71:fd:6c:fb:32:17:26:d1:5f:
83:bd:e2:5d:3d:4a:5b:36:5c:3d:e7:9d:58:0c:11:
e2:e2:7a:59:34:7b:fa:dd:17:42:f8:2a:f3:4b:c6:
21:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:49:0F:17:1A:4D:F5:3E:DF:CF:5B:34:58:92:25:4C:9F:E5:81:E7
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/kEkPFxpN9T7fz1s0WJIlTJ_lgec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.102.230.0/24
Signature Algorithm: sha256WithRSAEncryption
68:5c:e2:e5:70:97:d7:8e:d0:0d:cb:43:f9:da:94:ab:88:36:
29:3b:bc:cb:f2:46:32:db:fe:41:02:44:14:23:2b:47:bd:d4:
8e:52:be:52:bf:c6:86:d9:b3:dc:ff:14:0f:e5:90:6a:9d:9f:
bf:6a:fa:f2:9b:05:31:41:08:9d:c3:74:1c:fa:bc:90:49:1e:
a0:76:4c:6f:0b:63:43:d5:cc:bf:ba:89:07:8e:c1:e9:b6:c3:
aa:12:5e:2a:81:8a:24:8f:93:f3:3b:09:be:ee:27:3d:ac:e8:
1a:2a:b8:23:f0:b1:c3:15:7d:bf:74:c5:bc:cf:fc:30:1c:a0:
c9:14:bc:05:0c:a9:64:a6:d4:b1:1f:0e:f4:eb:4d:f7:3c:72:
b9:0b:83:4f:06:34:c1:dc:62:d1:80:ac:e0:73:36:20:86:3d:
cd:dd:09:be:26:35:28:d2:45:00:18:2c:5d:87:1d:5f:bb:b8:
3c:fd:f8:60:d8:ca:51:96:45:d2:23:83:67:0c:2f:c2:be:11:
c7:82:55:63:c1:6c:9b:af:61:2a:cd:df:af:db:4c:c9:28:4b:
c4:e2:b5:58:f4:97:ab:fd:b9:3a:77:ee:9f:df:f1:d9:3b:02:
36:07:c0:ff:ea:6c:90:d6:1f:4d:2d:3e:98:13:4a:b3:b0:36:
75:69:28:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYhQ8Z2TEDy2RQbH/TTtk8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjUwNDEwMTk1MzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQ5MGYxNzFhNGRmNTNlZGZjZjViMzQ1ODkyMjU0YzlmZTU4MWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHiU8aC6QdBaq+ssdhygTl+NwM9Q
Yf7Iq9HWH1hsmpTuEZ29N4Ju5CuoD/mJv1kcandb1WcDToZOznDq3Im8A/1ju3ie
fLAfmRn4zQQKItP9ul+wTSdrKxrP2GKX7yy89SGx06W0pDadFJSJmP2V1/HGpxRv
++/E3XZWLL9/4n+GvfpJwNXn7pu977CjzsZIOSD2lceEgVCI4tkifg6SGIYaN6DS
AFSAzUN7RXb/HVjF00fWef8Q+WwIB+UltDBRNVsegzWmahprFhteeGLUSKyZ4uLL
pMJx/Wz7Mhcm0V+DveJdPUpbNlw9551YDBHi4npZNHv63RdC+CrzS8YhGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBJDxcaTfU+389bNFiSJUyf5YHnMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEva0VrUEZ4cE45VDdmejFzMFdKSWxUSl9sZ2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2bmMA0G
CSqGSIb3DQEBCwUAA4IBAQBoXOLlcJfXjtANy0P52pSriDYpO7zL8kYy2/5BAkQU
IytHvdSOUr5Sv8aG2bPc/xQP5ZBqnZ+/avrymwUxQQidw3Qc+ryQSR6gdkxvC2ND
1cy/uokHjsHptsOqEl4qgYokj5PzOwm+7ic9rOgaKrgj8LHDFX2/dMW8z/wwHKDJ
FLwFDKlkptSxHw706033PHK5C4NPBjTB3GLRgKzgczYghj3N3Qm+JjUo0kUAGCxd
hx1fu7g8/fhg2MpRlkXSI4NnDC/CvhHHglVjwWybr2Eqzd+v20zJKEvE4rVY9Jer
/bk6d+6f3/HZOwI2B8D/6myQ1h9NLT6YE0qzsDZ1aShH
-----END CERTIFICATE-----
Generated at Thu May 1 06:12:20 2025 by rpki-client