Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/YNzCcJSRC8GYEL7jk5kUS6mCvm8.roa
File: YNzCcJSRC8GYEL7jk5kUS6mCvm8.roa (raw, json)
Hash identifier: 6xxw8EDyZ9xpp7XyvIn514K6YaYUMzSrB4TySvUGi94=
Subject key identifier: 60:DC:C2:70:94:91:0B:C1:98:10:BE:E3:93:99:14:4B:A9:82:BE:6F
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 0196910203844068A3B1ECC7791D30E9ABDA
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/YNzCcJSRC8GYEL7jk5kUS6mCvm8.roa
Signing time: Fri 02 May 2025 12:39:10 +0000
ROA not before: Fri 02 May 2025 12:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.117.52.0/24 maxlen: 24
45.117.54.0/24 maxlen: 24
45.123.144.0/24 maxlen: 24
103.4.248.0/24 maxlen: 24
103.4.249.0/24 maxlen: 24
103.4.250.0/24 maxlen: 24
103.4.251.0/24 maxlen: 24
103.49.155.0/24 maxlen: 24
103.196.8.0/24 maxlen: 24
103.196.9.0/24 maxlen: 24
103.216.0.0/24 maxlen: 24
103.216.1.0/24 maxlen: 24
103.216.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 May 2025 13:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:91:02:03:84:40:68:a3:b1:ec:c7:79:1d:30:e9:ab:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: May 2 12:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60dcc27094910bc19810bee39399144ba982be6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ab:9c:84:e8:1d:dc:7b:13:6f:10:c2:b6:d6:
55:03:48:7f:e1:6f:04:97:37:13:cc:71:62:a4:4c:
91:4c:9a:f9:a0:45:58:6d:b0:8e:b6:97:80:94:bb:
e5:6a:5e:33:83:8d:78:f2:af:cb:a3:64:28:8b:9a:
f9:2c:e9:65:92:e5:b9:b0:29:1b:4c:00:e3:1c:44:
1b:8a:c5:8a:6a:ed:7e:71:31:29:26:f8:1c:95:40:
08:ea:b0:fe:a2:78:48:ab:ed:41:d5:0d:44:d9:a6:
b5:be:28:46:46:e5:a5:ba:c3:a7:34:af:84:30:21:
cf:2e:91:d9:06:9e:ac:b1:ee:c6:de:d0:4b:2d:3a:
f2:6b:60:83:06:18:99:76:6b:3f:f8:e5:6d:98:57:
0a:d3:d2:16:d3:e0:40:9e:39:b9:05:29:b9:83:e3:
67:fd:c8:57:8e:00:a2:d5:e2:1d:2b:31:64:b4:9a:
46:9a:45:6c:d6:ed:27:84:69:f2:fa:ff:e3:ba:8f:
45:eb:51:00:59:1e:3d:04:a5:83:6b:85:67:2f:8e:
db:ce:94:16:eb:80:f2:53:88:9e:c5:3f:7c:3f:6a:
2a:bc:1e:64:dd:4d:9d:3f:07:2f:02:b2:f2:4f:71:
63:3a:c1:8c:f7:d9:ed:42:a3:03:3c:1c:cd:88:0a:
16:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DC:C2:70:94:91:0B:C1:98:10:BE:E3:93:99:14:4B:A9:82:BE:6F
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/YNzCcJSRC8GYEL7jk5kUS6mCvm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.117.52.0/24
45.117.54.0/24
45.123.144.0/24
103.4.248.0/22
103.49.155.0/24
103.196.8.0/23
103.216.0.0/23
103.216.3.0/24
Signature Algorithm: sha256WithRSAEncryption
64:bb:95:7a:45:c1:a5:30:26:14:97:45:46:6e:3e:e6:46:f9:
cd:00:34:21:fc:15:6b:e2:f4:fd:54:09:7e:db:1c:1d:5a:1b:
ce:b6:43:a4:bf:2d:d4:c6:b7:c6:be:ed:4c:1e:8d:ce:f1:84:
76:c6:c3:ce:6a:1c:cb:bb:ba:cf:44:e6:ae:7a:28:f8:63:d0:
25:d4:9c:5f:d4:47:7a:d0:91:6d:e7:ac:43:b3:56:3f:cd:4e:
0b:ea:4e:01:58:fa:ee:a4:e0:3b:55:89:81:c6:44:44:23:44:
d9:ad:0c:38:55:f3:68:47:2e:f2:23:8c:4f:69:e0:b3:f5:c2:
e4:d2:c9:a4:2b:1e:a5:b7:b9:74:b5:bb:2b:26:85:3a:88:59:
40:6e:97:97:95:0b:56:a8:d0:b0:8e:70:9f:fc:57:69:7b:df:
9c:08:2b:cb:be:17:1b:81:56:af:a7:45:4f:62:04:5a:f4:4a:
58:6c:ee:16:6e:eb:f5:e1:77:79:17:67:0a:e1:ae:af:14:17:
30:ae:02:ad:b6:41:de:0f:9d:cc:3b:ba:73:33:bb:36:a1:ba:
80:84:7b:6c:44:f9:0f:47:37:b7:90:de:63:e4:07:af:1d:69:
e1:dc:74:52:60:66:57:b6:73:47:42:52:bf:29:22:17:f5:95:
46:1b:31:ae
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZaRAgOEQGijsezHeR0w6avaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUwNTAyMTIzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGRjYzI3MDk0OTEwYmMxOTgxMGJlZTM5Mzk5MTQ0YmE5ODJiZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKuchOgd3HsTbxDCttZVA0h/4W8E
lzcTzHFipEyRTJr5oEVYbbCOtpeAlLvlal4zg4148q/Lo2Qoi5r5LOllkuW5sCkb
TADjHEQbisWKau1+cTEpJvgclUAI6rD+onhIq+1B1Q1E2aa1vihGRuWlusOnNK+E
MCHPLpHZBp6sse7G3tBLLTrya2CDBhiZdms/+OVtmFcK09IW0+BAnjm5BSm5g+Nn
/chXjgCi1eIdKzFktJpGmkVs1u0nhGny+v/juo9F61EAWR49BKWDa4VnL47bzpQW
64DyU4iexT98P2oqvB5k3U2dPwcvArLyT3FjOsGM99ntQqMDPBzNiAoWdwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGDcwnCUkQvBmBC+45OZFEupgr5vMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvWU56Q2NKU1JDOEdZRUw3ams1a1VTNm1Ddm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALXU0AwQA
LXU2AwQALXuQAwQCZwT4AwQAZzGbAwQBZ8QIAwQBZ9gAAwQAZ9gDMA0GCSqGSIb3
DQEBCwUAA4IBAQBku5V6RcGlMCYUl0VGbj7mRvnNADQh/BVr4vT9VAl+2xwdWhvO
tkOkvy3UxrfGvu1MHo3O8YR2xsPOahzLu7rPROaueij4Y9Al1Jxf1Ed60JFt56xD
s1Y/zU4L6k4BWPrupOA7VYmBxkREI0TZrQw4VfNoRy7yI4xPaeCz9cLk0smkKx6l
t7l0tbsrJoU6iFlAbpeXlQtWqNCwjnCf/Fdpe9+cCCvLvhcbgVavp0VPYgRa9EpY
bO4Wbuv14Xd5F2cK4a6vFBcwrgKttkHeD53MO7pzM7s2obqAhHtsRPkPRze3kN5j
5AevHWnh3HRSYGZXtnNHQlK/KSIX9ZVGGzGu
-----END CERTIFICATE-----
Generated at Mon May 5 16:23:08 2025 by rpki-client