Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/YPDL8YZPfITe4fNo50VS4W-p3CE.roa
File: YPDL8YZPfITe4fNo50VS4W-p3CE.roa (raw, json)
Hash identifier: +Q1h4c44rzqcRYIcNjfVNnOGD1F+sjzFejdm3eL0MUI=
Subject key identifier: 60:F0:CB:F1:86:4F:7C:84:DE:E1:F3:68:E7:45:52:E1:6F:A9:DC:21
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 01957E324A6DA9495258402C411DC95DAD2C
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/YPDL8YZPfITe4fNo50VS4W-p3CE.roa
Signing time: Mon 10 Mar 2025 03:56:19 +0000
ROA not before: Mon 10 Mar 2025 03:56:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141718
IP address blocks: 45.155.90.0/24 maxlen: 24
45.155.226.0/24 maxlen: 24
45.156.223.0/24 maxlen: 24
103.211.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 02:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7e:32:4a:6d:a9:49:52:58:40:2c:41:1d:c9:5d:ad:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Mar 10 03:56:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60f0cbf1864f7c84dee1f368e74552e16fa9dc21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:4f:d1:b2:1f:a9:c1:5f:7c:f7:79:d6:5d:b5:
2d:fd:15:f7:88:7d:85:a5:eb:34:92:fe:7b:43:be:
3d:4a:c5:99:3d:26:4b:59:8e:89:6b:54:f5:6b:d1:
8e:2c:59:34:6b:26:86:94:5c:3c:71:d9:9c:8b:bd:
9f:41:a1:20:84:e6:cc:a1:cb:ac:0d:e4:05:70:aa:
94:11:00:58:27:2f:a7:85:f4:5e:65:f7:85:4f:d6:
1c:5b:08:99:29:1c:e9:13:88:d1:0b:71:d1:0b:23:
24:16:6d:41:02:a9:bd:c5:94:56:6a:92:d8:51:f8:
b7:75:29:20:32:92:d2:e7:f9:0e:29:4f:af:71:be:
d1:76:ba:06:79:5f:be:1f:bf:68:e9:3e:bc:41:68:
cb:e0:ee:54:1c:0d:89:6e:03:8b:cb:15:59:ac:04:
eb:de:7c:35:59:d3:58:c8:24:e3:cd:6c:db:ec:38:
1f:63:b6:a5:07:5f:bb:2d:43:a7:5e:4b:e7:3c:be:
4c:ef:c1:b7:6a:af:2e:b3:86:a3:03:f6:a6:91:34:
42:7a:c1:63:7c:f5:60:fe:31:54:85:35:31:39:d1:
9d:64:b5:47:38:46:d8:39:5d:94:d3:d4:90:3c:4c:
94:91:b5:48:73:64:db:16:33:7f:d7:ce:55:c0:69:
4b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F0:CB:F1:86:4F:7C:84:DE:E1:F3:68:E7:45:52:E1:6F:A9:DC:21
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/YPDL8YZPfITe4fNo50VS4W-p3CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.90.0/24
45.155.226.0/24
45.156.223.0/24
103.211.103.0/24
Signature Algorithm: sha256WithRSAEncryption
16:2c:b7:9e:06:54:37:77:09:8d:8e:1a:22:cc:56:d1:52:a6:
69:f7:c6:ca:8f:ea:84:e3:bf:ab:76:32:8c:85:bf:db:2d:a5:
f3:0e:1b:46:13:b7:8e:50:95:71:fd:98:91:4a:1c:24:4e:66:
5f:b8:dc:b9:de:bf:88:a0:01:84:b8:11:7b:44:41:98:8e:79:
fe:a5:27:8c:49:a5:d1:83:3f:24:a2:7c:f2:0a:08:5c:b6:93:
b5:7d:a1:93:cb:52:49:1a:04:c8:9a:15:3e:48:ff:d0:f6:6b:
59:93:85:bb:03:f9:3e:1a:5c:9c:80:aa:4f:00:18:1b:bd:43:
7a:2d:57:4b:4e:4b:c4:7c:60:49:8f:85:2d:27:2b:ad:77:76:
68:d5:2d:a4:c4:3d:ca:26:42:c0:34:8b:c8:8e:7e:a6:09:c8:
7f:3f:b8:84:4b:18:bb:78:be:37:12:0b:ef:b6:a5:25:9c:d5:
f4:d2:b9:b8:c7:00:d6:ea:96:c2:3b:3e:5d:8a:55:87:a3:c9:
a5:63:55:83:03:72:98:a4:5f:eb:e0:49:7d:60:64:b8:39:5b:
27:0d:02:33:4f:64:6d:9b:9e:d2:d2:ed:be:e6:c4:74:31:ce:
51:75:4d:90:aa:e2:f3:41:5d:9c:6b:b5:df:6b:a0:6f:20:5d:
71:75:da:dd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZV+MkptqUlSWEAsQR3JXa0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwMzEwMDM1NjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGYwY2JmMTg2NGY3Yzg0ZGVlMWYzNjhlNzQ1NTJlMTZmYTlkYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9E/Rsh+pwV9893nWXbUt/RX3iH2F
pes0kv57Q749SsWZPSZLWY6Ja1T1a9GOLFk0ayaGlFw8cdmci72fQaEghObMocus
DeQFcKqUEQBYJy+nhfReZfeFT9YcWwiZKRzpE4jRC3HRCyMkFm1BAqm9xZRWapLY
Ufi3dSkgMpLS5/kOKU+vcb7RdroGeV++H79o6T68QWjL4O5UHA2JbgOLyxVZrATr
3nw1WdNYyCTjzWzb7DgfY7alB1+7LUOnXkvnPL5M78G3aq8us4ajA/amkTRCesFj
fPVg/jFUhTUxOdGdZLVHOEbYOV2U09SQPEyUkbVIc2TbFjN/185VwGlLqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGDwy/GGT3yE3uHzaOdFUuFvqdwhMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvWVBETDhZWlBmSVRlNGZObzUwVlM0Vy1wM0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZtaAwQA
LZviAwQALZzfAwQAZ9NnMA0GCSqGSIb3DQEBCwUAA4IBAQAWLLeeBlQ3dwmNjhoi
zFbRUqZp98bKj+qE47+rdjKMhb/bLaXzDhtGE7eOUJVx/ZiRShwkTmZfuNy53r+I
oAGEuBF7REGYjnn+pSeMSaXRgz8konzyCghctpO1faGTy1JJGgTImhU+SP/Q9mtZ
k4W7A/k+GlycgKpPABgbvUN6LVdLTkvEfGBJj4UtJyutd3Zo1S2kxD3KJkLANIvI
jn6mCch/P7iESxi7eL43EgvvtqUlnNX00rm4xwDW6pbCOz5dilWHo8mlY1WDA3KY
pF/r4El9YGS4OVsnDQIzT2Rtm57S0u2+5sR0Mc5RdU2QquLzQV2ca7Xfa6BvIF1x
ddrd
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:21:18 2025 by rpki-client