Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/4f17fa-d5e8-439d-87a2-df32a25c5f2f/1/YOWAmlH3Vso58NjcHAegqZX2WxM.roa
File: YOWAmlH3Vso58NjcHAegqZX2WxM.roa (raw, json)
Hash identifier: mm1KumfJETQg1/Sd5ZLk2PqD6W9EM9W66UhN8neClN4=
Subject key identifier: 60:E5:80:9A:51:F7:56:CA:39:F0:D8:DC:1C:07:A0:A9:95:F6:5B:13
Certificate issuer: /CN=9cce1600f50735960f86d621cd4f5f59f879a0e8
Certificate serial: 01946A43AF3985FE6EAD502B2F0B07CC5B0B
Authority key identifier: 9C:CE:16:00:F5:07:35:96:0F:86:D6:21:CD:4F:5F:59:F8:79:A0:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nM4WAPUHNZYPhtYhzU9fWfh5oOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/4f17fa-d5e8-439d-87a2-df32a25c5f2f/1/YOWAmlH3Vso58NjcHAegqZX2WxM.roa
Signing time: Wed 15 Jan 2025 14:00:08 +0000
ROA not before: Wed 15 Jan 2025 14:00:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25967
IP address blocks: 62.164.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 18:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6a:43:af:39:85:fe:6e:ad:50:2b:2f:0b:07:cc:5b:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cce1600f50735960f86d621cd4f5f59f879a0e8
Validity
Not Before: Jan 15 14:00:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60e5809a51f756ca39f0d8dc1c07a0a995f65b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d3:ea:ee:73:71:dc:df:71:ad:70:8d:76:11:
43:c1:b1:69:a8:85:b6:df:d2:9d:31:34:cc:93:ac:
3e:9d:f4:06:7d:fc:b6:b8:2a:b1:6a:72:74:3e:e5:
a1:9b:6a:4f:89:92:f3:d5:73:d8:79:9b:cd:73:63:
88:1e:8d:33:2f:fc:3e:f2:3e:ff:1f:98:71:a3:e0:
fa:e4:75:4c:e9:1d:45:bf:66:52:7c:b6:86:d6:7c:
de:d2:e3:af:03:55:80:ce:a7:ee:a4:b2:bd:61:aa:
b8:96:71:08:a7:a2:d2:0f:83:29:28:29:83:e8:7a:
a9:62:72:5b:8d:a2:e5:49:82:9a:e9:03:37:48:13:
4b:fd:0d:51:fb:0d:a2:a4:ce:5a:15:f3:54:dc:60:
ef:7b:16:48:d4:07:1d:f8:f6:66:c0:29:02:62:b9:
76:a3:3a:b1:54:1c:08:e6:7d:51:03:2a:09:06:99:
c6:71:37:6c:52:3a:a5:42:f7:ce:6d:b0:a1:85:ed:
70:0c:69:66:23:38:df:af:f0:db:14:f8:fb:6c:82:
a7:5c:bd:fe:04:3b:de:6f:ab:5a:bd:f1:b6:cc:3e:
e5:a0:4d:a1:9c:59:94:61:e0:0f:db:99:ac:f5:37:
14:c1:90:d8:da:f8:97:9b:10:5f:e6:ff:00:36:fa:
38:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E5:80:9A:51:F7:56:CA:39:F0:D8:DC:1C:07:A0:A9:95:F6:5B:13
X509v3 Authority Key Identifier:
keyid:9C:CE:16:00:F5:07:35:96:0F:86:D6:21:CD:4F:5F:59:F8:79:A0:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nM4WAPUHNZYPhtYhzU9fWfh5oOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/4f17fa-d5e8-439d-87a2-df32a25c5f2f/1/YOWAmlH3Vso58NjcHAegqZX2WxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/4f17fa-d5e8-439d-87a2-df32a25c5f2f/1/nM4WAPUHNZYPhtYhzU9fWfh5oOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.153.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:cb:30:5b:42:06:06:5a:44:42:f2:51:95:b2:ba:33:03:98:
4d:45:e2:5e:0f:3b:44:df:a1:26:0c:9e:82:60:b0:b7:36:43:
85:de:c2:31:ee:d2:e9:53:9b:68:cc:00:5a:80:ec:b7:18:91:
c4:23:6d:bd:2f:16:ea:d7:e5:bd:68:24:3c:9a:2a:a1:7d:97:
26:a3:da:55:0b:03:c8:ae:c4:1f:68:3d:da:32:ea:9a:f9:23:
8f:23:a8:f1:42:de:6c:d0:c1:58:0e:95:61:e9:16:81:f0:26:
d1:70:b4:c5:18:ff:43:68:43:6f:6a:c1:39:64:2e:d7:ac:33:
57:4c:28:32:7a:6f:d5:3c:a0:77:9a:33:2a:a0:df:4d:41:5f:
db:60:b7:d3:12:92:5e:19:5e:c6:e7:5f:62:72:b6:96:7e:e1:
84:84:49:84:2a:17:d4:bd:32:27:eb:2c:b6:26:a0:eb:fd:79:
08:9d:c0:d1:9c:33:0c:6f:ee:6e:46:23:fc:00:e4:e4:82:d9:
54:64:6d:1b:c7:b6:e2:ba:39:ce:55:9a:67:78:b8:a6:64:28:
ba:d7:64:d2:61:40:92:45:0e:da:0f:fb:80:c0:9d:eb:8d:e8:
71:6b:5d:be:77:69:56:a3:ec:1f:60:be:a6:c9:22:c8:e6:80:
2e:7b:79:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRqQ685hf5urVArLwsHzFsLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljY2UxNjAwZjUwNzM1OTYwZjg2ZDYyMWNkNGY1ZjU5Zjg3
OWEwZTgwHhcNMjUwMTE1MTQwMDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGU1ODA5YTUxZjc1NmNhMzlmMGQ4ZGMxYzA3YTBhOTk1ZjY1YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9Pq7nNx3N9xrXCNdhFDwbFpqIW2
39KdMTTMk6w+nfQGffy2uCqxanJ0PuWhm2pPiZLz1XPYeZvNc2OIHo0zL/w+8j7/
H5hxo+D65HVM6R1Fv2ZSfLaG1nze0uOvA1WAzqfupLK9Yaq4lnEIp6LSD4MpKCmD
6HqpYnJbjaLlSYKa6QM3SBNL/Q1R+w2ipM5aFfNU3GDvexZI1Acd+PZmwCkCYrl2
ozqxVBwI5n1RAyoJBpnGcTdsUjqlQvfObbChhe1wDGlmIzjfr/DbFPj7bIKnXL3+
BDveb6tavfG2zD7loE2hnFmUYeAP25ms9TcUwZDY2viXmxBf5v8ANvo47QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDlgJpR91bKOfDY3BwHoKmV9lsTMB8GA1UdIwQY
MBaAFJzOFgD1BzWWD4bWIc1PX1n4eaDoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk00V0FQVUhOWllQaHRZaHpVOWZXZmg1b09nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My80ZjE3ZmEtZDVlOC00MzlkLTg3YTIt
ZGYzMmEyNWM1ZjJmLzEvWU9XQW1sSDNWc281OE5qY0hBZWdxWlgyV3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My80ZjE3ZmEtZDVlOC00MzlkLTg3YTItZGYzMmEyNWM1ZjJm
LzEvbk00V0FQVUhOWllQaHRZaHpVOWZXZmg1b09nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPqSZMA0G
CSqGSIb3DQEBCwUAA4IBAQBayzBbQgYGWkRC8lGVsrozA5hNReJeDztE36EmDJ6C
YLC3NkOF3sIx7tLpU5tozABagOy3GJHEI229Lxbq1+W9aCQ8miqhfZcmo9pVCwPI
rsQfaD3aMuqa+SOPI6jxQt5s0MFYDpVh6RaB8CbRcLTFGP9DaENvasE5ZC7XrDNX
TCgyem/VPKB3mjMqoN9NQV/bYLfTEpJeGV7G519icraWfuGEhEmEKhfUvTIn6yy2
JqDr/XkIncDRnDMMb+5uRiP8AOTkgtlUZG0bx7biujnOVZpneLimZCi612TSYUCS
RQ7aD/uAwJ3rjehxa12+d2lWo+wfYL6mySLI5oAue3m2
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:18:30 2025 by rpki-client