Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/60e376-993c-4baf-b590-6e6481e5765c/1/YEWsYgMBK4N1bmMcrkwHAOjFAcA.roa
File: YEWsYgMBK4N1bmMcrkwHAOjFAcA.roa (raw, json)
Hash identifier: P/z1N2BX4jaxhr5x8Zrzt/mzlH4ywy7PmvzzqpiT8b0=
Subject key identifier: 60:45:AC:62:03:01:2B:83:75:6E:63:1C:AE:4C:07:00:E8:C5:01:C0
Certificate issuer: /CN=2050df51f0e5bc81db4b05f449f74308d7fcfa2e
Certificate serial: 0193246B6E06D70FE96666BC561E644CD895
Authority key identifier: 20:50:DF:51:F0:E5:BC:81:DB:4B:05:F4:49:F7:43:08:D7:FC:FA:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IFDfUfDlvIHbSwX0SfdDCNf8-i4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/60e376-993c-4baf-b590-6e6481e5765c/1/YEWsYgMBK4N1bmMcrkwHAOjFAcA.roa
Signing time: Wed 13 Nov 2024 07:27:20 +0000
ROA not before: Wed 13 Nov 2024 07:27:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12858
IP address blocks: 212.101.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:6b:6e:06:d7:0f:e9:66:66:bc:56:1e:64:4c:d8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2050df51f0e5bc81db4b05f449f74308d7fcfa2e
Validity
Not Before: Nov 13 07:27:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6045ac6203012b83756e631cae4c0700e8c501c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ed:41:f5:2d:a7:dc:92:9c:c9:ff:42:e8:72:
4b:9c:d8:7b:34:0c:01:98:f2:e4:4a:3e:5f:15:4f:
25:ce:15:2a:28:68:05:4a:bd:58:36:57:45:a6:0d:
ef:64:14:df:c8:1c:6b:bb:7c:72:51:f8:a2:d4:dc:
4e:ce:91:20:e8:d8:75:1f:e1:19:d1:c9:f6:5d:07:
8a:1b:4f:35:ef:3d:bc:f8:94:73:b2:82:e6:da:bd:
e8:be:ff:19:36:7f:fa:f0:f9:6b:c9:14:87:54:2b:
7b:4e:2f:c2:93:11:6e:c6:d7:8b:8d:30:e7:54:83:
de:5b:e5:7a:ec:5f:50:60:9e:8c:92:d0:bd:1d:7d:
ff:db:00:2a:62:66:97:06:c3:a7:80:b4:f9:dc:f0:
e9:6f:0c:1f:94:8f:12:34:63:ec:e6:e9:61:b3:d5:
38:eb:3b:89:d4:d4:72:fa:6e:00:87:6c:83:6e:b6:
b8:da:10:a3:ea:bf:b6:6f:8c:fb:9b:2e:cc:da:e6:
b5:57:d4:36:4a:86:4d:85:06:6d:ab:28:b8:1e:3c:
fb:9b:d5:59:15:8c:de:9b:56:d1:ce:72:80:23:7b:
13:cf:c7:b5:b0:34:98:5b:4b:04:17:52:e6:ad:15:
0d:20:f1:34:16:34:4c:ef:c3:4f:e8:d9:69:b6:05:
d6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:45:AC:62:03:01:2B:83:75:6E:63:1C:AE:4C:07:00:E8:C5:01:C0
X509v3 Authority Key Identifier:
keyid:20:50:DF:51:F0:E5:BC:81:DB:4B:05:F4:49:F7:43:08:D7:FC:FA:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IFDfUfDlvIHbSwX0SfdDCNf8-i4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/60e376-993c-4baf-b590-6e6481e5765c/1/YEWsYgMBK4N1bmMcrkwHAOjFAcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/60e376-993c-4baf-b590-6e6481e5765c/1/IFDfUfDlvIHbSwX0SfdDCNf8-i4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.101.119.0/24
Signature Algorithm: sha256WithRSAEncryption
51:25:1f:4c:7a:dd:86:ff:88:7a:76:f7:3b:eb:73:59:90:18:
c9:7c:1f:e7:26:f6:c8:19:99:15:41:6b:87:2b:c2:95:1a:99:
ad:ad:db:b5:76:98:80:35:3b:c4:77:d8:d6:a9:fc:c4:b0:f4:
68:1d:a6:e9:76:34:ba:8f:97:74:ae:b9:4c:5b:96:e7:da:44:
d4:55:bb:5d:52:d1:43:59:f9:92:91:6e:5a:30:08:d2:f4:15:
53:25:90:0d:08:b4:f2:66:9a:9b:a2:9f:61:9c:a9:be:bb:1d:
18:98:2b:b5:34:ef:4c:e0:e5:ee:5b:f5:c8:a3:27:09:a4:e1:
13:aa:b0:2d:54:be:0c:28:48:d6:0f:b6:c0:31:23:6e:71:67:
b4:89:45:fc:20:21:a9:66:a2:7e:03:49:cf:6d:39:fc:39:df:
04:84:6c:a6:be:c9:10:91:6a:50:d3:f0:b3:38:d2:fc:a3:ea:
35:45:26:b1:ea:33:d0:3a:90:ec:c9:1a:83:d9:91:94:34:73:
1c:0a:5c:bb:59:47:f6:df:b1:a8:33:3f:37:41:8b:d2:6f:9d:
cd:d0:78:2c:3a:7c:e0:c0:70:44:98:31:86:3c:f7:0f:a6:f9:
32:48:04:c5:cc:82:72:fa:46:10:6f:09:9f:2c:e1:01:64:54:
36:d9:a2:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMka24G1w/pZma8Vh5kTNiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNTBkZjUxZjBlNWJjODFkYjRiMDVmNDQ5Zjc0MzA4ZDdm
Y2ZhMmUwHhcNMjQxMTEzMDcyNzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQ1YWM2MjAzMDEyYjgzNzU2ZTYzMWNhZTRjMDcwMGU4YzUwMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1O1B9S2n3JKcyf9C6HJLnNh7NAwB
mPLkSj5fFU8lzhUqKGgFSr1YNldFpg3vZBTfyBxru3xyUfii1NxOzpEg6Nh1H+EZ
0cn2XQeKG0817z28+JRzsoLm2r3ovv8ZNn/68PlryRSHVCt7Ti/CkxFuxteLjTDn
VIPeW+V67F9QYJ6MktC9HX3/2wAqYmaXBsOngLT53PDpbwwflI8SNGPs5ulhs9U4
6zuJ1NRy+m4Ah2yDbra42hCj6r+2b4z7my7M2ua1V9Q2SoZNhQZtqyi4Hjz7m9VZ
FYzem1bRznKAI3sTz8e1sDSYW0sEF1LmrRUNIPE0FjRM78NP6NlptgXW6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBFrGIDASuDdW5jHK5MBwDoxQHAMB8GA1UdIwQY
MBaAFCBQ31Hw5byB20sF9En3QwjX/PouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUZEZlVmRGx2SUhiU3dYMFNmZERDTmY4LWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82MGUzNzYtOTkzYy00YmFmLWI1OTAt
NmU2NDgxZTU3NjVjLzEvWUVXc1lnTUJLNE4xYm1NY3Jrd0hBT2pGQWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82MGUzNzYtOTkzYy00YmFmLWI1OTAtNmU2NDgxZTU3NjVj
LzEvSUZEZlVmRGx2SUhiU3dYMFNmZERDTmY4LWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GV3MA0G
CSqGSIb3DQEBCwUAA4IBAQBRJR9Met2G/4h6dvc763NZkBjJfB/nJvbIGZkVQWuH
K8KVGpmtrdu1dpiANTvEd9jWqfzEsPRoHabpdjS6j5d0rrlMW5bn2kTUVbtdUtFD
WfmSkW5aMAjS9BVTJZANCLTyZpqbop9hnKm+ux0YmCu1NO9M4OXuW/XIoycJpOET
qrAtVL4MKEjWD7bAMSNucWe0iUX8ICGpZqJ+A0nPbTn8Od8EhGymvskQkWpQ0/Cz
ONL8o+o1RSax6jPQOpDsyRqD2ZGUNHMcCly7WUf237GoMz83QYvSb53N0HgsOnzg
wHBEmDGGPPcPpvkySATFzIJy+kYQbwmfLOEBZFQ22aJW
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:18:23 2025 by rpki-client