Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/J0TrWRXLUB37l6KQDLh3U-atwqQ.roa
File: J0TrWRXLUB37l6KQDLh3U-atwqQ.roa (raw, json)
Hash identifier: Yf2lVCldGDx9oYgT3bmpBcWpTwj5pPS40U2MaWvqPvI=
Subject key identifier: 27:44:EB:59:15:CB:50:1D:FB:97:A2:90:0C:B8:77:53:E6:AD:C2:A4
Certificate issuer: /CN=59e4d6fab77ac779f49bf6fc8ab81e23ad467576
Certificate serial: 0194F63604FA2F778AEB0F2E2339C13ADED1
Authority key identifier: 59:E4:D6:FA:B7:7A:C7:79:F4:9B:F6:FC:8A:B8:1E:23:AD:46:75:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WeTW-rd6x3n0m_b8irgeI61GdXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/J0TrWRXLUB37l6KQDLh3U-atwqQ.roa
Signing time: Tue 11 Feb 2025 18:12:02 +0000
ROA not before: Tue 11 Feb 2025 18:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59787
IP address blocks: 62.233.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 22:11:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f6:36:04:fa:2f:77:8a:eb:0f:2e:23:39:c1:3a:de:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59e4d6fab77ac779f49bf6fc8ab81e23ad467576
Validity
Not Before: Feb 11 18:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2744eb5915cb501dfb97a2900cb87753e6adc2a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d6:39:ad:26:aa:5e:68:d6:42:53:30:00:a4:
f7:1e:fb:f0:2e:87:1c:8b:f6:29:38:cf:78:2d:4b:
fd:91:c3:bd:40:0a:14:82:6b:1e:7d:7c:31:88:b8:
f5:e7:bd:8e:bc:00:21:21:8b:23:e3:07:67:69:15:
4b:80:11:94:4a:6d:64:a1:89:5b:82:05:12:6b:f4:
22:1f:33:19:04:d1:e9:39:8d:e0:c9:51:ff:04:fd:
ed:5d:07:ff:8f:64:62:a6:d8:e2:26:7d:a1:20:08:
63:99:d7:9b:78:b9:16:a2:d5:21:e7:51:a0:c7:2f:
c2:37:63:34:0b:9e:7f:93:4c:2b:44:bf:d8:0a:7a:
c2:f6:37:76:bc:3a:fe:8e:2b:e5:95:73:9e:36:73:
fe:f9:6d:69:ea:de:9a:6f:ad:af:34:fd:db:3a:3c:
6e:9a:2e:d1:b7:dc:e7:a7:7e:07:d0:42:92:65:e6:
c8:33:e7:dd:9e:63:ef:88:b3:b7:84:6c:34:d1:b4:
79:8c:a9:08:db:f3:37:f3:23:45:01:4d:b0:3b:2a:
b7:70:9c:61:80:e0:ca:fe:c9:58:9b:46:3d:57:f4:
28:7b:62:2b:5a:01:15:da:da:1b:5e:e7:44:cf:db:
a9:ae:af:f3:d1:01:19:2e:fc:d9:7b:35:09:58:12:
c3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:44:EB:59:15:CB:50:1D:FB:97:A2:90:0C:B8:77:53:E6:AD:C2:A4
X509v3 Authority Key Identifier:
keyid:59:E4:D6:FA:B7:7A:C7:79:F4:9B:F6:FC:8A:B8:1E:23:AD:46:75:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WeTW-rd6x3n0m_b8irgeI61GdXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/J0TrWRXLUB37l6KQDLh3U-atwqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/WeTW-rd6x3n0m_b8irgeI61GdXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.41.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:cb:cb:9c:29:32:bb:ed:1c:e3:db:13:aa:bf:f6:3a:ec:de:
e4:fb:fd:4b:ed:72:da:56:1b:32:f0:96:e9:6c:65:10:cb:a6:
73:e3:07:a3:83:40:34:a6:00:15:9e:2f:a8:14:67:04:fb:aa:
9e:65:6f:3c:d8:d9:42:a6:1f:de:6b:bf:8c:c6:83:ae:72:c4:
4b:1f:f2:54:ea:1d:48:61:f5:f1:9f:a4:28:5a:17:09:5d:5e:
9f:2b:64:f4:0b:10:1c:c8:d7:cb:25:fd:e5:03:6d:ff:d5:45:
aa:aa:cb:1c:4b:a7:da:a5:b0:6c:da:f3:30:3f:00:fa:5e:7f:
d8:07:d6:29:8a:b8:08:57:0e:fe:2d:55:0e:e0:9d:c5:f0:c9:
47:6a:70:4c:b9:d4:da:26:8d:52:72:4a:cf:ab:6a:14:17:ca:
10:b0:f4:9b:d1:89:d5:dd:d1:58:2c:2d:cc:c9:43:94:45:34:
31:8a:eb:f7:41:a9:c5:14:89:35:82:ae:64:60:89:a0:67:a7:
4d:14:03:56:3c:a9:8b:37:fc:5b:e8:ee:da:e5:7d:2e:ea:dd:
94:d2:65:23:85:56:b0:df:79:0e:12:5d:05:22:9f:9c:ea:4c:
f4:98:af:df:12:48:bb:f0:11:8c:97:c4:95:b6:46:6a:77:4c:
46:e5:af:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT2NgT6L3eK6w8uIznBOt7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZTRkNmZhYjc3YWM3NzlmNDliZjZmYzhhYjgxZTIzYWQ0
Njc1NzYwHhcNMjUwMjExMTgxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzQ0ZWI1OTE1Y2I1MDFkZmI5N2EyOTAwY2I4Nzc1M2U2YWRjMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutY5rSaqXmjWQlMwAKT3HvvwLocc
i/YpOM94LUv9kcO9QAoUgmsefXwxiLj1572OvAAhIYsj4wdnaRVLgBGUSm1koYlb
ggUSa/QiHzMZBNHpOY3gyVH/BP3tXQf/j2RiptjiJn2hIAhjmdebeLkWotUh51Gg
xy/CN2M0C55/k0wrRL/YCnrC9jd2vDr+jivllXOeNnP++W1p6t6ab62vNP3bOjxu
mi7Rt9znp34H0EKSZebIM+fdnmPviLO3hGw00bR5jKkI2/M38yNFAU2wOyq3cJxh
gODK/slYm0Y9V/Qoe2IrWgEV2tobXudEz9uprq/z0QEZLvzZezUJWBLDmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCdE61kVy1Ad+5eikAy4d1PmrcKkMB8GA1UdIwQY
MBaAFFnk1vq3esd59Jv2/Iq4HiOtRnV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2VUVy1yZDZ4M24wbV9iOGlyZ2VJNjFHZFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82NzQyMjUtYWM3Ny00N2EwLWFjZDEt
MjkzZmNhMmQ1MWVhLzEvSjBUcldSWExVQjM3bDZLUURMaDNVLWF0d3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82NzQyMjUtYWM3Ny00N2EwLWFjZDEtMjkzZmNhMmQ1MWVh
LzEvV2VUVy1yZDZ4M24wbV9iOGlyZ2VJNjFHZFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPukpMA0G
CSqGSIb3DQEBCwUAA4IBAQDhy8ucKTK77Rzj2xOqv/Y67N7k+/1L7XLaVhsy8Jbp
bGUQy6Zz4wejg0A0pgAVni+oFGcE+6qeZW882NlCph/ea7+MxoOucsRLH/JU6h1I
YfXxn6QoWhcJXV6fK2T0CxAcyNfLJf3lA23/1UWqqsscS6fapbBs2vMwPwD6Xn/Y
B9YpirgIVw7+LVUO4J3F8MlHanBMudTaJo1SckrPq2oUF8oQsPSb0YnV3dFYLC3M
yUOURTQxiuv3QanFFIk1gq5kYImgZ6dNFANWPKmLN/xb6O7a5X0u6t2U0mUjhVaw
33kOEl0FIp+c6kz0mK/fEki78BGMl8SVtkZqd0xG5a8B
-----END CERTIFICATE-----
Generated at Thu May 1 10:31:52 2025 by rpki-client