Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/0bdIyzG85EDbSgfsLmUj8_pDmm4.roa
File: 0bdIyzG85EDbSgfsLmUj8_pDmm4.roa (raw, json)
Hash identifier: V2J7d5yuMvxVRLOlHqtFOeQapMWyQTzcq+art3zr6vQ=
Subject key identifier: D1:B7:48:CB:31:BC:E4:40:DB:4A:07:EC:2E:65:23:F3:FA:43:9A:6E
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185725EB98922D5B14FE8D3513BE0D31CA5
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/0bdIyzG85EDbSgfsLmUj8_pDmm4.roa
Signing time: Mon 02 Jan 2023 12:04:48 +0000
ROA not before: Mon 02 Jan 2023 12:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13886
IP address blocks: 104.238.26.0/24 maxlen: 24
45.150.32.0/22 maxlen: 22
206.124.104.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 10 Mar 2023 11:51:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5e:b9:89:22:d5:b1:4f:e8:d3:51:3b:e0:d3:1c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 12:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1b748cb31bce440db4a07ec2e6523f3fa439a6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:31:4d:42:a2:74:44:b5:25:55:90:b7:90:f8:
ed:50:6e:c1:cb:a2:1c:07:e6:1a:c6:2d:29:8f:c6:
5d:49:b6:82:2e:e8:22:35:b6:83:d5:8a:84:71:6f:
0d:3b:31:f0:a6:58:04:1b:10:85:91:ad:38:f3:ea:
5b:23:88:d5:7e:cd:20:c8:e4:e3:6e:ae:ae:b8:a3:
78:b3:bc:2e:ab:79:f8:1d:33:c9:bb:a2:f5:01:a6:
36:09:bb:69:44:3e:49:da:26:e8:1e:75:16:d1:47:
5a:bc:fa:2f:6a:88:74:71:f0:1c:82:54:93:78:4c:
87:d6:cf:66:e1:8a:46:04:36:ce:29:71:a2:dc:12:
aa:8f:62:77:5d:77:ac:d1:01:ba:ad:89:1c:fc:7b:
e8:5d:47:85:da:58:37:60:19:7a:c9:08:ac:99:30:
53:55:ae:88:5f:15:42:bd:0a:75:6b:ec:62:64:30:
cb:3a:8a:6b:a9:89:6a:41:5c:4a:37:fa:02:b1:e4:
2c:4e:18:05:6b:8d:af:41:a3:11:83:9d:35:8b:bf:
35:b8:a5:7f:93:ee:e4:df:c0:c4:dc:ce:ea:70:7c:
1b:cc:94:61:35:8b:fd:f8:9a:cb:a2:58:c3:35:4a:
5f:66:6e:82:7d:28:8d:fa:a5:c4:0d:8b:a3:83:43:
85:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B7:48:CB:31:BC:E4:40:DB:4A:07:EC:2E:65:23:F3:FA:43:9A:6E
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/0bdIyzG85EDbSgfsLmUj8_pDmm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.32.0/22
104.238.26.0/24
206.124.104.0/21
Signature Algorithm: sha256WithRSAEncryption
56:01:cc:b2:dd:09:1d:ee:98:d2:e2:12:cc:2e:61:9a:56:54:
5e:56:a1:00:80:6c:2b:66:62:d7:8d:b9:f6:23:d9:87:fe:55:
2d:ea:93:03:65:76:a0:50:d7:a6:ed:ee:6d:84:76:f0:33:a2:
f3:a1:4b:32:f4:4e:d8:3a:c4:1e:9a:cd:51:bd:47:01:07:6b:
de:f7:1f:f2:47:84:62:fe:32:73:1d:05:74:08:a5:6f:c8:82:
9c:3d:a6:94:e4:69:e3:cd:03:13:30:67:a3:b2:09:69:1f:a0:
87:68:92:8d:1e:6b:8f:b5:70:aa:45:f3:fb:76:8d:b5:5c:5a:
46:d7:61:e6:74:d2:5b:00:d3:9d:b3:b2:82:84:65:29:44:e8:
69:32:97:52:4b:46:c2:81:09:07:e7:09:00:8b:5a:74:23:e9:
00:15:14:4d:bc:17:58:d5:d1:de:cf:48:9e:c1:7f:97:61:b2:
15:dd:67:85:e2:f5:6f:f7:23:c1:fa:db:a4:89:6c:51:b6:3b:
84:5f:4d:6e:e7:40:ed:f3:21:95:db:3d:6f:dd:dd:72:15:ba:
30:51:1c:6a:fe:48:c9:16:8c:cf:10:5b:3a:e3:54:b5:11:bf:
ce:58:f9:51:22:b8:e7:b5:91:e6:f2:0a:89:f7:db:92:79:d1:
ad:75:c7:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyXrmJItWxT+jTUTvg0xylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI3NDhjYjMxYmNlNDQwZGI0YTA3ZWMyZTY1MjNmM2ZhNDM5YTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzFNQqJ0RLUlVZC3kPjtUG7By6Ic
B+Yaxi0pj8ZdSbaCLugiNbaD1YqEcW8NOzHwplgEGxCFka048+pbI4jVfs0gyOTj
bq6uuKN4s7wuq3n4HTPJu6L1AaY2CbtpRD5J2iboHnUW0UdavPovaoh0cfAcglST
eEyH1s9m4YpGBDbOKXGi3BKqj2J3XXes0QG6rYkc/HvoXUeF2lg3YBl6yQismTBT
Va6IXxVCvQp1a+xiZDDLOoprqYlqQVxKN/oCseQsThgFa42vQaMRg501i781uKV/
k+7k38DE3M7qcHwbzJRhNYv9+JrLoljDNUpfZm6CfSiN+qXEDYujg0OFfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNG3SMsxvORA20oH7C5lI/P6Q5puMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvMGJkSXl6Rzg1RURiU2dmc0xtVWo4X3BEbW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZYgAwQA
aO4aAwQDznxoMA0GCSqGSIb3DQEBCwUAA4IBAQBWAcyy3Qkd7pjS4hLMLmGaVlRe
VqEAgGwrZmLXjbn2I9mH/lUt6pMDZXagUNem7e5thHbwM6LzoUsy9E7YOsQems1R
vUcBB2ve9x/yR4Ri/jJzHQV0CKVvyIKcPaaU5GnjzQMTMGejsglpH6CHaJKNHmuP
tXCqRfP7do21XFpG12HmdNJbANOds7KChGUpROhpMpdSS0bCgQkH5wkAi1p0I+kA
FRRNvBdY1dHez0iewX+XYbIV3WeF4vVv9yPB+tukiWxRtjuEX01u50Dt8yGV2z1v
3d1yFbowURxq/kjJFozPEFs641S1Eb/OWPlRIrjntZHm8gqJ99uSedGtdcdd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org