Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/2bQqmY8Zj22oyCgXE4zARD8R6io.roa
File: 2bQqmY8Zj22oyCgXE4zARD8R6io.roa (raw, json)
Hash identifier: Y+ZqWIeP76xzxQUyNYSAlBdJO+lvVwOqCNSjAeZVfMg=
Subject key identifier: D9:B4:2A:99:8F:19:8F:6D:A8:C8:28:17:13:8C:C0:44:3F:11:EA:2A
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018A60D45C22D78E49EAA0CC07424BA57A83
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/2bQqmY8Zj22oyCgXE4zARD8R6io.roa
Signing time: Mon 04 Sep 2023 15:34:04 +0000
ROA not before: Mon 04 Sep 2023 15:34:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 64.137.16.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
104.222.190.0/24 maxlen: 24
64.137.109.0/24 maxlen: 24
64.137.110.0/23 maxlen: 23
64.137.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:d4:5c:22:d7:8e:49:ea:a0:cc:07:42:4b:a5:7a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Sep 4 15:34:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9b42a998f198f6da8c82817138cc0443f11ea2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1d:59:f7:3f:01:dd:bb:a6:c8:fe:6f:a7:69:
ff:a1:8a:dd:e1:e4:ee:36:ac:86:e7:7e:e0:ec:03:
1c:e8:65:e8:2d:00:80:b0:6e:93:3b:45:89:18:10:
58:37:57:2d:80:c8:21:10:1a:1d:92:21:87:7a:b1:
57:cc:1a:df:b1:39:fd:cb:cf:52:dd:99:11:b8:82:
07:f6:5b:03:40:36:2d:ba:c2:b2:53:e9:7f:dd:24:
46:42:b0:32:3f:50:e6:38:70:d2:b7:65:35:9e:d2:
9f:f5:99:44:23:79:a2:fe:ea:04:33:d8:9a:07:8a:
60:da:72:67:b9:99:13:2b:5b:93:c3:f0:ff:22:b1:
18:09:b8:0c:6c:47:2a:c7:31:a1:5d:e9:ca:d9:2c:
9d:4a:6c:57:ae:49:f9:a1:90:b7:ea:18:57:21:2e:
0f:e8:70:b1:6b:9c:f4:c6:ee:98:c2:e2:a8:08:6d:
b2:93:01:74:68:21:c6:41:98:da:ed:ef:0d:ad:8a:
bd:12:0b:81:fc:82:2d:33:af:30:6d:ab:b5:8d:95:
ac:8d:3f:12:d7:9e:54:ed:4d:10:a0:5b:21:c7:13:
db:27:2d:d2:8a:e5:4b:68:d6:25:39:03:a9:06:9c:
f6:ee:4d:42:30:1c:de:b9:1f:d9:ce:fb:dd:e1:7d:
15:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B4:2A:99:8F:19:8F:6D:A8:C8:28:17:13:8C:C0:44:3F:11:EA:2A
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/2bQqmY8Zj22oyCgXE4zARD8R6io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.9.0/24
64.137.16.0/24
64.137.54.0/24
64.137.109.0-64.137.111.255
104.222.190.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b9:79:8c:45:8e:03:ad:1f:ab:6d:72:80:f6:cc:70:ef:99:
62:9e:9a:4c:1f:c9:c4:1b:a6:a3:77:2f:fd:6b:28:0a:9c:b9:
5d:c9:2a:77:b5:dc:ae:3d:de:96:b3:47:b3:8e:ab:a1:d6:f4:
6b:e1:e6:97:a5:6a:03:b3:7a:4d:75:42:10:fe:b9:e8:12:d1:
d8:06:dd:95:73:b6:50:74:d9:2a:88:94:ef:40:7d:ee:ce:1a:
c8:e0:cc:d7:aa:e5:1d:c8:cb:7a:ee:9c:06:ed:ff:36:a4:69:
19:84:06:68:12:51:23:01:d2:32:30:8b:c3:91:9d:58:4e:1a:
5b:ae:06:b9:00:bd:ff:f3:5e:a0:ac:ac:0d:08:18:71:e2:b7:
7e:6b:1f:e2:ad:64:2f:e9:20:f5:09:73:29:54:be:fd:61:fd:
1e:35:85:23:86:1c:cf:45:ce:1e:80:21:e3:8a:0d:3c:0c:c3:
b6:2a:d1:2e:0a:62:c7:00:b7:3f:36:12:b4:00:5e:44:e6:46:
9b:a1:22:20:16:ac:a8:58:07:ec:30:ce:43:24:eb:f9:1c:38:
9d:93:26:3e:b8:8d:78:72:38:5c:63:b5:fe:e7:81:de:c0:79:
61:c1:c2:43:2a:1e:05:91:88:a5:54:30:1e:a0:50:c1:e2:e3:
25:d9:97:3c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYpg1Fwi145J6qDMB0JLpXqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwOTA0MTUzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWI0MmE5OThmMTk4ZjZkYThjODI4MTcxMzhjYzA0NDNmMTFlYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3h1Z9z8B3bumyP5vp2n/oYrd4eTu
NqyG537g7AMc6GXoLQCAsG6TO0WJGBBYN1ctgMghEBodkiGHerFXzBrfsTn9y89S
3ZkRuIIH9lsDQDYtusKyU+l/3SRGQrAyP1DmOHDSt2U1ntKf9ZlEI3mi/uoEM9ia
B4pg2nJnuZkTK1uTw/D/IrEYCbgMbEcqxzGhXenK2SydSmxXrkn5oZC36hhXIS4P
6HCxa5z0xu6YwuKoCG2ykwF0aCHGQZja7e8NrYq9EguB/IItM68wbau1jZWsjT8S
155U7U0QoFshxxPbJy3SiuVLaNYlOQOpBpz27k1CMBzeuR/Zzvvd4X0VkQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNm0KpmPGY9tqMgoFxOMwEQ/EeoqMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvMmJRcW1ZOFpqMjJveUNnWEU0ekFSRDhSNmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAQIkJAwQA
QIkQAwQAQIk2MAwDBABAiW0DBARAiWADBABo3r4wDQYJKoZIhvcNAQELBQADggEB
AH65eYxFjgOtH6ttcoD2zHDvmWKemkwfycQbpqN3L/1rKAqcuV3JKne13K493paz
R7OOq6HW9Gvh5pelagOzek11QhD+uegS0dgG3ZVztlB02SqIlO9Afe7OGsjgzNeq
5R3Iy3runAbt/zakaRmEBmgSUSMB0jIwi8ORnVhOGluuBrkAvf/zXqCsrA0IGHHi
t35rH+KtZC/pIPUJcylUvv1h/R41hSOGHM9Fzh6AIeOKDTwMw7Yq0S4KYscAtz82
ErQAXkTmRpuhIiAWrKhYB+wwzkMk6/kcOJ2TJj64jXhyOFxjtf7ngd7AeWHBwkMq
HgWRiKVUMB6gUMHi4yXZlzw=
-----END CERTIFICATE-----
Generated at Mon Sep 11 08:56:31 2023 by rpki-client on console-fra.rpki-client.org