Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/2fIQmkVaCsSdX_H0KNauEN2HFy4.roa
File: 2fIQmkVaCsSdX_H0KNauEN2HFy4.roa (raw, json)
Hash identifier: yndri3nnIAesK7fzP2OHWG8XlFVmwtL0ibIhTetaHng=
Subject key identifier: D9:F2:10:9A:45:5A:0A:C4:9D:5F:F1:F4:28:D6:AE:10:DD:87:17:2E
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018872A53E4E47F3E0F0F097F65C738556CE
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/2fIQmkVaCsSdX_H0KNauEN2HFy4.roa
Signing time: Wed 31 May 2023 16:30:11 +0000
ROA not before: Wed 31 May 2023 16:30:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5089
IP address blocks: 45.43.168.0/22 maxlen: 22
104.239.122.0/23 maxlen: 23
104.239.120.0/23 maxlen: 23
104.239.70.0/23 maxlen: 23
104.239.68.0/23 maxlen: 23
64.137.0.0/22 maxlen: 22
64.137.4.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:a5:3e:4e:47:f3:e0:f0:f0:97:f6:5c:73:85:56:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 31 16:30:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9f2109a455a0ac49d5ff1f428d6ae10dd87172e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e0:23:1c:36:8e:41:af:3b:34:0e:14:e3:fb:
d7:b2:2b:5b:b1:ad:87:ef:7c:e6:3c:95:a8:10:6b:
83:55:1c:d2:82:e9:b3:ec:96:49:5c:28:9d:31:8a:
ec:ff:ae:a2:f9:56:4c:9a:10:47:54:df:8a:3a:53:
1a:1c:81:d4:8d:78:27:dd:45:76:9a:7f:6f:85:4b:
cb:ab:48:77:14:41:5e:f7:b8:46:ed:4a:f4:0b:c8:
5e:be:96:2b:e5:4a:da:43:3f:7b:b4:b8:f6:cc:78:
91:e4:e8:78:97:a1:5b:59:40:5e:60:45:41:0d:42:
97:8e:82:e7:b0:d3:c8:d2:28:49:76:2b:27:13:fa:
bc:e1:1d:34:80:37:e6:7f:5e:2b:c9:b0:e5:84:93:
06:0f:92:f0:db:1c:77:50:48:7b:19:77:ca:12:10:
2b:63:4a:69:64:b5:35:3f:84:9f:a8:73:1b:59:08:
9f:18:b0:96:48:98:92:96:2d:ec:b3:6a:6c:57:c6:
e5:0c:d2:12:13:fb:18:b8:d0:76:37:db:86:4a:89:
79:46:6d:3c:2b:4c:b3:77:fb:10:98:6e:41:19:58:
64:d6:6c:51:76:a1:10:f5:a7:cf:7e:91:48:13:08:
7a:38:1b:54:48:62:38:db:17:fc:3e:5a:47:7c:9c:
3f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F2:10:9A:45:5A:0A:C4:9D:5F:F1:F4:28:D6:AE:10:DD:87:17:2E
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/2fIQmkVaCsSdX_H0KNauEN2HFy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.168.0/22
64.137.0.0/21
104.239.68.0/22
104.239.120.0/22
Signature Algorithm: sha256WithRSAEncryption
30:26:00:98:cc:a5:d9:1b:df:22:0b:3e:34:27:bc:1a:fa:8c:
07:b2:fc:11:6b:d9:72:f2:5e:b4:8c:6e:d0:f3:e6:c3:3a:3e:
b0:c0:07:40:38:00:15:dd:9f:91:5d:de:c7:f2:c2:bb:05:7d:
bb:50:90:9c:e1:18:38:bd:5e:ed:6d:a3:b8:cb:0b:43:9e:0b:
03:3d:8c:13:8d:a2:0b:39:97:0a:3c:fb:e2:7a:16:5f:1e:fd:
a9:3e:33:80:d2:ba:9c:c4:e5:2c:3b:03:eb:02:75:36:4a:a0:
e3:bc:98:1d:06:85:74:37:aa:2a:79:0c:4e:cb:37:7b:f4:89:
08:7b:4a:37:5f:df:af:c2:43:69:f4:d0:a9:fd:73:5b:73:2f:
5c:3e:f7:fe:97:05:ad:31:19:c9:91:14:af:15:8b:ab:67:f3:
01:53:dc:c6:fd:44:c3:d7:c9:29:ca:1a:b7:7a:83:ea:38:d0:
d5:f3:a0:14:28:f7:e1:57:37:d1:2e:1a:d6:57:71:7e:d1:83:
80:f4:41:74:05:fc:3f:f3:e0:a8:17:df:9d:7a:cc:e1:bb:dc:
91:97:fe:59:d3:94:ce:f4:b1:17:68:9e:42:55:a2:e7:f3:d2:
27:16:a8:73:8e:8e:f5:f3:4b:3d:67:fa:9e:4d:cc:18:f2:53:
07:38:85:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhypT5OR/Pg8PCX9lxzhVbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNTMxMTYzMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWYyMTA5YTQ1NWEwYWM0OWQ1ZmYxZjQyOGQ2YWUxMGRkODcxNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eAjHDaOQa87NA4U4/vXsitbsa2H
73zmPJWoEGuDVRzSgumz7JZJXCidMYrs/66i+VZMmhBHVN+KOlMaHIHUjXgn3UV2
mn9vhUvLq0h3FEFe97hG7Ur0C8hevpYr5UraQz97tLj2zHiR5Oh4l6FbWUBeYEVB
DUKXjoLnsNPI0ihJdisnE/q84R00gDfmf14rybDlhJMGD5Lw2xx3UEh7GXfKEhAr
Y0ppZLU1P4SfqHMbWQifGLCWSJiSli3ss2psV8blDNISE/sYuNB2N9uGSol5Rm08
K0yzd/sQmG5BGVhk1mxRdqEQ9afPfpFIEwh6OBtUSGI42xf8PlpHfJw/dQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNnyEJpFWgrEnV/x9CjWrhDdhxcuMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvMmZJUW1rVmFDc1NkWF9IMEtOYXVFTjJIRnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLSuoAwQD
QIkAAwQCaO9EAwQCaO94MA0GCSqGSIb3DQEBCwUAA4IBAQAwJgCYzKXZG98iCz40
J7wa+owHsvwRa9ly8l60jG7Q8+bDOj6wwAdAOAAV3Z+RXd7H8sK7BX27UJCc4Rg4
vV7tbaO4ywtDngsDPYwTjaILOZcKPPviehZfHv2pPjOA0rqcxOUsOwPrAnU2SqDj
vJgdBoV0N6oqeQxOyzd79IkIe0o3X9+vwkNp9NCp/XNbcy9cPvf+lwWtMRnJkRSv
FYurZ/MBU9zG/UTD18kpyhq3eoPqONDV86AUKPfhVzfRLhrWV3F+0YOA9EF0Bfw/
8+CoF9+deszhu9yRl/5Z05TO9LEXaJ5CVaLn89InFqhzjo7180s9Z/qeTcwY8lMH
OIUE
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:40 2024 by rpki-client on console-fra.rpki-client.org