Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5JX3iZkdvXzg5XIRTrSwK6u58jY.roa
File: 5JX3iZkdvXzg5XIRTrSwK6u58jY.roa (raw, json)
Hash identifier: 9Gzoxe4qXk1aZLNUDubR9V0uDeGjdXCPszlcbulnc/s=
Subject key identifier: E4:95:F7:89:99:1D:BD:7C:E0:E5:72:11:4E:B4:B0:2B:AB:B9:F2:36
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018B10E45F49BDDA32EBC5DDA391980DF2D3
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5JX3iZkdvXzg5XIRTrSwK6u58jY.roa
Signing time: Sun 08 Oct 2023 20:04:43 +0000
ROA not before: Sun 08 Oct 2023 20:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397373
IP address blocks: 104.249.24.0/24 maxlen: 24
216.173.83.0/24 maxlen: 24
104.249.28.0/24 maxlen: 24
104.249.27.0/24 maxlen: 24
104.249.26.0/24 maxlen: 24
104.143.228.0/24 maxlen: 24
216.173.101.0/24 maxlen: 24
104.249.56.0/22 maxlen: 22
104.249.57.0/24 maxlen: 24
216.173.118.0/24 maxlen: 24
104.249.59.0/24 maxlen: 24
104.143.253.0/24 maxlen: 24
45.43.128.0/21 maxlen: 21
45.43.128.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:10:e4:5f:49:bd:da:32:eb:c5:dd:a3:91:98:0d:f2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 8 20:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e495f789991dbd7ce0e572114eb4b02babb9f236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:aa:e9:6a:ef:9f:65:b9:e0:e3:12:41:ac:bc:
c1:ad:01:25:31:8b:09:85:73:df:45:79:10:e1:02:
8f:90:0c:c7:56:c7:70:2f:0d:6b:95:9a:dd:a6:59:
46:79:58:2f:58:a5:db:bb:26:13:9d:81:dd:d4:49:
65:1d:a3:af:09:12:4d:6b:3b:c6:0d:fb:35:e9:14:
b0:8e:9f:61:4c:f9:60:fe:4e:38:ee:f4:cf:18:be:
f9:a1:9e:02:a9:0e:3c:13:f2:58:70:45:ed:21:d2:
f9:62:9b:26:cd:40:c5:3d:25:48:52:7c:5a:1e:e8:
87:36:7f:5e:34:77:fd:21:a7:bf:70:3a:e0:99:05:
33:d6:96:c8:6d:d8:9f:0b:10:0a:2b:12:31:e0:4c:
a6:61:1b:db:d6:06:24:38:6a:92:05:c9:42:c3:b6:
23:37:b3:b2:07:ae:e6:5a:6b:23:de:a1:f0:93:fc:
e2:f7:a6:3f:2f:7a:68:c9:9b:9c:a2:0b:2a:a3:f9:
dd:68:0c:ba:eb:42:f8:8c:61:64:57:22:77:ff:b8:
bf:3e:e6:4d:96:2c:ad:71:8b:9b:96:8c:51:f7:09:
d9:14:3a:d1:87:2c:dc:2a:34:58:00:19:c2:57:c1:
65:5f:f3:03:96:9b:34:69:21:f5:18:d2:c2:c7:bb:
42:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:95:F7:89:99:1D:BD:7C:E0:E5:72:11:4E:B4:B0:2B:AB:B9:F2:36
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5JX3iZkdvXzg5XIRTrSwK6u58jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.128.0/21
104.143.228.0/24
104.143.253.0/24
104.249.24.0/24
104.249.26.0-104.249.28.255
104.249.56.0/22
216.173.83.0/24
216.173.101.0/24
216.173.118.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:e8:52:11:2c:9a:7b:0b:69:66:76:f5:26:1c:26:54:73:ba:
5a:0d:3c:56:51:5a:82:10:60:44:b9:0c:f5:1c:51:d9:44:b0:
b2:ef:43:53:20:6a:1d:7b:24:f3:a4:3f:fa:dc:a4:6a:4e:88:
17:33:4b:75:55:2e:16:50:59:09:5c:a2:04:12:09:f8:10:0e:
0b:f1:42:0b:09:41:3c:86:7f:3d:47:d2:13:ff:1e:de:66:c0:
46:9a:2b:5c:36:39:7e:41:1b:65:3b:ab:86:c0:0c:1e:46:a1:
36:aa:86:b2:a5:14:ca:1b:67:81:62:28:39:1c:ff:bf:ee:df:
3f:9b:35:ee:d4:c2:f8:f0:4a:ad:40:c8:fb:67:7b:54:20:85:
92:0b:28:3b:e0:d2:ab:38:2c:e9:39:65:2e:04:62:5c:f8:bc:
cb:6d:6f:4f:a5:58:10:8f:d2:31:dc:c4:12:2c:c2:74:32:80:
5b:c1:8d:ea:da:7b:27:63:49:29:86:8a:53:4c:66:d1:2b:1d:
3c:7a:bc:ef:21:e1:61:97:d7:b5:f7:5a:94:61:af:21:68:cb:
7d:1a:7c:3f:2e:fa:d7:e4:08:58:89:68:75:02:c7:75:ea:a1:
0a:ee:c1:c9:b0:15:6f:d2:41:c3:fb:ea:85:27:ce:d3:2a:0d:
fb:ea:84:01
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYsQ5F9Jvdoy68Xdo5GYDfLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMxMDA4MjAwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDk1Zjc4OTk5MWRiZDdjZTBlNTcyMTE0ZWI0YjAyYmFiYjlmMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKrpau+fZbng4xJBrLzBrQElMYsJ
hXPfRXkQ4QKPkAzHVsdwLw1rlZrdpllGeVgvWKXbuyYTnYHd1EllHaOvCRJNazvG
Dfs16RSwjp9hTPlg/k447vTPGL75oZ4CqQ48E/JYcEXtIdL5YpsmzUDFPSVIUnxa
HuiHNn9eNHf9Iae/cDrgmQUz1pbIbdifCxAKKxIx4EymYRvb1gYkOGqSBclCw7Yj
N7OyB67mWmsj3qHwk/zi96Y/L3poyZucogsqo/ndaAy660L4jGFkVyJ3/7i/PuZN
liytcYubloxR9wnZFDrRhyzcKjRYABnCV8FlX/MDlps0aSH1GNLCx7tCoQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFOSV94mZHb184OVyEU60sCurufI2MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvNUpYM2laa2R2WHpnNVhJUlRyU3dLNnU1OGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDLSuAAwQA
aI/kAwQAaI/9AwQAaPkYMAwDBAFo+RoDBABo+RwDBAJo+TgDBADYrVMDBADYrWUD
BADYrXYwDQYJKoZIhvcNAQELBQADggEBAG3oUhEsmnsLaWZ29SYcJlRzuloNPFZR
WoIQYES5DPUcUdlEsLLvQ1Mgah17JPOkP/rcpGpOiBczS3VVLhZQWQlcogQSCfgQ
DgvxQgsJQTyGfz1H0hP/Ht5mwEaaK1w2OX5BG2U7q4bADB5GoTaqhrKlFMobZ4Fi
KDkc/7/u3z+bNe7UwvjwSq1AyPtne1QghZILKDvg0qs4LOk5ZS4EYlz4vMttb0+l
WBCP0jHcxBIswnQygFvBjeraeydjSSmGilNMZtErHTx6vO8h4WGX17X3WpRhryFo
y30afD8u+tfkCFiJaHUCx3XqoQruwcmwFW/SQcP76oUnztMqDfvqhAE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:54 2024 by rpki-client on console-ams.rpki-client.org