Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5b3s4uMoX-RJY6zYeJbW4AZqud8.roa
File: 5b3s4uMoX-RJY6zYeJbW4AZqud8.roa (raw, json)
Hash identifier: R+1VdQ+4H28yuJTD7cjJ/kpp/N/Mzt8yjt7buAdxFPI=
Subject key identifier: E5:BD:EC:E2:E3:28:5F:E4:49:63:AC:D8:78:96:D6:E0:06:6A:B9:DF
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018F5335F82B7B498EF9785076E441D6A71A
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5b3s4uMoX-RJY6zYeJbW4AZqud8.roa
Signing time: Tue 07 May 2024 13:19:56 +0000
ROA not before: Tue 07 May 2024 13:19:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215391
IP address blocks: 45.43.143.0/24 maxlen: 24
104.238.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:35:f8:2b:7b:49:8e:f9:78:50:76:e4:41:d6:a7:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 7 13:19:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5bdece2e3285fe44963acd87896d6e0066ab9df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:57:0a:9d:9d:b0:0c:99:a9:03:bb:3b:bc:85:
20:7e:25:8e:35:a6:89:6b:e9:73:c3:f6:f2:4f:79:
be:3b:f2:40:f5:bf:40:9a:89:a9:28:67:b2:37:e1:
76:b6:9c:3e:dd:6a:6d:fb:25:a5:19:16:13:5c:13:
f2:90:b0:98:25:0b:5c:bd:45:cb:c8:69:a3:ea:93:
47:b0:55:6a:c9:b8:36:53:51:e7:a4:10:b5:f3:79:
a8:76:02:a1:4c:00:46:2a:f4:9d:0b:d9:88:d1:a4:
0a:93:db:42:9b:d7:ad:6a:84:81:c3:aa:62:5c:ea:
57:bb:25:9a:2b:4f:d6:d8:b0:cb:53:7d:79:fa:31:
8e:e4:51:77:fd:7e:9d:77:36:ce:27:d3:b2:41:b5:
e7:d5:d2:af:18:9c:4d:ed:44:37:2a:cc:f8:a2:e8:
4d:b3:7a:4e:bb:f1:d3:23:7f:c4:c9:74:17:ea:d8:
5e:f8:27:bc:f8:9b:04:33:4d:27:35:83:63:56:07:
e9:a7:af:eb:09:06:73:a1:18:f1:b4:df:ec:9a:f2:
dc:13:66:bd:75:e3:66:ff:59:aa:6d:0f:e0:39:de:
55:08:ed:60:9f:9d:7e:03:bb:1b:5a:ce:eb:e9:3c:
69:b3:0e:63:c4:cc:2f:a3:e9:bf:66:29:77:69:d6:
78:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BD:EC:E2:E3:28:5F:E4:49:63:AC:D8:78:96:D6:E0:06:6A:B9:DF
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5b3s4uMoX-RJY6zYeJbW4AZqud8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.143.0/24
104.238.23.0/24
Signature Algorithm: sha256WithRSAEncryption
26:82:d5:68:0a:bd:11:e9:93:80:3d:9a:6b:11:82:95:07:2f:
0e:8e:98:a5:3c:33:83:bc:ad:25:16:25:e0:04:3e:3a:0b:1d:
0e:2a:79:37:3e:d2:95:fc:a6:4e:ca:6e:37:73:6c:92:57:13:
b0:c3:47:44:aa:83:b0:9e:c3:43:ca:75:0e:a1:b9:a7:fb:ae:
f7:d4:20:82:56:f6:6c:5b:6d:b8:58:7f:8e:a1:22:34:ab:d0:
21:5a:4e:a0:8d:0c:b6:c1:aa:b3:e6:e7:ca:7a:a1:26:65:e9:
60:07:0f:f3:e6:b0:09:ec:ea:34:0a:ae:18:5e:0b:e7:d1:9d:
0b:9a:fe:4f:8c:b6:d8:f3:d3:8c:08:26:96:6a:22:2c:cc:15:
b6:a1:64:01:96:40:68:98:ef:c0:8e:62:93:15:12:09:85:bd:
a1:64:e1:d3:34:b2:32:f9:6e:97:bc:1b:46:f2:ab:98:53:1d:
20:c1:42:73:2c:bb:49:77:28:ac:04:26:8f:8b:f3:cf:78:16:
9b:74:20:0f:78:3c:80:c3:5c:50:1b:fc:24:25:29:44:89:f9:
72:f8:8a:e7:58:b5:b3:ad:1d:59:b6:57:65:54:e0:9e:45:6a:
93:0c:b9:7f:cc:75:af:3a:3b:2b:a9:eb:67:9e:96:05:f2:96:
f5:34:44:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9TNfgre0mO+XhQduRB1qcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNTA3MTMxOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJkZWNlMmUzMjg1ZmU0NDk2M2FjZDg3ODk2ZDZlMDA2NmFiOWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1cKnZ2wDJmpA7s7vIUgfiWONaaJ
a+lzw/byT3m+O/JA9b9AmompKGeyN+F2tpw+3Wpt+yWlGRYTXBPykLCYJQtcvUXL
yGmj6pNHsFVqybg2U1HnpBC183modgKhTABGKvSdC9mI0aQKk9tCm9etaoSBw6pi
XOpXuyWaK0/W2LDLU315+jGO5FF3/X6ddzbOJ9OyQbXn1dKvGJxN7UQ3Ksz4ouhN
s3pOu/HTI3/EyXQX6the+Ce8+JsEM00nNYNjVgfpp6/rCQZzoRjxtN/smvLcE2a9
deNm/1mqbQ/gOd5VCO1gn51+A7sbWs7r6Txpsw5jxMwvo+m/Zil3adZ4gQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOW97OLjKF/kSWOs2HiW1uAGarnfMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvNWIzczR1TW9YLVJKWTZ6WWVKYlc0QVpxdWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALSuPAwQA
aO4XMA0GCSqGSIb3DQEBCwUAA4IBAQAmgtVoCr0R6ZOAPZprEYKVBy8OjpilPDOD
vK0lFiXgBD46Cx0OKnk3PtKV/KZOym43c2ySVxOww0dEqoOwnsNDynUOobmn+673
1CCCVvZsW224WH+OoSI0q9AhWk6gjQy2waqz5ufKeqEmZelgBw/z5rAJ7Oo0Cq4Y
Xgvn0Z0Lmv5PjLbY89OMCCaWaiIszBW2oWQBlkBomO/AjmKTFRIJhb2hZOHTNLIy
+W6XvBtG8quYUx0gwUJzLLtJdyisBCaPi/PPeBabdCAPeDyAw1xQG/wkJSlEifly
+IrnWLWzrR1ZtldlVOCeRWqTDLl/zHWvOjsrqetnnpYF8pb1NEQM
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:16:07 2025 by rpki-client