Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/71GSVYXHpG45r1efbKLAtV-1fUI.roa
File: 71GSVYXHpG45r1efbKLAtV-1fUI.roa (raw, json)
Hash identifier: taNBPwgx2Q9Q8/FNjpxvbfAYkMeENKCbrWFAq5NUXBE=
Subject key identifier: EF:51:92:55:85:C7:A4:6E:39:AF:57:9F:6C:A2:C0:B5:5F:B5:7D:42
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185725EB6AFE83695EA52C3C43A0D6A78DB
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/71GSVYXHpG45r1efbKLAtV-1fUI.roa
Signing time: Mon 02 Jan 2023 12:04:47 +0000
ROA not before: Mon 02 Jan 2023 12:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
216.173.103.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.239.28.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5e:b6:af:e8:36:95:ea:52:c3:c4:3a:0d:6a:78:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 12:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef51925585c7a46e39af579f6ca2c0b55fb57d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:31:bb:61:b6:b2:bb:55:5e:24:06:cf:82:8e:
b4:ce:a0:8f:61:1b:21:c6:a5:7b:c6:fa:ef:20:3f:
d9:66:5f:05:7d:b3:09:2a:c7:7f:1a:4b:e2:3a:40:
e5:2b:e6:16:bc:9e:29:c2:20:84:f0:4a:44:97:32:
2e:43:fc:a7:19:70:aa:a3:1b:c6:b2:dd:9d:fd:1f:
e5:26:a8:85:dd:8a:1a:47:5c:00:48:ac:23:b4:d7:
29:68:cb:3e:65:07:c1:e8:31:d5:86:62:b2:7e:fa:
28:cb:b5:8b:d4:3b:21:40:c2:ed:c8:53:c7:04:f4:
4d:7b:1a:b4:01:de:23:7f:1e:9f:99:66:c1:5e:23:
cb:5d:3a:67:08:b4:11:5a:5f:47:e6:cd:04:0e:8f:
74:c6:e9:5a:a9:04:0a:32:65:c3:f8:b0:13:63:9f:
c5:6f:d7:f8:36:c9:88:e7:fa:41:f8:36:7d:08:d3:
3f:9f:7f:6f:df:8f:9c:64:c5:e9:c7:db:f6:4e:67:
d6:16:07:fd:92:94:8a:58:a2:7e:d9:70:2c:ce:f1:
93:5b:c2:2b:7e:50:e6:3f:8e:b6:c3:8d:91:ee:a1:
5d:7c:d2:c7:af:92:ef:69:a8:42:6a:ec:b7:35:12:
ac:ba:2f:bb:d9:6a:c1:2d:b1:f1:be:7a:20:bd:e4:
53:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:51:92:55:85:C7:A4:6E:39:AF:57:9F:6C:A2:C0:B5:5F:B5:7D:42
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/71GSVYXHpG45r1efbKLAtV-1fUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.86.0/24
104.239.88.0/24
104.239.90.0/23
104.239.94.0/24
104.239.98.0/24
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
09:2d:dc:02:09:88:8d:40:32:69:1e:70:6e:c5:d6:8a:97:18:
c0:89:de:30:f1:f0:1b:dc:39:01:59:cd:a6:5a:fd:0d:3d:d0:
a5:dd:6e:2f:37:95:45:50:b9:35:75:92:2e:94:1c:4c:56:94:
01:4a:c3:84:83:39:a9:25:f1:04:ae:cb:5c:8b:3f:6c:0c:01:
05:a3:05:92:79:28:45:27:63:50:38:49:6b:0e:87:c7:1f:bc:
a1:29:cb:88:d0:a8:d9:ef:7e:26:4c:bf:0d:52:02:3c:30:a3:
41:4d:2d:25:1f:cc:5a:66:b2:3c:dd:be:4e:85:2b:17:c9:43:
92:f4:2b:25:f9:9a:fd:91:e5:94:31:a6:9a:c2:80:94:de:f4:
40:56:de:f7:97:9e:33:b6:55:3d:35:e0:d5:54:43:35:e3:50:
08:49:e4:c2:94:4f:8e:64:4d:c8:bb:c8:5c:b1:51:96:25:7c:
81:82:e3:ad:0a:f7:a2:16:ee:6c:07:15:67:b1:a3:cf:e2:31:
7e:f4:0d:a0:1e:24:2b:d2:18:18:f0:3e:f1:d3:d0:62:6c:34:
6d:14:40:a7:91:29:83:68:78:6d:54:92:24:62:06:91:2a:83:
2b:12:1b:fb:21:49:a6:48:6b:30:dd:34:fe:c4:83:ee:41:d0:
bd:e6:8f:f6
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYVyXrav6DaV6lLDxDoNanjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjUxOTI1NTg1YzdhNDZlMzlhZjU3OWY2Y2EyYzBiNTVmYjU3ZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjG7Ybayu1VeJAbPgo60zqCPYRsh
xqV7xvrvID/ZZl8FfbMJKsd/GkviOkDlK+YWvJ4pwiCE8EpElzIuQ/ynGXCqoxvG
st2d/R/lJqiF3YoaR1wASKwjtNcpaMs+ZQfB6DHVhmKyfvooy7WL1DshQMLtyFPH
BPRNexq0Ad4jfx6fmWbBXiPLXTpnCLQRWl9H5s0EDo90xulaqQQKMmXD+LATY5/F
b9f4NsmI5/pB+DZ9CNM/n39v34+cZMXpx9v2TmfWFgf9kpSKWKJ+2XAszvGTW8Ir
flDmP462w42R7qFdfNLHr5LvaahCauy3NRKsui+72WrBLbHxvnogveRT/wIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFO9RklWFx6RuOa9Xn2yiwLVftX1CMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvNzFHU1ZZWEhwRzQ1cjFlZmJLTEF0Vi0xZlVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgwDAME
A2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQBaO8KAwQAaO8cAwQBaO8e
AwQAaO8sAwQAaO9JMAwDBABo70sDBABo704wDAMEBGjvUAMEAGjvUgMEAGjvVgME
AGjvWAMEAWjvWgMEAGjvXgMEAGjvYgMEAGjvZTAMAwQDaO9oAwQAaO9sAwQAaO9v
MAwDBAJo73wDBABo734DBACKgJ0DBADYrUwDBADYrVIwDAMEAditZgMEANitbgME
ANiteDANBgkqhkiG9w0BAQsFAAOCAQEACS3cAgmIjUAyaR5wbsXWipcYwIneMPHw
G9w5AVnNplr9DT3Qpd1uLzeVRVC5NXWSLpQcTFaUAUrDhIM5qSXxBK7LXIs/bAwB
BaMFknkoRSdjUDhJaw6Hxx+8oSnLiNCo2e9+Jky/DVICPDCjQU0tJR/MWmayPN2+
ToUrF8lDkvQrJfma/ZHllDGmmsKAlN70QFbe95eeM7ZVPTXg1VRDNeNQCEnkwpRP
jmRNyLvIXLFRliV8gYLjrQr3ohbubAcVZ7Gjz+IxfvQNoB4kK9IYGPA+8dPQYmw0
bRRAp5Epg2h4bVSSJGIGkSqDKxIb+yFJpkhrMN00/sSD7kHQveaP9g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org