Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/8RD3JabmGNO1WLv8feagKketQvE.roa
File: 8RD3JabmGNO1WLv8feagKketQvE.roa (raw, json)
Hash identifier: KTLu+sWXNb+uyhyayeRsagT4xIl7Oamu+bjIL0fTvGw=
Subject key identifier: F1:10:F7:25:A6:E6:18:D3:B5:58:BB:FC:7D:E6:A0:2A:47:AD:42:F1
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018F4060CD77323ADC5D35D9E9F37FCB4ED4
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/8RD3JabmGNO1WLv8feagKketQvE.roa
Signing time: Fri 03 May 2024 21:33:56 +0000
ROA not before: Fri 03 May 2024 21:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 104.239.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 13:23:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:40:60:cd:77:32:3a:dc:5d:35:d9:e9:f3:7f:cb:4e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 3 21:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f110f725a6e618d3b558bbfc7de6a02a47ad42f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6d:d8:6b:39:8a:ac:9e:4b:6b:26:07:03:45:
ac:d2:f3:fc:71:26:d9:bc:6b:b3:2b:94:76:ae:a2:
02:b1:a2:57:11:c7:c8:91:fa:39:c5:1b:4b:10:8c:
59:3f:38:23:8d:0c:cd:e2:3c:54:41:f6:1f:24:84:
a4:8b:ca:f5:38:1c:0f:32:e5:f4:c8:4f:b5:bd:73:
9b:8c:0a:9b:8e:1c:eb:96:b0:e0:13:78:9d:2a:b3:
12:cd:fa:bf:61:c3:6b:66:83:98:d6:f3:a1:cd:72:
75:38:ad:5e:e8:a4:62:7b:10:da:66:f8:fa:d6:f5:
96:23:48:e9:d4:c1:13:6f:46:d7:41:76:68:26:7b:
54:af:e9:55:af:14:78:ca:73:a3:58:bc:01:32:cb:
b8:65:da:3c:4d:fa:e2:ad:45:7c:1f:d7:78:c8:81:
8c:c1:45:13:89:55:0c:f9:74:1c:e8:5a:a0:10:d3:
c1:53:dc:be:94:d9:4a:b2:05:fd:12:8a:67:11:bc:
05:bc:81:3f:78:ec:33:db:09:3c:6e:8e:6e:b2:28:
06:c5:7c:3c:b3:86:6f:e5:30:f3:39:38:1c:b7:37:
bf:8a:d2:b5:23:a2:bc:04:1d:c5:69:7b:0a:be:c3:
e3:55:6e:3c:65:80:51:4b:c2:66:11:b9:f1:ea:cc:
12:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:10:F7:25:A6:E6:18:D3:B5:58:BB:FC:7D:E6:A0:2A:47:AD:42:F1
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/8RD3JabmGNO1WLv8feagKketQvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.239.67.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:8c:36:83:b1:d8:53:9b:ed:4a:3f:48:72:fb:5c:63:3d:32:
d4:c2:39:18:d4:62:33:ec:8a:25:2b:4b:f4:76:30:b4:2b:7c:
7a:84:43:db:83:c9:b9:73:36:7d:c9:5b:d0:77:a9:92:45:20:
22:8b:26:14:f4:99:b9:55:02:0e:be:8f:2e:f1:2a:fe:81:79:
d0:1f:df:f7:51:56:fb:5d:79:39:e2:7a:db:56:d2:01:54:62:
09:f8:7b:26:ef:08:87:1a:b7:d1:8c:59:cb:64:27:c9:5b:69:
ac:03:98:57:4b:d6:b4:a7:88:f2:26:4f:68:19:6a:89:a6:cc:
75:66:6f:b6:b6:dc:fc:70:23:9e:31:48:ff:c9:ab:39:ae:a3:
e5:11:3a:dc:a4:e4:0e:3c:0e:42:04:51:7b:ff:fe:2b:c1:ee:
b1:c2:82:cb:48:50:0a:ab:9a:c0:7f:5c:ff:ea:01:0a:2f:0e:
6a:b0:fb:bb:cb:43:d4:a1:18:f6:c7:d1:47:ab:7a:87:88:a6:
9a:56:6c:cd:2c:94:3d:ae:35:68:08:9b:54:c1:c4:ea:e9:79:
0d:d4:b4:08:51:01:9e:d0:b5:0d:d3:70:15:21:93:b8:eb:ad:
13:12:63:02:97:f9:22:38:e8:64:4d:5d:19:5a:c7:16:76:2c:
88:fb:06:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9AYM13MjrcXTXZ6fN/y07UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNTAzMjEzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTEwZjcyNWE2ZTYxOGQzYjU1OGJiZmM3ZGU2YTAyYTQ3YWQ0MmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW3YazmKrJ5LayYHA0Ws0vP8cSbZ
vGuzK5R2rqICsaJXEcfIkfo5xRtLEIxZPzgjjQzN4jxUQfYfJISki8r1OBwPMuX0
yE+1vXObjAqbjhzrlrDgE3idKrMSzfq/YcNrZoOY1vOhzXJ1OK1e6KRiexDaZvj6
1vWWI0jp1METb0bXQXZoJntUr+lVrxR4ynOjWLwBMsu4Zdo8TfrirUV8H9d4yIGM
wUUTiVUM+XQc6FqgENPBU9y+lNlKsgX9EopnEbwFvIE/eOwz2wk8bo5usigGxXw8
s4Zv5TDzOTgctze/itK1I6K8BB3FaXsKvsPjVW48ZYBRS8JmEbnx6swSGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPEQ9yWm5hjTtVi7/H3moCpHrULxMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvOFJEM0phYm1HTk8xV0x2OGZlYWdLa2V0UXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaO9DMA0G
CSqGSIb3DQEBCwUAA4IBAQA9jDaDsdhTm+1KP0hy+1xjPTLUwjkY1GIz7IolK0v0
djC0K3x6hEPbg8m5czZ9yVvQd6mSRSAiiyYU9Jm5VQIOvo8u8Sr+gXnQH9/3UVb7
XXk54nrbVtIBVGIJ+Hsm7wiHGrfRjFnLZCfJW2msA5hXS9a0p4jyJk9oGWqJpsx1
Zm+2ttz8cCOeMUj/yas5rqPlETrcpOQOPA5CBFF7//4rwe6xwoLLSFAKq5rAf1z/
6gEKLw5qsPu7y0PUoRj2x9FHq3qHiKaaVmzNLJQ9rjVoCJtUwcTq6XkN1LQIUQGe
0LUN03AVIZO4660TEmMCl/kiOOhkTV0ZWscWdiyI+wa8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org