Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/8dAXJyWMXDSFIq8DmK7QrsrYR5Q.roa
File: 8dAXJyWMXDSFIq8DmK7QrsrYR5Q.roa (raw, json)
Hash identifier: BpC8Kp9TalDv0Pl4iGKVk0KKjbz6P1D8oPH4ZzYIirc=
Subject key identifier: F1:D0:17:27:25:8C:5C:34:85:22:AF:03:98:AE:D0:AE:CA:D8:47:94
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794CEEDD05559EC06F74C758CA5C5AB
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/8dAXJyWMXDSFIq8DmK7QrsrYR5Q.roa
Signing time: Tue 02 Jan 2024 00:31:07 +0000
ROA not before: Tue 02 Jan 2024 00:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133944
IP address blocks: 64.137.124.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
64.137.66.0/24 maxlen: 24
64.137.91.0/24 maxlen: 24
64.137.86.0/24 maxlen: 24
64.137.88.0/24 maxlen: 24
64.137.104.0/24 maxlen: 24
64.137.103.0/24 maxlen: 24
64.137.106.0/24 maxlen: 24
64.137.108.0/24 maxlen: 24
64.137.112.0/24 maxlen: 24
64.137.118.0/24 maxlen: 24
104.239.86.0/24 maxlen: 24
64.137.17.0/24 maxlen: 24
216.173.84.0/24 maxlen: 24
64.137.38.0/24 maxlen: 24
216.173.87.0/24 maxlen: 24
104.143.229.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
138.128.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 10:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ce:ed:d0:55:59:ec:06:f7:4c:75:8c:a5:c5:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1d01727258c5c348522af0398aed0aecad84794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:df:20:c0:4d:ff:75:17:02:96:b5:d7:c3:f1:
c1:61:ee:2e:19:6c:86:eb:6c:47:d9:55:98:66:ab:
93:f4:7b:b5:8c:45:3f:14:91:24:ad:89:87:76:d5:
12:84:07:79:45:c8:8b:23:92:3e:30:cc:ba:40:87:
d7:66:67:68:80:35:47:58:cf:e7:c3:3b:a1:4c:86:
69:5e:ee:73:cf:94:f2:af:85:50:9c:89:a3:20:88:
b7:c7:67:84:de:b5:05:11:54:8f:ad:a8:da:f6:56:
34:2c:28:92:ef:69:0c:8e:56:a9:dc:cd:15:5d:13:
b2:e9:39:53:6f:21:df:73:54:e7:95:24:b4:4f:2c:
44:2e:38:3e:19:60:8d:4b:9f:e9:7c:ee:fd:5e:7a:
53:d0:7f:b3:14:12:89:95:8d:ca:dd:30:51:67:24:
55:f0:2a:ee:f3:18:20:79:4e:cf:1c:3e:e1:bd:e6:
d4:f7:6d:00:83:2d:0a:7b:e5:78:29:3b:0c:a7:21:
27:55:6d:f7:a1:88:ef:12:60:b6:34:f7:5b:0b:43:
b7:80:29:bf:29:0c:4b:a4:f9:c6:c3:31:42:4e:81:
40:2b:36:36:2d:69:97:04:0e:02:c0:60:88:aa:6f:
e2:ef:0b:59:5a:b6:ce:e6:8e:27:6e:d9:14:e3:78:
7c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D0:17:27:25:8C:5C:34:85:22:AF:03:98:AE:D0:AE:CA:D8:47:94
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/8dAXJyWMXDSFIq8DmK7QrsrYR5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.17.0/24
64.137.38.0/24
64.137.66.0/24
64.137.86.0/24
64.137.88.0/24
64.137.91.0/24
64.137.103.0-64.137.104.255
64.137.106.0/24
64.137.108.0/24
64.137.112.0/24
64.137.118.0/24
64.137.124.0/24
104.143.229.0/24
104.239.86.0/24
104.239.101.0/24
104.239.108.0/24
138.128.145.0/24
216.173.84.0/24
216.173.87.0/24
216.173.103.0/24
216.173.109.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:ed:d4:12:d4:ac:f4:a0:26:a2:a2:44:dd:75:34:af:f3:4d:
83:2b:19:e6:04:a1:db:3c:71:f3:30:41:30:99:8b:4f:4e:ac:
c7:37:ef:33:a2:2c:25:6f:49:26:5c:e7:4a:15:df:d7:dd:98:
a5:d1:f9:c8:8f:bb:7e:f8:28:3e:ef:50:4a:17:6e:bd:72:e0:
be:c2:6d:3b:ea:1c:8b:7f:da:92:8a:c4:30:0e:5b:c4:46:ca:
8b:a3:c3:81:03:13:22:07:4c:87:82:94:85:41:21:5c:8f:80:
5d:6f:9f:33:2b:bc:e9:ee:90:8e:aa:1f:a3:e3:5e:cd:a0:74:
39:4c:14:89:e0:e2:f4:28:44:ac:78:f9:d5:1d:c1:4c:b3:b7:
6d:f6:44:ed:6e:2e:de:25:85:b7:78:b5:47:8b:a8:cb:9f:07:
5e:52:ae:f5:5f:dd:b3:dd:c6:c2:ef:2e:57:d4:3d:10:17:89:
00:af:15:d2:a3:bd:d0:85:ce:62:48:31:e7:26:4e:c4:4a:5a:
a3:e8:51:8c:cc:88:67:c6:f9:51:84:43:21:39:9f:ea:f9:23:
ad:31:de:cd:ad:97:eb:d5:c0:d7:94:49:73:f9:e5:ab:a3:fb:
e9:41:e1:cf:7b:21:ab:fb:cb:d3:4e:92:a7:c9:ea:9f:0e:29:
35:c1:4e:5d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYzHlM7t0FVZ7Ab3THWMpcWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQwMTcyNzI1OGM1YzM0ODUyMmFmMDM5OGFlZDBhZWNhZDg0Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt8gwE3/dRcClrXXw/HBYe4uGWyG
62xH2VWYZquT9Hu1jEU/FJEkrYmHdtUShAd5RciLI5I+MMy6QIfXZmdogDVHWM/n
wzuhTIZpXu5zz5Tyr4VQnImjIIi3x2eE3rUFEVSPraja9lY0LCiS72kMjlap3M0V
XROy6TlTbyHfc1TnlSS0TyxELjg+GWCNS5/pfO79XnpT0H+zFBKJlY3K3TBRZyRV
8Cru8xggeU7PHD7hvebU920Agy0Ke+V4KTsMpyEnVW33oYjvEmC2NPdbC0O3gCm/
KQxLpPnGwzFCToFAKzY2LWmXBA4CwGCIqm/i7wtZWrbO5o4nbtkU43h81wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFPHQFycljFw0hSKvA5iu0K7K2EeUMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvOGRBWEp5V01YRFNGSXE4RG1LN1Fyc3JZUjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBABA
iREDBABAiSYDBABAiUIDBABAiVYDBABAiVgDBABAiVswDAMEAECJZwMEAECJaAME
AECJagMEAECJbAMEAECJcAMEAECJdgMEAECJfAMEAGiP5QMEAGjvVgMEAGjvZQME
AGjvbAMEAIqAkQMEANitVAMEANitVwMEANitZwMEANitbTANBgkqhkiG9w0BAQsF
AAOCAQEAne3UEtSs9KAmoqJE3XU0r/NNgysZ5gSh2zxx8zBBMJmLT06sxzfvM6Is
JW9JJlznShXf192YpdH5yI+7fvgoPu9QShduvXLgvsJtO+oci3/akorEMA5bxEbK
i6PDgQMTIgdMh4KUhUEhXI+AXW+fMyu86e6Qjqofo+NezaB0OUwUieDi9ChErHj5
1R3BTLO3bfZE7W4u3iWFt3i1R4uoy58HXlKu9V/ds93Gwu8uV9Q9EBeJAK8V0qO9
0IXOYkgx5yZOxEpao+hRjMyIZ8b5UYRDITmf6vkjrTHeza2X69XA15RJc/nlq6P7
6UHhz3shq/vL006Sp8nqnw4pNcFOXQ==
-----END CERTIFICATE-----
Generated at Fri Mar 22 13:35:24 2024 by rpki-client on console-ams.rpki-client.org