Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9aOxL-nh4UUt-_IMi9OOHGvoDSM.roa
File: 9aOxL-nh4UUt-_IMi9OOHGvoDSM.roa (raw, json)
Hash identifier: J1J5UkOnr2+zzFl2RgQKc7WxOvurg01xoH8hgRVMBD4=
Subject key identifier: F5:A3:B1:2F:E9:E1:E1:45:2D:FB:F2:0C:8B:D3:8E:1C:6B:E8:0D:23
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018D145902748B83B570DB2EDA9287C1C447
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9aOxL-nh4UUt-_IMi9OOHGvoDSM.roa
Signing time: Tue 16 Jan 2024 22:16:34 +0000
ROA not before: Tue 16 Jan 2024 22:16:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 104.233.60.0/24 maxlen: 24
104.233.61.0/24 maxlen: 24
104.233.62.0/24 maxlen: 24
104.233.63.0/24 maxlen: 24
104.238.26.0/24 maxlen: 24
104.238.29.0/24 maxlen: 24
104.239.47.0/24 maxlen: 24
104.239.49.0/24 maxlen: 24
104.239.50.0/24 maxlen: 24
104.239.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 09:45:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:14:59:02:74:8b:83:b5:70:db:2e:da:92:87:c1:c4:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 16 22:16:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5a3b12fe9e1e1452dfbf20c8bd38e1c6be80d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ed:38:6c:76:5c:37:c9:76:30:74:1a:c7:5e:
b2:be:c4:ac:b2:25:33:90:1e:d1:67:c5:10:c3:93:
53:32:23:88:eb:f3:9c:aa:d1:9e:46:63:a3:b5:c0:
6c:cb:5d:fa:84:36:2b:00:d7:7b:5e:b4:19:7f:31:
31:bd:06:8f:a7:1d:81:ce:f9:df:db:2d:51:13:0a:
d8:de:45:c8:4e:66:51:72:19:1e:0d:f8:90:69:a1:
e4:e0:f0:f8:9b:7c:4d:ef:8c:e7:4c:c9:b2:3e:17:
29:ac:18:9c:05:e8:61:62:f1:d4:d5:9e:fe:e6:02:
81:c9:12:0a:a4:15:1f:19:c0:5d:16:69:7d:ce:24:
eb:21:4f:e3:d9:c9:17:a1:56:2c:36:82:f6:60:04:
fe:a8:50:2f:88:4d:f4:b4:cf:70:f5:cf:46:8e:3f:
29:a7:b7:cb:db:84:7d:04:ba:f9:14:3b:ab:93:a9:
b0:56:eb:2f:ae:b0:1a:16:45:e6:86:65:67:45:80:
b7:c3:32:69:df:82:e6:5c:fc:55:8c:b3:3a:5a:ea:
37:d3:05:9a:bc:cd:01:58:1b:1c:ce:c1:fa:11:be:
e0:ff:fc:31:85:bf:f6:32:69:7c:58:69:a2:71:7f:
01:ba:31:49:79:56:be:1f:a3:f1:3a:39:0f:ee:e2:
af:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A3:B1:2F:E9:E1:E1:45:2D:FB:F2:0C:8B:D3:8E:1C:6B:E8:0D:23
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9aOxL-nh4UUt-_IMi9OOHGvoDSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.60.0/22
104.238.26.0/24
104.238.29.0/24
104.239.47.0/24
104.239.49.0-104.239.51.255
Signature Algorithm: sha256WithRSAEncryption
38:b4:05:d4:4c:27:25:56:79:66:cc:21:62:c9:7e:e7:db:03:
20:19:7c:c1:7a:95:0c:7d:29:c8:f1:9e:eb:0b:7e:d2:52:97:
56:78:28:1b:8c:48:56:2f:94:51:0a:1b:72:ba:db:e0:7b:64:
b6:46:5c:08:fd:6f:30:2e:fe:0e:96:95:aa:b3:45:fc:1c:59:
1d:0a:7e:b0:21:11:56:7b:7c:8f:85:57:53:01:43:ce:f6:26:
5c:8d:ab:e7:26:a0:93:a5:8f:2f:03:ba:f7:6e:c5:f8:30:80:
03:eb:b4:ee:69:7f:12:f2:60:00:2c:6c:9f:6a:06:a3:27:30:
cf:bc:30:fe:70:52:9b:bf:b3:6c:0f:d5:a5:12:66:76:29:66:
46:41:ee:8a:e9:3c:cd:08:0c:1b:3b:32:71:8f:d7:ea:35:12:
12:de:8d:f2:94:d7:b8:a4:10:92:5e:8d:37:eb:58:01:69:58:
d8:b7:91:df:97:63:17:64:a5:8d:e3:98:9a:ff:5f:ac:40:48:
a4:9f:94:46:1c:05:d3:b2:96:c8:43:a7:6b:67:36:93:3e:b9:
f9:bc:4a:11:ce:f1:b6:05:ee:52:d4:03:59:b8:cd:62:6b:18:
56:72:4e:8a:b9:d4:58:95:dd:56:7d:43:8a:1f:9a:95:f4:3d:
b9:24:5b:70
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY0UWQJ0i4O1cNsu2pKHwcRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTE2MjIxNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWEzYjEyZmU5ZTFlMTQ1MmRmYmYyMGM4YmQzOGUxYzZiZTgwZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO04bHZcN8l2MHQax16yvsSssiUz
kB7RZ8UQw5NTMiOI6/OcqtGeRmOjtcBsy136hDYrANd7XrQZfzExvQaPpx2Bzvnf
2y1REwrY3kXITmZRchkeDfiQaaHk4PD4m3xN74znTMmyPhcprBicBehhYvHU1Z7+
5gKByRIKpBUfGcBdFml9ziTrIU/j2ckXoVYsNoL2YAT+qFAviE30tM9w9c9Gjj8p
p7fL24R9BLr5FDurk6mwVusvrrAaFkXmhmVnRYC3wzJp34LmXPxVjLM6Wuo30wWa
vM0BWBsczsH6Eb7g//wxhb/2Mml8WGmicX8BujFJeVa+H6PxOjkP7uKvIwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPWjsS/p4eFFLfvyDIvTjhxr6A0jMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvOWFPeEwtbmg0VVV0LV9JTWk5T09IR3ZvRFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCaOk8AwQA
aO4aAwQAaO4dAwQAaO8vMAwDBABo7zEDBAJo7zAwDQYJKoZIhvcNAQELBQADggEB
ADi0BdRMJyVWeWbMIWLJfufbAyAZfMF6lQx9KcjxnusLftJSl1Z4KBuMSFYvlFEK
G3K62+B7ZLZGXAj9bzAu/g6WlaqzRfwcWR0KfrAhEVZ7fI+FV1MBQ872JlyNq+cm
oJOljy8DuvduxfgwgAPrtO5pfxLyYAAsbJ9qBqMnMM+8MP5wUpu/s2wP1aUSZnYp
ZkZB7orpPM0IDBs7MnGP1+o1EhLejfKU17ikEJJejTfrWAFpWNi3kd+XYxdkpY3j
mJr/X6xASKSflEYcBdOylshDp2tnNpM+ufm8ShHO8bYF7lLUA1m4zWJrGFZyToq5
1FiV3VZ9Q4ofmpX0PbkkW3A=
-----END CERTIFICATE-----
Generated at Tue Apr 9 12:12:01 2024 by rpki-client on console-ams.rpki-client.org