Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9wT0wvw4FALYaXD94_Y3QiApH-I.roa
File: 9wT0wvw4FALYaXD94_Y3QiApH-I.roa (raw, json)
Hash identifier: VBY0Bnv6VKwFJRmcxryBZfU3NgXopb/jrgD9Qk3Tlm0=
Subject key identifier: F7:04:F4:C2:FC:38:14:02:D8:69:70:FD:E3:F6:37:42:20:29:1F:E2
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185E9A0960B903A4DC3D45F907FE2A5B458
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9wT0wvw4FALYaXD94_Y3QiApH-I.roa
Signing time: Wed 25 Jan 2023 15:51:33 +0000
ROA not before: Wed 25 Jan 2023 15:51:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.239.28.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.88.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:a0:96:0b:90:3a:4d:c3:d4:5f:90:7f:e2:a5:b4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 25 15:51:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f704f4c2fc381402d86970fde3f6374220291fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6f:32:5e:58:63:dc:e4:b5:39:91:c8:81:3d:
a0:8f:09:ab:05:aa:e4:30:10:fb:9b:42:48:af:c5:
1e:8e:9a:74:41:ab:5f:ce:1c:de:f6:6a:1c:95:a2:
73:43:96:90:9d:2f:d9:55:35:61:c5:4f:ad:b7:d6:
c1:4e:8a:5f:f7:a9:1a:00:d8:29:db:98:85:db:56:
65:78:b9:a0:99:b8:df:33:a1:fd:84:e0:ec:ab:6f:
c1:ef:b2:6f:08:f8:88:f7:01:ff:13:9b:22:0e:34:
f5:3c:b2:13:9b:dd:d4:8d:de:17:e2:8c:39:b6:d4:
46:b7:fa:7b:91:82:c4:29:8c:e6:6b:11:9e:8f:c8:
6e:08:ed:1e:55:d0:84:1b:d3:bd:c3:a9:71:55:19:
24:51:a1:cb:c8:c2:1a:6e:d8:7f:4f:de:b4:1a:dc:
d0:c6:f6:2c:d6:e9:91:30:24:8c:59:b3:d1:6c:5e:
36:51:ad:52:c6:7c:51:8e:79:c6:ca:08:de:23:53:
c0:f5:0e:99:ce:b0:7b:a9:4c:41:84:08:52:9b:2f:
ce:56:fe:1e:fa:1d:77:2c:80:06:4a:c6:8a:34:9e:
78:81:69:ad:74:c2:dc:88:f5:8a:9b:74:25:16:bc:
20:6b:86:b7:24:63:cf:78:49:1c:c5:d2:ac:47:2e:
fe:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:04:F4:C2:FC:38:14:02:D8:69:70:FD:E3:F6:37:42:20:29:1F:E2
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9wT0wvw4FALYaXD94_Y3QiApH-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0/24
104.239.78.0/24
104.239.80.0/23
104.239.88.0/24
104.239.94.0/24
104.239.104.0/22
104.239.111.0/24
104.239.124.0-104.239.126.255
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0/24
216.173.104.0/22
216.173.110.0/24
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
42:e5:df:74:fa:c2:f9:af:f1:41:cb:97:2f:1e:75:19:b9:36:
11:36:77:5b:7c:5d:02:cb:bb:55:5e:60:5e:e3:14:92:6e:f9:
96:74:66:13:6e:17:e2:41:16:4a:f3:15:69:0e:dd:f4:19:9c:
87:5d:46:1f:ce:be:21:e3:91:56:34:b8:cd:0c:ec:f8:35:8e:
ff:94:c8:01:ee:37:22:b2:fe:b5:56:66:93:0d:2a:4b:f5:7e:
0b:d4:33:c8:20:0e:1f:50:8b:e0:1b:07:fd:4c:a2:92:72:5e:
88:78:0e:da:b4:da:39:81:a0:c1:84:f2:f2:07:76:d5:1f:59:
66:de:ae:c8:ac:f7:0a:d8:d9:53:df:f2:2b:6f:58:3b:a7:91:
7d:f4:51:a4:c5:8b:5b:66:44:76:23:49:71:e5:df:f4:91:36:
53:20:80:ca:21:28:75:dd:42:bd:3d:e5:85:4e:ab:82:ff:b5:
ea:b6:ff:45:27:09:a6:7e:a0:51:4c:66:bf:c1:c9:f8:e2:eb:
91:94:4e:a8:8a:bf:e9:43:f5:13:57:2a:d5:81:2b:8d:9d:76:
97:6c:9f:d9:b8:e4:07:da:69:52:e8:8f:2c:59:64:8e:a6:6d:
5b:aa:91:93:5f:2f:de:e6:f2:6d:35:4b:ac:1e:37:c8:86:1f:
d9:30:c5:7d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYXpoJYLkDpNw9RfkH/ipbRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTI1MTU1MTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzA0ZjRjMmZjMzgxNDAyZDg2OTcwZmRlM2Y2Mzc0MjIwMjkxZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3m8yXlhj3OS1OZHIgT2gjwmrBark
MBD7m0JIr8Uejpp0Qatfzhze9moclaJzQ5aQnS/ZVTVhxU+tt9bBTopf96kaANgp
25iF21ZleLmgmbjfM6H9hODsq2/B77JvCPiI9wH/E5siDjT1PLITm93Ujd4X4ow5
ttRGt/p7kYLEKYzmaxGej8huCO0eVdCEG9O9w6lxVRkkUaHLyMIabth/T960GtzQ
xvYs1umRMCSMWbPRbF42Ua1SxnxRjnnGygjeI1PA9Q6ZzrB7qUxBhAhSmy/OVv4e
+h13LIAGSsaKNJ54gWmtdMLciPWKm3QlFrwga4a3JGPPeEkcxdKsRy7+6QIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFPcE9ML8OBQC2Glw/eP2N0IgKR/iMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvOXdUMHd2dzRGQUxZYVhEOTRfWTNRaUFwSC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIwDAME
A2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQBaO8KAwQAaO8cAwQBaO8e
AwQAaO8sAwQAaO9JAwQAaO9LAwQAaO9OAwQBaO9QAwQAaO9YAwQAaO9eAwQCaO9o
AwQAaO9vMAwDBAJo73wDBABo734DBACKgJ0DBADYrUwDBADYrVIDBADYrWYDBALY
rWgDBADYrW4DBADYrXgwDQYJKoZIhvcNAQELBQADggEBAELl33T6wvmv8UHLly8e
dRm5NhE2d1t8XQLLu1VeYF7jFJJu+ZZ0ZhNuF+JBFkrzFWkO3fQZnIddRh/OviHj
kVY0uM0M7Pg1jv+UyAHuNyKy/rVWZpMNKkv1fgvUM8ggDh9Qi+AbB/1MopJyXoh4
Dtq02jmBoMGE8vIHdtUfWWbersis9wrY2VPf8itvWDunkX30UaTFi1tmRHYjSXHl
3/SRNlMggMohKHXdQr095YVOq4L/teq2/0UnCaZ+oFFMZr/Byfji65GUTqiKv+lD
9RNXKtWBK42ddpdsn9m45AfaaVLojyxZZI6mbVuqkZNfL97m8m01S6weN8iGH9kw
xX0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org