Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ACcpyp3bntDag-knrhI2G74KFOw.roa
File: ACcpyp3bntDag-knrhI2G74KFOw.roa (raw, json)
Hash identifier: IX0FNVjHSjeHCPfd5QldC6j9H3cZLNJJyyFsX5eYtdg=
Subject key identifier: 00:27:29:CA:9D:DB:9E:D0:DA:83:E9:27:AE:12:36:1B:BE:0A:14:EC
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0186F583E5A2256D691DEC680D994B79A002
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ACcpyp3bntDag-knrhI2G74KFOw.roa
Signing time: Sat 18 Mar 2023 16:18:27 +0000
ROA not before: Sat 18 Mar 2023 16:18:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 64.137.34.0/23 maxlen: 23
64.137.40.0/23 maxlen: 23
84.246.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 11:43:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f5:83:e5:a2:25:6d:69:1d:ec:68:0d:99:4b:79:a0:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 18 16:18:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=002729ca9ddb9ed0da83e927ae12361bbe0a14ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:97:a2:74:bc:7f:1e:81:be:6e:48:48:ad:98:
34:b4:97:7a:1c:5e:84:2d:e2:d9:fa:10:9b:0c:9f:
60:f9:92:44:53:18:ce:16:ff:52:fe:dd:08:46:64:
1f:5f:20:cc:ae:df:68:d5:73:1f:32:b3:da:11:a2:
74:95:a2:8c:f4:cc:d3:70:62:89:74:ec:0b:53:a9:
47:c2:02:e2:d2:46:da:eb:22:d7:0c:b9:09:3b:25:
f0:c1:3e:8a:41:09:1e:f5:1a:08:56:af:2e:9a:c4:
b1:04:5d:fb:36:89:e4:33:da:7c:69:42:62:2a:4e:
28:77:cf:41:8a:40:21:dd:56:3c:84:a7:56:b3:bf:
fc:88:35:0f:8e:fc:13:ed:8a:80:bd:df:1b:65:e5:
72:e2:57:0c:3d:3b:41:93:6f:54:07:0d:a5:ac:ac:
ee:be:06:22:b9:03:83:18:10:37:f1:52:0c:b7:ea:
2c:b1:85:68:30:b6:6a:61:8c:7a:7a:fd:d9:be:bc:
14:1f:2a:ae:36:c3:76:4c:07:ee:b1:d7:81:d1:c9:
fe:cb:9a:86:f8:0c:1c:cf:d1:b7:d9:f9:e5:f7:b7:
96:9c:19:a6:4d:ee:06:00:26:05:a3:6e:27:b6:f3:
a8:67:9b:ee:35:83:e5:aa:a1:7d:67:e2:d6:c2:da:
2d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:27:29:CA:9D:DB:9E:D0:DA:83:E9:27:AE:12:36:1B:BE:0A:14:EC
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ACcpyp3bntDag-knrhI2G74KFOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.34.0/23
64.137.40.0/23
84.246.108.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:fa:68:40:b2:df:a9:4c:15:10:52:3f:fc:aa:55:61:f7:4d:
04:f5:82:2a:df:33:b9:cc:33:a2:0e:8e:ca:8e:bc:8e:56:49:
18:4b:4c:47:0a:a5:fe:23:d1:9e:d4:3e:a1:00:17:b2:18:2c:
05:3d:02:4d:f3:40:a2:c0:b6:06:c7:59:50:4b:29:d1:f2:e9:
d9:d6:cf:90:0c:36:e2:39:62:42:c5:fb:ce:6f:e1:cb:c9:46:
d8:8c:cb:30:b8:e7:e0:7b:a9:e6:bd:3f:e7:c1:c7:23:3f:a3:
6e:da:81:a6:f8:f1:b2:b3:e6:ae:4a:03:94:80:8b:22:16:ec:
ba:02:39:c6:ea:fc:d3:db:b9:20:c9:f1:b1:43:59:30:7f:2c:
47:09:6f:78:f6:e5:82:a6:73:0f:85:e7:36:8a:8b:4e:ee:2c:
3c:7e:22:d7:7c:da:1f:63:a5:bd:95:a8:87:c7:e8:de:c0:9b:
2c:1b:1e:24:7f:60:da:74:e8:21:7c:cd:91:07:c8:01:d0:11:
26:3b:ae:c9:04:28:d0:b1:47:3c:33:5c:52:26:48:82:5d:7b:
82:e3:83:bc:b2:4b:45:1b:49:a8:d8:59:16:55:6b:9e:67:b4:
cf:92:88:32:c3:5c:1e:5c:eb:8f:12:e9:9b:58:53:cd:85:07:
fe:75:5f:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYb1g+WiJW1pHexoDZlLeaACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMzE4MTYxODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDI3MjljYTlkZGI5ZWQwZGE4M2U5MjdhZTEyMzYxYmJlMGExNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35eidLx/HoG+bkhIrZg0tJd6HF6E
LeLZ+hCbDJ9g+ZJEUxjOFv9S/t0IRmQfXyDMrt9o1XMfMrPaEaJ0laKM9MzTcGKJ
dOwLU6lHwgLi0kba6yLXDLkJOyXwwT6KQQke9RoIVq8umsSxBF37NonkM9p8aUJi
Kk4od89BikAh3VY8hKdWs7/8iDUPjvwT7YqAvd8bZeVy4lcMPTtBk29UBw2lrKzu
vgYiuQODGBA38VIMt+ossYVoMLZqYYx6ev3ZvrwUHyquNsN2TAfusdeB0cn+y5qG
+Awcz9G32fnl97eWnBmmTe4GACYFo24ntvOoZ5vuNYPlqqF9Z+LWwtot5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAAnKcqd257Q2oPpJ64SNhu+ChTsMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQUNjcHlwM2JudERhZy1rbnJoSTJHNzRLRk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBQIkiAwQB
QIkoAwQAVPZsMA0GCSqGSIb3DQEBCwUAA4IBAQBM+mhAst+pTBUQUj/8qlVh900E
9YIq3zO5zDOiDo7KjryOVkkYS0xHCqX+I9Ge1D6hABeyGCwFPQJN80CiwLYGx1lQ
SynR8unZ1s+QDDbiOWJCxfvOb+HLyUbYjMswuOfge6nmvT/nwccjP6Nu2oGm+PGy
s+auSgOUgIsiFuy6AjnG6vzT27kgyfGxQ1kwfyxHCW949uWCpnMPhec2iotO7iw8
fiLXfNofY6W9laiHx+jewJssGx4kf2DadOghfM2RB8gB0BEmO67JBCjQsUc8M1xS
JkiCXXuC44O8sktFG0mo2FkWVWueZ7TPkogyw1weXOuPEumbWFPNhQf+dV/c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:44 2024 by rpki-client on console-ams.rpki-client.org