Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AM5OGW2nsffyv2M6ZQjtDFg2OJ0.roa
File: AM5OGW2nsffyv2M6ZQjtDFg2OJ0.roa (raw, json)
Hash identifier: k+cMKDTTAdvOni5zCBHuigsJk+7Ujn5cHyjViexQRqM=
Subject key identifier: 00:CE:4E:19:6D:A7:B1:F7:F2:BF:63:3A:65:08:ED:0C:58:36:38:9D
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019561E4D0B2F0A9DA36E8BAB6C4B1AB0E52
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AM5OGW2nsffyv2M6ZQjtDFg2OJ0.roa
Signing time: Tue 04 Mar 2025 16:02:20 +0000
ROA not before: Tue 04 Mar 2025 16:02:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213800
IP address blocks: 104.238.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 10:43:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:61:e4:d0:b2:f0:a9:da:36:e8:ba:b6:c4:b1:ab:0e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 4 16:02:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00ce4e196da7b1f7f2bf633a6508ed0c5836389d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fa:a3:36:84:36:1f:73:eb:49:76:fd:58:a2:
e1:82:8f:5b:ae:77:25:47:82:08:b9:00:09:ab:15:
a1:1b:fe:ab:32:f1:e9:f9:d3:41:56:b6:50:32:45:
af:ea:9c:7b:83:93:0d:e5:4b:06:d0:aa:53:33:a7:
70:54:66:cd:b9:47:f6:59:1f:88:71:ca:6c:a4:e1:
34:df:a0:58:6f:ac:33:a3:ba:b2:f1:da:4d:5e:0e:
b1:6b:52:f4:d6:c5:d3:7a:62:9a:d6:29:56:9f:41:
99:77:8d:87:c5:61:2f:10:f8:71:9c:2e:e0:96:0d:
af:4d:7c:35:a1:ff:07:a9:88:a4:f7:52:8a:78:ac:
57:70:91:58:9f:bd:3a:0c:a0:c5:64:e6:49:bb:ad:
1b:45:8f:53:e8:d5:92:88:c1:da:73:26:7f:1c:ac:
a2:b1:59:71:68:7a:f0:03:e2:f2:64:bb:79:c9:84:
3c:07:38:e1:97:b6:5e:a2:ea:66:22:71:ae:01:c7:
e6:aa:b7:a2:0d:9c:f7:78:b3:33:d6:84:ad:2e:a6:
ad:65:64:e9:78:15:76:17:0a:b6:5e:c6:89:17:99:
2d:f5:67:49:84:28:3b:c9:58:f8:dd:46:fb:b9:c3:
fd:9c:e9:3f:6f:7e:97:fa:da:96:1c:93:95:67:35:
8c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CE:4E:19:6D:A7:B1:F7:F2:BF:63:3A:65:08:ED:0C:58:36:38:9D
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AM5OGW2nsffyv2M6ZQjtDFg2OJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.238.17.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:9d:b6:2c:f7:4d:09:a4:9b:8e:cf:49:69:93:c6:a9:a1:e6:
4d:68:5c:dd:c0:16:70:e9:f9:e0:fa:e8:62:cd:16:50:57:0d:
db:cc:00:a1:ad:26:f9:aa:28:b6:96:3d:52:85:c8:82:77:04:
c9:fb:6f:85:77:49:aa:aa:ee:ce:d1:c9:b1:08:d2:69:ba:c1:
96:c1:ba:77:68:41:10:33:68:e1:de:68:81:42:36:cc:30:3d:
81:9c:43:6b:11:99:87:03:6f:41:98:e9:a1:48:c7:06:a6:7e:
d4:20:df:f9:63:a4:a4:8c:0c:a4:74:f7:80:40:01:d7:2f:35:
41:f7:8e:68:b1:bd:bf:40:8b:c0:6e:6d:cf:73:bf:74:bc:51:
f1:d7:4e:11:d4:15:86:22:61:f4:38:36:6b:2e:90:e0:a6:06:
82:0b:5d:49:7e:35:20:b1:6f:b7:da:52:6e:c2:14:b6:71:e5:
75:a0:cf:37:b7:80:ae:e0:cb:e0:e5:b2:15:62:46:20:da:49:
39:2b:14:88:a9:ac:80:49:55:7c:27:50:9b:ff:ba:66:92:e5:
4f:48:5b:2e:5e:08:45:2b:1b:a8:bb:66:cf:e6:8d:a0:c0:1b:
73:ae:fd:8e:29:ce:28:86:2d:de:72:80:9a:1b:eb:22:e9:c5:
b5:38:5a:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVh5NCy8KnaNui6tsSxqw5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMzA0MTYwMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGNlNGUxOTZkYTdiMWY3ZjJiZjYzM2E2NTA4ZWQwYzU4MzYzODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfqjNoQ2H3PrSXb9WKLhgo9brncl
R4IIuQAJqxWhG/6rMvHp+dNBVrZQMkWv6px7g5MN5UsG0KpTM6dwVGbNuUf2WR+I
ccpspOE036BYb6wzo7qy8dpNXg6xa1L01sXTemKa1ilWn0GZd42HxWEvEPhxnC7g
lg2vTXw1of8HqYik91KKeKxXcJFYn706DKDFZOZJu60bRY9T6NWSiMHacyZ/HKyi
sVlxaHrwA+LyZLt5yYQ8Bzjhl7ZeoupmInGuAcfmqreiDZz3eLMz1oStLqatZWTp
eBV2Fwq2XsaJF5kt9WdJhCg7yVj43Ub7ucP9nOk/b36X+tqWHJOVZzWMIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADOThltp7H38r9jOmUI7QxYNjidMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQU01T0dXMm5zZmZ5djJNNlpRanRERmcyT0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaO4RMA0G
CSqGSIb3DQEBCwUAA4IBAQCLnbYs900JpJuOz0lpk8apoeZNaFzdwBZw6fng+uhi
zRZQVw3bzAChrSb5qii2lj1ShciCdwTJ+2+Fd0mqqu7O0cmxCNJpusGWwbp3aEEQ
M2jh3miBQjbMMD2BnENrEZmHA29BmOmhSMcGpn7UIN/5Y6SkjAykdPeAQAHXLzVB
945osb2/QIvAbm3Pc790vFHx104R1BWGImH0ODZrLpDgpgaCC11JfjUgsW+32lJu
whS2ceV1oM83t4Cu4Mvg5bIVYkYg2kk5KxSIqayASVV8J1Cb/7pmkuVPSFsuXghF
Kxuou2bP5o2gwBtzrv2OKc4ohi3ecoCaG+si6cW1OFrm
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:36:22 2025 by rpki-client