Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AOf0MZWHENn-rznfYFf9XXx0HhU.roa
File: AOf0MZWHENn-rznfYFf9XXx0HhU.roa (raw, json)
Hash identifier: OczPz4CedC4XjQ4jLfKS5ZFZy5hnfB0PcWugRR364es=
Subject key identifier: 00:E7:F4:31:95:87:10:D9:FE:AF:39:DF:60:57:FD:5D:7C:74:1E:15
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794CDDC0718A854F848D199B83BEA64
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AOf0MZWHENn-rznfYFf9XXx0HhU.roa
Signing time: Tue 02 Jan 2024 00:31:07 +0000
ROA not before: Tue 02 Jan 2024 00:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50304
IP address blocks: 64.137.64.0/23 maxlen: 23
104.143.252.0/24 maxlen: 24
64.137.68.0/24 maxlen: 24
104.239.52.0/23 maxlen: 23
64.137.79.0/24 maxlen: 24
64.137.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 15:06:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:cd:dc:07:18:a8:54:f8:48:d1:99:b8:3b:ea:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00e7f431958710d9feaf39df6057fd5d7c741e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:9e:b6:50:47:94:fe:b5:c7:7f:50:2a:33:
59:ef:72:4f:df:23:d1:c8:3a:2b:97:41:30:b2:cc:
ae:4f:04:5a:39:da:cc:76:89:f9:95:20:ea:8d:f8:
51:32:fc:b7:07:72:0e:f6:b2:ed:47:ee:d5:13:e0:
62:67:39:e0:3c:05:6c:b7:a1:c6:00:35:93:de:02:
bc:99:5d:1f:37:d1:40:35:1a:77:d3:b5:d5:d3:f3:
83:07:97:08:2a:cd:06:24:92:ee:39:64:1f:85:4b:
e4:50:3b:1e:33:ab:e5:0a:41:77:fe:db:d3:6c:0f:
9a:11:ba:5e:5c:3c:1f:21:6b:66:b9:bb:c9:53:51:
f0:13:c8:28:fd:24:66:58:bb:39:de:67:da:70:ba:
73:91:f7:2e:5b:82:af:63:2e:dc:96:83:f3:99:e9:
95:3e:d6:99:cb:1c:04:e5:eb:96:83:d8:be:a9:cd:
d1:f7:50:9d:28:4b:fc:26:17:d4:e7:df:ac:63:e4:
e5:ab:e1:00:74:ef:48:90:0f:59:fc:d8:e0:8e:48:
6b:4d:8f:89:9a:1a:43:9d:a0:4f:b5:2f:99:3b:31:
6b:ce:ae:75:de:47:df:df:5b:b9:72:79:fb:4d:71:
0c:96:c0:fa:ac:3d:45:f5:0b:c9:58:56:00:1d:35:
ec:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E7:F4:31:95:87:10:D9:FE:AF:39:DF:60:57:FD:5D:7C:74:1E:15
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AOf0MZWHENn-rznfYFf9XXx0HhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.64.0/23
64.137.68.0/24
64.137.79.0/24
64.137.87.0/24
104.143.252.0/24
104.239.52.0/23
Signature Algorithm: sha256WithRSAEncryption
36:f2:63:36:3d:ed:c7:fe:d5:08:7e:98:22:3d:1b:e6:50:46:
e5:49:5f:2e:d2:a7:3b:43:13:a4:fd:fd:c6:86:a6:0a:05:bd:
2e:36:3c:69:79:50:be:cf:ae:14:82:30:c0:69:3e:69:0c:ac:
89:61:23:78:d3:7c:b0:23:3a:6d:b8:4b:14:c9:de:b6:cf:44:
53:19:31:f8:66:4c:76:d8:23:9a:1f:b7:e7:88:fb:1b:31:5e:
9b:43:3a:e8:a5:e6:84:55:6e:d1:43:76:64:93:67:e7:a4:bb:
a6:7e:c8:01:90:b5:22:3b:34:9e:d0:87:7d:99:2f:ed:6a:59:
cc:ce:50:32:f6:74:96:c7:76:5f:62:14:24:fc:aa:7b:b3:5a:
b8:93:a7:aa:f6:6a:7d:c8:31:7d:f0:77:b5:86:6a:a6:2d:cf:
fc:2f:c9:86:96:1b:bd:96:74:ac:de:b9:49:96:8d:04:b6:60:
47:2e:66:1b:0f:19:a2:a3:40:68:4d:16:d6:ce:3c:d6:99:fb:
c4:b7:cc:1a:e9:6c:98:b3:2a:51:c0:fb:94:d6:00:13:be:00:
f3:a4:3d:76:46:8b:97:d5:4a:b6:26:f8:6f:36:a8:f6:a7:08:
a1:64:3d:4f:2e:b1:49:46:8c:50:01:a8:05:74:0e:7f:56:e9:
75:a9:1e:c9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHlM3cBxioVPhI0Zm4O+pkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGU3ZjQzMTk1ODcxMGQ5ZmVhZjM5ZGY2MDU3ZmQ1ZDdjNzQxZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGKetlBHlP61x39QKjNZ73JP3yPR
yDorl0EwssyuTwRaOdrMdon5lSDqjfhRMvy3B3IO9rLtR+7VE+BiZzngPAVst6HG
ADWT3gK8mV0fN9FANRp307XV0/ODB5cIKs0GJJLuOWQfhUvkUDseM6vlCkF3/tvT
bA+aEbpeXDwfIWtmubvJU1HwE8go/SRmWLs53mfacLpzkfcuW4KvYy7cloPzmemV
PtaZyxwE5euWg9i+qc3R91CdKEv8JhfU59+sY+Tlq+EAdO9IkA9Z/NjgjkhrTY+J
mhpDnaBPtS+ZOzFrzq513kff31u5cnn7TXEMlsD6rD1F9QvJWFYAHTXsrQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFADn9DGVhxDZ/q8532BX/V18dB4VMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQU9mME1aV0hFTm4tcnpuZllGZjlYWHgwSGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBQIlAAwQA
QIlEAwQAQIlPAwQAQIlXAwQAaI/8AwQBaO80MA0GCSqGSIb3DQEBCwUAA4IBAQA2
8mM2Pe3H/tUIfpgiPRvmUEblSV8u0qc7QxOk/f3GhqYKBb0uNjxpeVC+z64UgjDA
aT5pDKyJYSN403ywIzptuEsUyd62z0RTGTH4Zkx22COaH7fniPsbMV6bQzropeaE
VW7RQ3Zkk2fnpLumfsgBkLUiOzSe0Id9mS/talnMzlAy9nSWx3ZfYhQk/Kp7s1q4
k6eq9mp9yDF98He1hmqmLc/8L8mGlhu9lnSs3rlJlo0EtmBHLmYbDxmio0BoTRbW
zjzWmfvEt8wa6WyYsypRwPuU1gATvgDzpD12RouX1Uq2JvhvNqj2pwihZD1PLrFJ
RoxQAagFdA5/Vul1qR7J
-----END CERTIFICATE-----
Generated at Thu Apr 4 20:08:12 2024 by rpki-client on console-ams.rpki-client.org