Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ARkTtufKWZ0gnwVwu35htztJj6E.roa
File: ARkTtufKWZ0gnwVwu35htztJj6E.roa (raw, json)
Hash identifier: EUGtrQ4sEhqCNTUnziWllAKTyKQfNWb0T3PQ3mVWjNM=
Subject key identifier: 01:19:13:B6:E7:CA:59:9D:20:9F:05:70:BB:7E:61:B7:3B:49:8F:A1
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018E89FAE55A613952671399114F070D6907
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ARkTtufKWZ0gnwVwu35htztJj6E.roa
Signing time: Fri 29 Mar 2024 11:31:45 +0000
ROA not before: Fri 29 Mar 2024 11:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 104.222.190.0/24 maxlen: 24
104.249.32.0/22 maxlen: 22
216.173.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Mar 2024 18:23:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:89:fa:e5:5a:61:39:52:67:13:99:11:4f:07:0d:69:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 29 11:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=011913b6e7ca599d209f0570bb7e61b73b498fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:22:89:95:ad:60:24:11:0c:83:0b:07:e0:f6:
d2:42:30:12:d2:a3:66:b9:d9:05:7f:35:b9:df:45:
54:26:94:2f:01:1f:4a:53:71:59:55:a5:1c:9b:b6:
ca:ef:0e:23:f0:5a:7c:bf:ff:80:aa:15:3a:a3:a6:
6f:a9:9a:5c:04:10:88:d6:ec:ba:72:86:03:a4:a4:
6e:45:8c:44:f3:64:ea:28:55:60:1d:4d:f2:72:d9:
97:8b:fa:e0:0a:11:c5:c9:0d:1c:5f:2d:26:94:f4:
a8:e2:c4:39:6f:50:0c:1c:c9:0d:a7:5e:79:51:2e:
12:50:9d:25:b1:94:6b:39:a3:59:d5:b6:54:5f:27:
ad:c2:34:9c:73:bc:e6:9d:31:a1:6a:73:c0:1a:74:
0f:4e:ed:c2:e8:e0:54:70:80:cc:6a:41:d1:d0:d7:
1e:e5:23:05:27:d5:80:12:f8:4f:79:3f:86:dd:9e:
a6:b9:2b:9c:3f:c4:b2:c6:65:3c:56:af:cf:e9:a6:
7d:33:55:ac:df:08:7c:4e:d0:b3:ba:17:db:a5:36:
8e:38:04:da:cc:ef:fc:2e:2c:c9:25:55:74:11:f6:
ad:e9:b7:9d:85:4f:43:20:dc:70:e1:ba:b0:e0:a4:
42:2f:4d:8e:c1:e5:03:04:89:74:71:d1:ca:5a:96:
02:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:19:13:B6:E7:CA:59:9D:20:9F:05:70:BB:7E:61:B7:3B:49:8F:A1
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ARkTtufKWZ0gnwVwu35htztJj6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.222.190.0/24
104.249.32.0/22
216.173.87.0/24
Signature Algorithm: sha256WithRSAEncryption
62:64:ba:08:91:75:73:0b:8e:49:8c:b0:bc:fb:ed:1b:e8:16:
90:66:4a:db:83:fd:8b:da:84:ca:c8:8c:e9:90:66:8c:a1:d8:
6d:cd:6a:44:35:c6:e9:61:0e:f5:ec:dd:9f:09:32:21:05:f6:
8f:8f:cb:7d:c6:66:f1:4c:43:a1:0e:a6:60:9f:eb:a2:d3:3a:
67:14:ea:d2:45:a8:48:cb:10:e2:0e:48:b6:51:51:75:99:d2:
b1:2e:e7:c9:2e:c9:7e:66:55:15:ee:2c:d2:0c:d4:ab:88:91:
86:a3:2f:18:f4:5f:6d:00:70:05:83:c1:d0:f4:0e:64:01:52:
00:ac:68:30:9a:b7:ac:49:6d:39:ea:ef:b9:63:ef:ae:fa:aa:
67:a9:31:7e:2d:9e:dc:a1:8d:46:3e:dc:b1:c4:10:a6:a9:22:
1d:8b:f3:e0:4d:69:2b:35:bd:8b:29:6b:84:2c:fc:78:39:02:
f7:8f:e9:02:e1:02:50:73:f9:f7:34:a9:36:f4:78:a4:a4:1b:
30:a6:d9:f6:e8:7a:1e:50:f3:e7:9c:ad:ee:66:3d:a2:60:06:
ef:ed:7c:f8:93:fb:c2:95:1e:49:e7:14:cb:dd:7b:24:29:cb:
6f:9a:41:ad:a0:7d:c9:75:f0:33:1c:a4:7d:6e:d0:e7:ad:2a:
ca:f3:55:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6J+uVaYTlSZxOZEU8HDWkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMzI5MTEzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTE5MTNiNmU3Y2E1OTlkMjA5ZjA1NzBiYjdlNjFiNzNiNDk4ZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCKJla1gJBEMgwsH4PbSQjAS0qNm
udkFfzW530VUJpQvAR9KU3FZVaUcm7bK7w4j8Fp8v/+AqhU6o6ZvqZpcBBCI1uy6
coYDpKRuRYxE82TqKFVgHU3yctmXi/rgChHFyQ0cXy0mlPSo4sQ5b1AMHMkNp155
US4SUJ0lsZRrOaNZ1bZUXyetwjScc7zmnTGhanPAGnQPTu3C6OBUcIDMakHR0Nce
5SMFJ9WAEvhPeT+G3Z6muSucP8SyxmU8Vq/P6aZ9M1Ws3wh8TtCzuhfbpTaOOATa
zO/8LizJJVV0Efat6bedhU9DINxw4bqw4KRCL02OweUDBIl0cdHKWpYC+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAEZE7bnylmdIJ8FcLt+Ybc7SY+hMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQVJrVHR1ZktXWjBnbndWd3UzNWh0enRKajZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAaN6+AwQC
aPkgAwQA2K1XMA0GCSqGSIb3DQEBCwUAA4IBAQBiZLoIkXVzC45JjLC8++0b6BaQ
Zkrbg/2L2oTKyIzpkGaModhtzWpENcbpYQ717N2fCTIhBfaPj8t9xmbxTEOhDqZg
n+ui0zpnFOrSRahIyxDiDki2UVF1mdKxLufJLsl+ZlUV7izSDNSriJGGoy8Y9F9t
AHAFg8HQ9A5kAVIArGgwmresSW056u+5Y++u+qpnqTF+LZ7coY1GPtyxxBCmqSId
i/PgTWkrNb2LKWuELPx4OQL3j+kC4QJQc/n3NKk29HikpBswptn26HoeUPPnnK3u
Zj2iYAbv7Xz4k/vClR5J5xTL3XskKctvmkGtoH3JdfAzHKR9btDnrSrK81WL
-----END CERTIFICATE-----
Generated at Fri Mar 29 20:57:04 2024 by rpki-client on console-ams.rpki-client.org