Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AkuTkscbZpFLCQxQMsX1fDUck0o.roa
File: AkuTkscbZpFLCQxQMsX1fDUck0o.roa (raw, json)
Hash identifier: ir4UpfVYjI8lDGKaK7Mpy+WDfbPJdCed1Ax5674I7qE=
Subject key identifier: 02:4B:93:92:C7:1B:66:91:4B:09:0C:50:32:C5:F5:7C:35:1C:93:4A
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018B42447DF503C09C9BF81C317975C32057
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AkuTkscbZpFLCQxQMsX1fDUck0o.roa
Signing time: Wed 18 Oct 2023 10:11:06 +0000
ROA not before: Wed 18 Oct 2023 10:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50304
IP address blocks: 64.137.64.0/23 maxlen: 23
104.143.252.0/24 maxlen: 24
64.137.68.0/24 maxlen: 24
104.239.52.0/23 maxlen: 23
64.137.79.0/24 maxlen: 24
64.137.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:44:7d:f5:03:c0:9c:9b:f8:1c:31:79:75:c3:20:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 18 10:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=024b9392c71b66914b090c5032c5f57c351c934a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:36:54:f7:30:5e:b4:c7:c1:fa:9e:e9:14:e1:
1a:b4:a5:75:ae:9b:8b:a6:97:2e:29:c4:04:24:ef:
d4:42:25:2b:87:94:5d:0a:7d:c7:6e:92:55:57:93:
69:16:67:13:da:b7:1b:76:23:13:2b:93:15:46:d3:
62:44:0e:ca:7e:35:47:d7:db:62:c4:40:aa:90:4c:
bd:de:06:a7:d1:64:f3:68:66:2b:4e:c7:81:bc:11:
9e:52:6a:f3:5d:7e:3f:ff:45:83:41:9b:2f:43:df:
e9:85:cd:b9:49:fa:f4:c6:19:99:ca:74:46:3f:9f:
55:67:f6:ea:27:f6:9e:b1:67:58:08:04:39:51:87:
5e:7a:5c:1e:3c:91:93:67:f6:a0:76:c4:c1:96:23:
6c:72:9a:01:2f:be:3c:3f:57:af:1e:04:84:0b:af:
35:15:c9:f9:b8:8a:4b:76:d1:f8:a7:cb:ed:a8:31:
d4:4b:a4:73:ea:3d:9e:5d:b3:6a:20:8a:bb:35:93:
cc:b1:22:06:4d:16:f7:08:b7:9c:25:97:2d:85:0a:
b4:d0:8a:c1:4b:05:1d:7a:7c:c6:af:ba:8d:61:cd:
d3:32:f6:56:8f:f2:1e:a3:6a:90:2f:32:e2:f6:50:
76:1c:74:ba:de:51:fa:1a:70:51:73:21:db:a7:e8:
85:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:4B:93:92:C7:1B:66:91:4B:09:0C:50:32:C5:F5:7C:35:1C:93:4A
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AkuTkscbZpFLCQxQMsX1fDUck0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.64.0/23
64.137.68.0/24
64.137.79.0/24
64.137.87.0/24
104.143.252.0/24
104.239.52.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:a3:7b:2c:f9:7a:67:17:68:c0:45:c1:6d:f1:8f:ca:09:4a:
d2:d5:29:3b:28:47:b5:1b:2d:3c:c1:7f:e0:96:33:87:5d:00:
49:a4:21:7e:81:35:3a:d3:d3:73:b9:75:67:42:0e:93:26:57:
d9:6d:09:e8:26:8f:2f:0d:d5:c4:1f:28:be:36:f4:2c:0e:ae:
0c:6a:47:ed:0b:fb:87:4e:9f:4c:70:66:20:21:90:11:b9:77:
7c:57:26:ff:c6:a7:b1:0b:e0:25:14:6c:96:75:55:a8:13:4e:
8b:b4:fa:03:e6:5e:d9:54:36:ab:90:af:28:88:c1:86:ef:18:
ce:a6:30:44:c0:15:98:b6:66:86:6a:f0:32:2d:94:5c:96:f3:
a2:10:39:e1:da:1d:5c:f1:79:55:e4:c0:64:22:59:2f:a6:0a:
4f:c7:5a:79:24:40:0f:72:43:2a:57:1f:19:71:0c:a7:22:7e:
bd:1f:8e:39:31:de:6c:74:6b:22:b1:b0:e6:df:fb:f9:cc:44:
92:e5:f8:f7:3c:b5:90:2c:3d:30:2f:39:73:0c:2f:55:f4:1a:
1f:0e:3c:8c:37:37:be:86:12:2b:eb:76:56:c9:91:dc:32:61:
02:e8:c9:01:78:ba:81:ca:ad:5b:38:e3:08:6b:f6:c7:a7:a3:
56:9a:2b:83
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYtCRH31A8Ccm/gcMXl1wyBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMxMDE4MTAxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjRiOTM5MmM3MWI2NjkxNGIwOTBjNTAzMmM1ZjU3YzM1MWM5MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjZU9zBetMfB+p7pFOEatKV1rpuL
ppcuKcQEJO/UQiUrh5RdCn3HbpJVV5NpFmcT2rcbdiMTK5MVRtNiRA7KfjVH19ti
xECqkEy93gan0WTzaGYrTseBvBGeUmrzXX4//0WDQZsvQ9/phc25Sfr0xhmZynRG
P59VZ/bqJ/aesWdYCAQ5UYdeelwePJGTZ/agdsTBliNscpoBL748P1evHgSEC681
Fcn5uIpLdtH4p8vtqDHUS6Rz6j2eXbNqIIq7NZPMsSIGTRb3CLecJZcthQq00IrB
SwUdenzGr7qNYc3TMvZWj/Ieo2qQLzLi9lB2HHS63lH6GnBRcyHbp+iFYQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAJLk5LHG2aRSwkMUDLF9Xw1HJNKMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQWt1VGtzY2JacEZMQ1F4UU1zWDFmRFVjazBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBQIlAAwQA
QIlEAwQAQIlPAwQAQIlXAwQAaI/8AwQBaO80MA0GCSqGSIb3DQEBCwUAA4IBAQBM
o3ss+XpnF2jARcFt8Y/KCUrS1Sk7KEe1Gy08wX/gljOHXQBJpCF+gTU609NzuXVn
Qg6TJlfZbQnoJo8vDdXEHyi+NvQsDq4MakftC/uHTp9McGYgIZARuXd8Vyb/xqex
C+AlFGyWdVWoE06LtPoD5l7ZVDarkK8oiMGG7xjOpjBEwBWYtmaGavAyLZRclvOi
EDnh2h1c8XlV5MBkIlkvpgpPx1p5JEAPckMqVx8ZcQynIn69H445Md5sdGsisbDm
3/v5zESS5fj3PLWQLD0wLzlzDC9V9BofDjyMNze+hhIr63ZWyZHcMmEC6MkBeLqB
yq1bOOMIa/bHp6NWmiuD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org