Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/BUBwdcWLDfc6ER7TuhLOJgucXKk.roa
File: BUBwdcWLDfc6ER7TuhLOJgucXKk.roa (raw, json)
Hash identifier: vCYQsMXXEZjnv+aCNeZSJXwDcP8FHhAOyjp7MpRAQ6Q=
Subject key identifier: 05:40:70:75:C5:8B:0D:F7:3A:11:1E:D3:BA:12:CE:26:0B:9C:5C:A9
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185725EB9123807A33DDFFF42D63012FDF0
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/BUBwdcWLDfc6ER7TuhLOJgucXKk.roa
Signing time: Mon 02 Jan 2023 12:04:48 +0000
ROA not before: Mon 02 Jan 2023 12:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13768
IP address blocks: 104.249.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5e:b9:12:38:07:a3:3d:df:ff:42:d6:30:12:fd:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 12:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05407075c58b0df73a111ed3ba12ce260b9c5ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e1:b7:98:66:3b:2c:7f:ed:36:99:0d:5d:f3:
31:27:02:78:70:b1:48:d7:1f:aa:a1:94:4a:d0:27:
8d:76:b7:c6:d9:5b:e6:95:a8:4f:de:9e:0c:7d:28:
6f:59:53:af:d6:16:55:04:94:63:37:1f:60:be:3a:
1c:53:7e:54:57:fe:f0:2d:91:62:59:78:1f:3e:34:
0d:90:e4:f4:98:20:95:36:8b:f3:ed:07:5d:22:03:
31:4d:22:2f:9c:a3:0f:63:ab:50:35:18:a6:02:70:
95:4b:86:3f:ee:ff:89:33:bb:c0:ea:e4:6c:e3:10:
65:fd:09:86:3f:7d:b8:09:66:ab:6f:a6:cd:07:ad:
29:98:5a:0e:85:61:e0:df:0b:ab:92:ca:02:81:05:
6a:fd:e3:0d:7f:25:f8:db:15:24:50:eb:8c:65:3c:
2d:fc:f5:06:e9:6e:13:6d:48:45:a3:5e:9f:98:76:
31:c8:d2:c3:4e:39:20:7f:cd:fd:f2:76:a3:ab:c1:
61:0b:cf:27:19:53:66:b8:4d:40:3d:8a:7b:61:9b:
a2:b0:01:fc:e4:a1:fa:dc:89:e3:78:7c:51:af:98:
5b:59:7b:29:ae:e5:9d:83:14:ce:92:46:8d:d7:42:
b9:4b:b5:a2:1e:87:70:d7:3f:23:99:87:5f:56:d5:
d8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:40:70:75:C5:8B:0D:F7:3A:11:1E:D3:BA:12:CE:26:0B:9C:5C:A9
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/BUBwdcWLDfc6ER7TuhLOJgucXKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.249.24.0/24
Signature Algorithm: sha256WithRSAEncryption
90:aa:dd:d2:b9:c6:ba:f8:c6:11:66:cb:8b:f8:be:50:a8:60:
6c:66:d6:a0:b0:0e:70:0c:20:30:b4:35:ce:99:d9:48:92:01:
de:06:2a:18:0c:f1:c7:99:f4:77:ec:7e:3e:61:3f:d9:f6:bd:
82:9b:29:bc:a9:ae:3b:f9:9c:a1:c8:2e:09:b9:20:2b:d8:29:
a7:34:85:17:e4:f2:b7:c1:16:f9:05:86:b7:ce:33:04:85:11:
85:37:a0:c6:c1:40:4f:3f:4b:57:4e:84:78:4f:cf:6f:56:93:
8c:68:5b:a5:17:de:cb:73:cf:56:e6:93:64:d0:14:45:40:23:
94:74:fa:3f:79:93:0c:ba:f3:8b:e1:dd:0e:f6:af:b1:90:fa:
34:b7:2e:95:f5:a9:c1:bb:bc:b6:b3:e2:01:6e:dc:2a:bf:b5:
71:23:16:3f:e3:95:c8:fe:7d:c3:ae:32:57:1e:6c:08:74:78:
13:6c:3f:f9:93:81:9d:5d:c2:6d:fc:b6:bb:ad:3c:fb:73:45:
de:ac:61:26:c7:f8:a1:4a:fe:1d:6c:a9:d5:c0:07:b0:bd:bc:
fd:15:7a:d6:a3:04:b1:a7:38:6a:54:24:ec:18:ff:5b:09:11:
1f:18:4c:b6:58:cc:fc:dd:18:a3:9f:7f:e8:5b:e1:43:24:e5:
c3:34:16:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyXrkSOAejPd//QtYwEv3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTQwNzA3NWM1OGIwZGY3M2ExMTFlZDNiYTEyY2UyNjBiOWM1Y2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOG3mGY7LH/tNpkNXfMxJwJ4cLFI
1x+qoZRK0CeNdrfG2VvmlahP3p4MfShvWVOv1hZVBJRjNx9gvjocU35UV/7wLZFi
WXgfPjQNkOT0mCCVNovz7QddIgMxTSIvnKMPY6tQNRimAnCVS4Y/7v+JM7vA6uRs
4xBl/QmGP324CWarb6bNB60pmFoOhWHg3wurksoCgQVq/eMNfyX42xUkUOuMZTwt
/PUG6W4TbUhFo16fmHYxyNLDTjkgf8398najq8FhC88nGVNmuE1APYp7YZuisAH8
5KH63InjeHxRr5hbWXspruWdgxTOkkaN10K5S7WiHodw1z8jmYdfVtXYiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAVAcHXFiw33OhEe07oSziYLnFypMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQlVCd2RjV0xEZmM2RVI3VHVoTE9KZ3VjWEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaPkYMA0G
CSqGSIb3DQEBCwUAA4IBAQCQqt3Suca6+MYRZsuL+L5QqGBsZtagsA5wDCAwtDXO
mdlIkgHeBioYDPHHmfR37H4+YT/Z9r2Cmym8qa47+ZyhyC4JuSAr2CmnNIUX5PK3
wRb5BYa3zjMEhRGFN6DGwUBPP0tXToR4T89vVpOMaFulF97Lc89W5pNk0BRFQCOU
dPo/eZMMuvOL4d0O9q+xkPo0ty6V9anBu7y2s+IBbtwqv7VxIxY/45XI/n3DrjJX
HmwIdHgTbD/5k4GdXcJt/La7rTz7c0XerGEmx/ihSv4dbKnVwAewvbz9FXrWowSx
pzhqVCTsGP9bCREfGEy2WMz83Rijn3/oW+FDJOXDNBYV
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:54 2024 by rpki-client on console-ams.rpki-client.org