Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Cf748jl2RYL-b0lCjT-3gaLZJL0.roa
File: Cf748jl2RYL-b0lCjT-3gaLZJL0.roa (raw, json)
Hash identifier: Fa2sH2lwJccBtjapcqGu13BNyWRmL8r7qwzRtUYuf34=
Subject key identifier: 09:FE:F8:F2:39:76:45:82:FE:6F:49:42:8D:3F:B7:81:A2:D9:24:BD
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0186183B5F9829E1D196D5400403457C064C
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Cf748jl2RYL-b0lCjT-3gaLZJL0.roa
Signing time: Fri 03 Feb 2023 17:03:09 +0000
ROA not before: Fri 03 Feb 2023 17:03:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 104.239.92.0/23 maxlen: 23
104.239.98.0/24 maxlen: 24
104.167.0.0/24 maxlen: 24
216.173.122.0/23 maxlen: 23
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.233.20.0/24 maxlen: 24
216.173.84.0/24 maxlen: 24
216.173.80.0/23 maxlen: 23
216.173.88.0/23 maxlen: 23
104.239.13.0/24 maxlen: 24
104.239.16.0/21 maxlen: 21
216.173.103.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.239.32.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:18:3b:5f:98:29:e1:d1:96:d5:40:04:03:45:7c:06:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Feb 3 17:03:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09fef8f239764582fe6f49428d3fb781a2d924bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:65:93:ad:37:3a:f6:a4:a5:05:5d:3d:87:87:
d0:20:44:65:41:da:2c:9c:02:7e:6b:95:ec:56:84:
d8:ba:b4:06:bc:f0:cd:10:eb:bf:fd:65:4c:06:17:
52:a5:c3:57:ee:e6:69:de:78:a6:bf:41:54:d9:ab:
f7:d1:bc:be:4a:ca:e8:d5:11:27:f5:e2:c8:ec:c1:
ff:18:a8:d2:51:6d:00:79:68:36:ac:87:9d:fb:80:
69:c6:96:3c:97:b5:9d:bb:ca:a1:70:18:f4:56:48:
c7:e7:05:b7:87:fd:7c:8f:19:da:1a:1d:b1:14:f2:
53:93:91:73:f9:f3:01:28:b6:e0:d6:3f:27:ef:a5:
ad:d1:44:53:09:4e:2f:06:33:35:a5:38:61:b5:99:
94:96:2e:df:e2:c3:a3:52:9d:82:05:33:4b:18:c1:
5c:77:98:de:7a:54:a8:dd:31:ed:97:a2:70:7b:6e:
4d:49:ae:76:13:28:10:d0:92:e3:fc:76:4b:a2:c4:
3a:89:a4:75:ee:38:a4:74:04:54:88:1f:57:89:db:
ea:66:2a:fa:60:91:8a:cd:f2:cd:cc:ee:ab:c0:02:
75:01:a3:9f:ba:52:38:90:3d:f0:16:4b:ee:10:3d:
3e:a7:4e:6a:34:ff:d5:54:96:d6:df:6e:c1:23:ad:
20:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FE:F8:F2:39:76:45:82:FE:6F:49:42:8D:3F:B7:81:A2:D9:24:BD
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Cf748jl2RYL-b0lCjT-3gaLZJL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.167.0.0/24
104.233.20.0/24
104.239.13.0/24
104.239.16.0/21
104.239.32.0/21
104.239.76.0/23
104.239.82.0/24
104.239.86.0/24
104.239.90.0-104.239.93.255
104.239.98.0/24
216.173.80.0/23
216.173.84.0/24
216.173.88.0/23
216.173.103.0/24
216.173.108.0/23
216.173.122.0/23
Signature Algorithm: sha256WithRSAEncryption
81:e1:06:a6:00:6a:cd:8a:eb:c5:e3:6f:7e:4b:f3:97:b8:6c:
10:35:83:aa:62:70:bc:c7:a9:f3:6a:de:5a:d4:99:2f:32:3c:
58:40:7e:fd:eb:3a:a3:bf:a5:32:68:61:3a:54:ff:cf:8a:e9:
f1:f5:85:0b:90:87:b9:ff:1a:56:5a:0c:0e:9c:3e:bb:c2:b0:
6c:e8:0a:12:3b:90:02:3b:48:21:de:bc:98:67:88:ba:df:2c:
5f:d8:02:2e:65:09:9c:91:60:de:5b:75:25:dd:41:b6:3a:86:
b9:31:51:a0:a9:2b:ba:5f:90:2e:78:0d:f2:c2:38:8d:51:f2:
65:65:ba:ef:07:49:cd:bd:b1:ef:da:eb:c4:cc:87:32:91:63:
5b:1a:8b:0a:7b:23:48:cf:0d:d9:5c:39:95:69:57:b0:33:c6:
6d:53:6c:13:51:87:19:07:16:9b:76:f8:41:2f:50:0a:a3:4f:
d8:01:a6:11:7d:4e:0d:03:32:12:6c:9b:40:e8:7c:87:b8:e9:
7e:74:73:13:c3:40:b4:05:70:ef:7f:04:43:f6:e2:9c:31:40:
d7:9c:2b:ef:f7:1c:df:26:31:e9:e4:b1:12:52:ef:03:ed:c8:
09:5b:c4:3e:d9:1b:64:36:b8:5a:43:4c:96:9b:d3:f8:aa:6e:
d7:53:07:8a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYYYO1+YKeHRltVABANFfAZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMjAzMTcwMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWZlZjhmMjM5NzY0NTgyZmU2ZjQ5NDI4ZDNmYjc4MWEyZDkyNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2WTrTc69qSlBV09h4fQIERlQdos
nAJ+a5XsVoTYurQGvPDNEOu//WVMBhdSpcNX7uZp3nimv0FU2av30by+Ssro1REn
9eLI7MH/GKjSUW0AeWg2rIed+4BpxpY8l7Wdu8qhcBj0VkjH5wW3h/18jxnaGh2x
FPJTk5Fz+fMBKLbg1j8n76Wt0URTCU4vBjM1pThhtZmUli7f4sOjUp2CBTNLGMFc
d5jeelSo3THtl6Jwe25NSa52EygQ0JLj/HZLosQ6iaR17jikdARUiB9XidvqZir6
YJGKzfLNzO6rwAJ1AaOfulI4kD3wFkvuED0+p05qNP/VVJbW327BI60gGwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFAn++PI5dkWC/m9JQo0/t4Gi2SS9MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQ2Y3NDhqbDJSWUwtYjBsQ2pULTNnYUxaSkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAGinAAME
AGjpFAMEAGjvDQMEA2jvEAMEA2jvIAMEAWjvTAMEAGjvUgMEAGjvVjAMAwQBaO9a
AwQBaO9cAwQAaO9iAwQB2K1QAwQA2K1UAwQB2K1YAwQA2K1nAwQB2K1sAwQB2K16
MA0GCSqGSIb3DQEBCwUAA4IBAQCB4QamAGrNiuvF429+S/OXuGwQNYOqYnC8x6nz
at5a1JkvMjxYQH796zqjv6UyaGE6VP/Piunx9YULkIe5/xpWWgwOnD67wrBs6AoS
O5ACO0gh3ryYZ4i63yxf2AIuZQmckWDeW3Ul3UG2Ooa5MVGgqSu6X5AueA3ywjiN
UfJlZbrvB0nNvbHv2uvEzIcykWNbGosKeyNIzw3ZXDmVaVewM8ZtU2wTUYcZBxab
dvhBL1AKo0/YAaYRfU4NAzISbJtA6HyHuOl+dHMTw0C0BXDvfwRD9uKcMUDXnCvv
9xzfJjHp5LESUu8D7cgJW8Q+2RtkNrhaQ0yWm9P4qm7XUweK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org