Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/DRDI3i1ABQY5ggWAR8B2qlpVy9Q.roa
File: DRDI3i1ABQY5ggWAR8B2qlpVy9Q.roa (raw, json)
Hash identifier: bYU18fGCp1jltxF/ASLzKs55G3OJIx9N4SaNVCnTCiE=
Subject key identifier: 0D:10:C8:DE:2D:40:05:06:39:82:05:80:47:C0:76:AA:5A:55:CB:D4
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01889166C79BB1777537F81137C3B82CABDB
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/DRDI3i1ABQY5ggWAR8B2qlpVy9Q.roa
Signing time: Tue 06 Jun 2023 15:50:11 +0000
ROA not before: Tue 06 Jun 2023 15:50:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13886
IP address blocks: 104.238.26.0/24 maxlen: 24
45.150.32.0/22 maxlen: 22
45.43.165.0/24 maxlen: 24
64.137.33.0/24 maxlen: 24
64.137.47.0/24 maxlen: 24
64.137.51.0/24 maxlen: 24
64.137.55.0/24 maxlen: 24
64.137.69.0/24 maxlen: 24
64.137.76.0/24 maxlen: 24
206.124.104.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 07 Jun 2023 16:25:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:66:c7:9b:b1:77:75:37:f8:11:37:c3:b8:2c:ab:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jun 6 15:50:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d10c8de2d4005063982058047c076aa5a55cbd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8d:1b:a4:04:d0:a3:5d:2a:04:78:55:02:83:
ed:ca:c7:26:03:e6:33:40:89:89:bb:32:04:f4:87:
17:e9:42:87:4e:47:fc:99:a5:e5:01:bd:47:d1:b3:
1d:6a:95:31:b7:a0:08:c1:d4:ad:36:4b:4b:bf:5f:
d3:18:68:db:f2:48:4f:38:b9:2b:ce:31:77:14:30:
79:72:67:a5:fe:a9:3c:2a:41:5f:f7:61:94:fc:15:
2e:bd:f6:60:04:79:42:08:f7:d0:2c:f4:1c:46:64:
5f:86:24:e9:51:68:c5:a2:21:4a:88:14:f0:94:3c:
af:75:54:0e:6e:35:88:cf:69:27:62:64:5e:a7:5c:
03:94:6e:49:95:9c:cf:ae:00:ad:b7:bc:c7:22:0d:
96:79:3e:ac:a3:1e:33:ab:21:54:71:98:50:94:e4:
9d:0a:b9:cf:37:29:ec:1d:fe:07:03:5c:8c:d7:78:
48:04:f7:70:22:25:d5:b8:27:67:22:ed:b1:f4:4d:
8a:31:58:2f:cc:07:87:27:a9:f2:fb:87:be:1a:8d:
4c:0b:66:e4:09:b8:92:b5:a0:6d:ea:78:1f:16:1f:
81:4e:85:af:c4:9d:d4:9e:93:69:ac:af:d9:a3:85:
af:74:d9:7a:6d:35:58:a4:7b:c8:23:b1:9e:6a:6b:
6a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:10:C8:DE:2D:40:05:06:39:82:05:80:47:C0:76:AA:5A:55:CB:D4
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/DRDI3i1ABQY5ggWAR8B2qlpVy9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.165.0/24
45.150.32.0/22
64.137.33.0/24
64.137.47.0/24
64.137.51.0/24
64.137.55.0/24
64.137.69.0/24
64.137.76.0/24
104.238.26.0/24
206.124.104.0/21
Signature Algorithm: sha256WithRSAEncryption
93:ae:2c:f4:67:9e:c5:69:e1:fd:13:f3:c0:d6:e9:71:6a:c8:
55:be:22:fa:35:e0:21:71:71:5d:e5:1d:4c:0d:82:34:40:77:
95:39:36:ce:cd:27:99:df:04:4c:aa:68:ef:d6:36:0e:d8:e7:
97:62:e7:2d:44:4f:ff:d4:a0:f4:d7:d5:55:96:fb:57:11:94:
38:fc:9c:21:32:33:b3:c5:0c:62:60:1c:55:b8:07:a9:61:d6:
7a:98:8f:29:e0:d9:02:06:b2:b6:c2:1d:08:09:d8:2e:30:d5:
4f:35:c5:27:31:26:89:f6:4a:c5:01:69:3f:c2:d5:0a:ab:ac:
09:1f:a6:f2:07:21:0e:50:f3:23:a5:1a:ce:52:ad:99:65:39:
6b:d6:c3:89:f6:f0:65:b2:e9:10:3c:d0:74:67:f7:55:cb:6b:
52:c9:04:9e:99:da:81:8c:91:28:f3:1d:02:51:30:19:c6:01:
14:e9:a4:39:b5:91:ca:cf:36:0b:72:ae:93:68:6b:90:11:7f:
ca:17:4e:d5:f9:bd:7f:b0:0e:57:48:ae:8c:ac:fc:3d:b5:88:
e3:9e:39:51:c9:d9:bb:9f:c8:35:25:2c:eb:1e:0b:ef:46:ad:
15:05:28:16:86:aa:57:d8:7d:48:c7:82:22:db:1c:79:63:ac:
d5:1c:7f:18
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYiRZsebsXd1N/gRN8O4LKvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNjA2MTU1MDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDEwYzhkZTJkNDAwNTA2Mzk4MjA1ODA0N2MwNzZhYTVhNTVjYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu40bpATQo10qBHhVAoPtyscmA+Yz
QImJuzIE9IcX6UKHTkf8maXlAb1H0bMdapUxt6AIwdStNktLv1/TGGjb8khPOLkr
zjF3FDB5cmel/qk8KkFf92GU/BUuvfZgBHlCCPfQLPQcRmRfhiTpUWjFoiFKiBTw
lDyvdVQObjWIz2knYmRep1wDlG5JlZzPrgCtt7zHIg2WeT6sox4zqyFUcZhQlOSd
CrnPNynsHf4HA1yM13hIBPdwIiXVuCdnIu2x9E2KMVgvzAeHJ6ny+4e+Go1MC2bk
CbiStaBt6ngfFh+BToWvxJ3UnpNprK/Zo4WvdNl6bTVYpHvII7Geamtq7QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFA0QyN4tQAUGOYIFgEfAdqpaVcvUMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvRFJESTNpMUFCUVk1Z2dXQVI4QjJxbHBWeTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALSulAwQC
LZYgAwQAQIkhAwQAQIkvAwQAQIkzAwQAQIk3AwQAQIlFAwQAQIlMAwQAaO4aAwQD
znxoMA0GCSqGSIb3DQEBCwUAA4IBAQCTriz0Z57FaeH9E/PA1ulxashVviL6NeAh
cXFd5R1MDYI0QHeVOTbOzSeZ3wRMqmjv1jYO2OeXYuctRE//1KD019VVlvtXEZQ4
/JwhMjOzxQxiYBxVuAepYdZ6mI8p4NkCBrK2wh0ICdguMNVPNcUnMSaJ9krFAWk/
wtUKq6wJH6byByEOUPMjpRrOUq2ZZTlr1sOJ9vBlsukQPNB0Z/dVy2tSyQSemdqB
jJEo8x0CUTAZxgEU6aQ5tZHKzzYLcq6TaGuQEX/KF07V+b1/sA5XSK6MrPw9tYjj
njlRydm7n8g1JSzrHgvvRq0VBSgWhqpX2H1Ix4Ii2xx5Y6zVHH8Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:44 2024 by rpki-client on console-ams.rpki-client.org