Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/E1EvN30jIbEacaWAV3s5vft0MII.roa
File: E1EvN30jIbEacaWAV3s5vft0MII.roa (raw, json)
Hash identifier: ALDTZ91RUYyKnoM2yAYIGe0BU9c2YvT6FkbCLkjsXF0=
Subject key identifier: 13:51:2F:37:7D:23:21:B1:1A:71:A5:80:57:7B:39:BD:FB:74:30:82
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185725EBB984F1B742DE9D41ACDEA249028
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/E1EvN30jIbEacaWAV3s5vft0MII.roa
Signing time: Mon 02 Jan 2023 12:04:49 +0000
ROA not before: Mon 02 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150445
IP address blocks: 64.137.126.0/24 maxlen: 24
64.137.75.0/24 maxlen: 24
64.137.84.0/24 maxlen: 24
64.137.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5e:bb:98:4f:1b:74:2d:e9:d4:1a:cd:ea:24:90:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13512f377d2321b11a71a580577b39bdfb743082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f1:ad:bc:4c:4d:f8:32:f4:3f:36:a1:22:c0:
b6:66:0d:2f:c9:e9:f5:93:d4:4a:47:85:37:d0:05:
59:4c:90:4e:29:93:ea:43:39:3c:13:b2:89:03:85:
45:74:3c:b0:73:84:06:95:5e:85:80:ec:bb:22:45:
d2:75:da:7e:d0:32:c3:c2:8e:2d:a5:a0:df:d1:65:
98:74:bf:b7:3b:dc:50:d7:ee:dc:d5:12:9b:5f:35:
1c:42:09:4d:93:81:95:69:20:a3:00:76:43:6b:f5:
07:33:7a:03:21:65:d1:c5:8d:14:0c:10:dd:3a:48:
81:87:7e:8a:75:16:5d:9d:1c:c5:3f:3e:b6:2b:11:
89:ef:fd:a5:bf:3b:39:a9:b3:39:f4:4b:48:ff:01:
6e:50:99:bb:ab:88:d0:1a:e3:37:b1:f7:63:f3:2b:
76:cc:20:4a:e8:20:44:2c:b9:7c:8c:fe:71:f4:23:
18:37:c0:59:94:db:f6:aa:c1:b6:7f:ff:f5:31:ad:
38:80:b2:93:d5:f6:1e:ab:2f:5c:a6:62:26:4f:86:
1d:3b:77:40:12:1f:28:28:2d:c4:e6:41:ba:47:af:
e9:8d:39:f8:ee:9f:09:9f:c0:80:3f:39:f6:cd:ec:
04:55:d1:17:65:ee:77:41:2e:75:d0:e0:bb:7b:2a:
56:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:51:2F:37:7D:23:21:B1:1A:71:A5:80:57:7B:39:BD:FB:74:30:82
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/E1EvN30jIbEacaWAV3s5vft0MII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.75.0/24
64.137.84.0/24
64.137.90.0/24
64.137.126.0/24
Signature Algorithm: sha256WithRSAEncryption
14:df:7c:5e:ff:34:13:d3:30:5b:58:20:3c:96:d9:33:5d:28:
94:63:39:8c:08:ad:af:b2:ba:a3:b2:6f:5a:9b:be:9f:a1:de:
50:ca:cc:62:6e:3e:3a:9b:24:4a:2d:2c:b3:c5:33:d7:04:df:
d6:34:d8:46:2f:de:b3:c1:e7:09:ae:c4:b7:70:37:f0:5d:52:
c4:ff:b7:4f:3e:66:74:38:b2:c5:5e:97:6c:6e:29:aa:0e:a4:
46:a0:e6:e3:ff:c4:65:b8:58:ee:32:b0:bc:df:10:6e:ce:cc:
78:28:68:b6:db:ad:08:15:1d:42:fc:5c:c2:0e:33:31:1e:35:
55:34:30:4d:d9:bc:95:73:21:ad:c4:51:e2:b5:d2:ab:b2:59:
cd:f1:24:91:9b:ce:af:e1:91:cc:c2:dc:e8:1a:05:e1:e7:01:
4f:c7:60:d7:47:74:d5:ba:d0:b2:f1:32:8c:ab:2f:85:81:95:
61:74:46:bf:13:af:b8:00:5c:5c:13:8b:f1:c0:b0:d0:60:32:
33:ec:c1:a7:86:b7:82:60:fa:3a:7d:98:7f:94:22:ee:5a:b3:
29:79:81:ca:3e:4a:de:98:dc:42:a9:e8:78:97:2a:10:20:f5:
4a:c2:e9:d4:2c:f1:56:c0:11:7e:c8:28:ea:13:f9:c3:33:71:
c6:aa:65:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyXruYTxt0LenUGs3qJJAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzUxMmYzNzdkMjMyMWIxMWE3MWE1ODA1NzdiMzliZGZiNzQzMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfGtvExN+DL0PzahIsC2Zg0vyen1
k9RKR4U30AVZTJBOKZPqQzk8E7KJA4VFdDywc4QGlV6FgOy7IkXSddp+0DLDwo4t
paDf0WWYdL+3O9xQ1+7c1RKbXzUcQglNk4GVaSCjAHZDa/UHM3oDIWXRxY0UDBDd
OkiBh36KdRZdnRzFPz62KxGJ7/2lvzs5qbM59EtI/wFuUJm7q4jQGuM3sfdj8yt2
zCBK6CBELLl8jP5x9CMYN8BZlNv2qsG2f//1Ma04gLKT1fYeqy9cpmImT4YdO3dA
Eh8oKC3E5kG6R6/pjTn47p8Jn8CAPzn2zewEVdEXZe53QS510OC7eypW2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBNRLzd9IyGxGnGlgFd7Ob37dDCCMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvRTFFdk4zMGpJYkVhY2FXQVYzczV2ZnQwTUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQIlLAwQA
QIlUAwQAQIlaAwQAQIl+MA0GCSqGSIb3DQEBCwUAA4IBAQAU33xe/zQT0zBbWCA8
ltkzXSiUYzmMCK2vsrqjsm9am76fod5Qysxibj46myRKLSyzxTPXBN/WNNhGL96z
wecJrsS3cDfwXVLE/7dPPmZ0OLLFXpdsbimqDqRGoObj/8RluFjuMrC83xBuzsx4
KGi2260IFR1C/FzCDjMxHjVVNDBN2byVcyGtxFHitdKrslnN8SSRm86v4ZHMwtzo
GgXh5wFPx2DXR3TVutCy8TKMqy+FgZVhdEa/E6+4AFxcE4vxwLDQYDIz7MGnhreC
YPo6fZh/lCLuWrMpeYHKPkremNxCqeh4lyoQIPVKwunULPFWwBF+yCjqE/nDM3HG
qmWx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:44 2024 by rpki-client on console-ams.rpki-client.org