Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/E8Y0P3sXuRUAYdg98N5X2fJjrRs.roa
File: E8Y0P3sXuRUAYdg98N5X2fJjrRs.roa (raw, json)
Hash identifier: I1M1IeKnUnLc+xdZKVQ92xqQoFCUMybyx+Lqd5H7ofs=
Subject key identifier: 13:C6:34:3F:7B:17:B9:15:00:61:D8:3D:F0:DE:57:D9:F2:63:AD:1B
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0187FB9E6672CDDDEA18D6A22A14261EF8B4
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/E8Y0P3sXuRUAYdg98N5X2fJjrRs.roa
Signing time: Mon 08 May 2023 13:47:54 +0000
ROA not before: Mon 08 May 2023 13:47:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 64.137.29.0/24 maxlen: 24
64.137.44.0/24 maxlen: 24
64.137.46.0/24 maxlen: 24
64.137.72.0/24 maxlen: 24
64.137.85.0/24 maxlen: 24
64.137.114.0/24 maxlen: 24
64.137.116.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fb:9e:66:72:cd:dd:ea:18:d6:a2:2a:14:26:1e:f8:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 8 13:47:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13c6343f7b17b9150061d83df0de57d9f263ad1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3b:a3:5f:51:b6:06:84:6f:ac:d2:48:3e:4d:
d7:6f:2d:0c:0b:8e:e6:e8:2b:e6:99:44:7a:2f:b1:
ac:2d:d9:08:32:07:b7:1e:e7:b9:68:f8:6b:5c:bb:
0d:c7:02:fb:cb:c6:a9:2e:03:81:eb:94:65:cc:a7:
e2:75:7b:55:78:49:6a:bb:0a:e9:47:32:16:cd:c7:
58:11:2a:b2:e4:28:6f:16:03:03:38:05:dd:32:d5:
38:a6:35:e6:e4:11:a1:6c:1c:a7:55:da:c7:a9:4c:
87:53:0a:8a:41:c1:6b:a2:27:48:ef:0a:98:25:59:
b9:75:ca:06:df:8f:a3:a7:34:19:3a:68:bf:e5:84:
89:be:16:6c:b1:51:91:15:17:f2:44:0f:55:76:1a:
80:ba:0d:ca:41:b0:20:8b:b9:36:cc:60:f4:c8:79:
4d:52:0f:b0:3b:b6:94:5a:6c:7e:37:01:d0:0a:f1:
6d:2e:df:cb:fb:0f:eb:65:da:88:c6:e8:b2:c7:7a:
b7:18:f6:7b:6d:0a:6c:c2:d6:62:e3:88:ac:f0:a9:
92:af:0f:8c:1a:53:15:c7:3e:71:c2:06:f4:1b:18:
16:9f:60:49:fd:85:b5:4e:7e:21:82:97:45:67:cf:
2a:0c:2a:73:8b:77:c0:f2:a9:89:33:e5:aa:fb:b0:
de:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:C6:34:3F:7B:17:B9:15:00:61:D8:3D:F0:DE:57:D9:F2:63:AD:1B
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/E8Y0P3sXuRUAYdg98N5X2fJjrRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.29.0/24
64.137.44.0/24
64.137.46.0/24
64.137.72.0/24
64.137.85.0/24
64.137.114.0/24
64.137.116.0/24
Signature Algorithm: sha256WithRSAEncryption
51:25:fc:6b:da:41:e7:50:06:07:4e:57:0d:9d:61:3e:03:df:
6c:06:60:df:37:2e:cc:60:89:67:29:56:a8:b0:d9:31:c0:36:
e7:0c:b0:f7:4c:4e:d4:fb:ba:58:0e:92:28:ba:ac:ae:01:c3:
eb:12:56:06:b6:52:d6:6f:12:4d:fe:a6:26:36:e1:be:b9:29:
2d:c3:1d:4f:1d:47:0b:2f:c0:b5:78:bf:92:a3:a2:de:5e:a9:
00:de:52:bf:80:60:ab:76:05:b4:93:cf:cd:3b:d1:ec:2c:ef:
6c:fe:62:4f:91:68:74:d4:17:a9:fe:e0:6e:57:9f:95:63:3c:
c3:40:21:15:6b:22:1d:23:89:4a:9d:65:3e:0c:1c:e8:cf:75:
f3:17:27:34:1d:48:28:3a:75:bf:2b:6b:57:b3:70:ce:72:c5:
f7:95:a3:ea:3c:8e:2e:80:f8:e8:9c:d5:7d:9e:6a:08:5c:f5:
75:2d:40:37:28:f7:3b:b6:1b:15:85:98:ba:7a:a1:55:46:6e:
44:bd:88:1f:85:75:3c:28:13:2f:b3:65:e3:3f:e6:78:86:65:
42:ea:ed:5c:50:c7:6c:16:ca:ea:a6:c0:56:79:c9:d7:d1:b4:
55:91:84:98:5f:1c:22:cc:0a:55:02:34:cc:51:1d:61:25:0e:
e4:4d:5c:dd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYf7nmZyzd3qGNaiKhQmHvi0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNTA4MTM0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2M2MzQzZjdiMTdiOTE1MDA2MWQ4M2RmMGRlNTdkOWYyNjNhZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDujX1G2BoRvrNJIPk3Xby0MC47m
6CvmmUR6L7GsLdkIMge3Hue5aPhrXLsNxwL7y8apLgOB65RlzKfidXtVeElquwrp
RzIWzcdYESqy5ChvFgMDOAXdMtU4pjXm5BGhbBynVdrHqUyHUwqKQcFroidI7wqY
JVm5dcoG34+jpzQZOmi/5YSJvhZssVGRFRfyRA9VdhqAug3KQbAgi7k2zGD0yHlN
Ug+wO7aUWmx+NwHQCvFtLt/L+w/rZdqIxuiyx3q3GPZ7bQpswtZi44is8KmSrw+M
GlMVxz5xwgb0GxgWn2BJ/YW1Tn4hgpdFZ88qDCpzi3fA8qmJM+Wq+7DeswIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBPGND97F7kVAGHYPfDeV9nyY60bMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvRThZMFAzc1h1UlVBWWRnOThONVgyZkpqclJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAQIkdAwQA
QIksAwQAQIkuAwQAQIlIAwQAQIlVAwQAQIlyAwQAQIl0MA0GCSqGSIb3DQEBCwUA
A4IBAQBRJfxr2kHnUAYHTlcNnWE+A99sBmDfNy7MYIlnKVaosNkxwDbnDLD3TE7U
+7pYDpIouqyuAcPrElYGtlLWbxJN/qYmNuG+uSktwx1PHUcLL8C1eL+So6LeXqkA
3lK/gGCrdgW0k8/NO9HsLO9s/mJPkWh01Bep/uBuV5+VYzzDQCEVayIdI4lKnWU+
DBzoz3XzFyc0HUgoOnW/K2tXs3DOcsX3laPqPI4ugPjonNV9nmoIXPV1LUA3KPc7
thsVhZi6eqFVRm5EvYgfhXU8KBMvs2XjP+Z4hmVC6u1cUMdsFsrqpsBWecnX0bRV
kYSYXxwizApVAjTMUR1hJQ7kTVzd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org