Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HhFBT8p3Enm6fNkFmxMx5SoC-Kk.roa
File: HhFBT8p3Enm6fNkFmxMx5SoC-Kk.roa (raw, json)
Hash identifier: rSNWCri6aVEmsbrq+kBYqbuDj4TJhUZYxJOkgl2A+xw=
Subject key identifier: 1E:11:41:4F:CA:77:12:79:BA:7C:D9:05:9B:13:31:E5:2A:02:F8:A9
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185E9A096DE25807E864F735AFFD6F9EF0C
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HhFBT8p3Enm6fNkFmxMx5SoC-Kk.roa
Signing time: Wed 25 Jan 2023 15:51:33 +0000
ROA not before: Wed 25 Jan 2023 15:51:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201207
IP address blocks: 104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.233.12.0/22 maxlen: 22
216.173.76.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
216.173.82.0/24 maxlen: 24
104.233.26.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
45.43.167.0/24 maxlen: 24
216.173.96.0/22 maxlen: 22
216.173.102.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:a0:96:de:25:80:7e:86:4f:73:5a:ff:d6:f9:ef:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 25 15:51:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e11414fca771279ba7cd9059b1331e52a02f8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a7:0f:26:6d:4b:9f:78:a2:69:31:5f:3f:0c:
89:32:ca:b8:1c:68:7a:e8:82:09:f6:e5:54:c7:e7:
df:77:77:a1:8d:46:5a:c7:55:95:fd:c9:9f:09:dd:
44:96:67:be:a5:85:84:e9:d7:0e:df:9d:7f:9a:0c:
9f:18:c0:58:cf:a8:3b:ac:80:57:59:87:b2:a9:64:
50:90:28:06:92:eb:f4:c0:b6:9f:23:df:c3:bf:35:
b2:00:b5:a0:7c:06:a1:75:bc:77:22:28:cd:33:d6:
d6:29:f2:a3:e1:2b:d8:2b:c4:f1:f6:9d:11:6c:d3:
ff:75:1e:8d:63:ec:be:0f:f2:83:8e:25:ea:a2:3d:
48:a7:14:46:ed:6c:c6:a9:19:7d:7b:97:b7:ef:f8:
3a:0a:ee:06:6c:08:c9:3c:17:ca:b8:b9:54:5d:9d:
27:47:80:37:63:52:9d:09:f3:97:38:04:1b:0f:5f:
f1:e0:db:97:d5:95:08:8c:ce:44:46:8b:40:4e:c3:
6c:08:a0:57:c7:f5:fc:eb:1d:51:de:bd:94:12:09:
ce:76:90:bf:6a:0e:c4:d7:7e:b5:a2:10:46:bd:e3:
b5:ee:8f:6c:0f:04:8d:ef:f4:b2:c3:c2:46:d7:bf:
0c:20:6d:82:b7:fa:e6:56:8f:ef:9f:1a:81:84:b2:
74:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:11:41:4F:CA:77:12:79:BA:7C:D9:05:9B:13:31:E5:2A:02:F8:A9
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HhFBT8p3Enm6fNkFmxMx5SoC-Kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.167.0/24
104.233.12.0/22
104.233.24.0-104.233.26.255
104.238.10.0/24
104.239.10.0/23
104.239.75.0/24
104.239.78.0/24
104.239.80.0/23
104.239.104.0/22
104.239.111.0/24
104.239.124.0-104.239.126.255
216.173.76.0/24
216.173.82.0/24
216.173.96.0/22
216.173.102.0/24
216.173.106.0/23
216.173.110.0/24
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:e9:76:9b:6b:cc:7f:30:01:df:91:2b:7e:52:2e:96:52:ec:
df:7d:c2:59:b9:40:f6:1b:51:50:6a:71:72:f3:73:e6:a4:af:
07:c5:01:82:f6:07:1b:0c:3d:0b:e1:92:df:8c:f8:7f:36:a0:
92:4b:31:f6:a9:c3:2d:52:b6:48:28:33:c3:e9:9c:81:28:08:
fa:5e:82:7f:64:c1:bf:ca:22:66:90:54:87:a5:05:fb:f5:19:
7b:cc:b1:54:01:cb:f4:06:59:b4:76:d4:b2:b5:b5:b3:72:73:
2d:ad:7b:a1:11:fe:c8:8a:cc:25:e8:49:96:b4:17:5f:c7:6a:
ef:f4:d1:f5:b6:61:f6:2f:0a:f2:4d:d5:99:5c:60:76:ae:76:
57:97:f5:f9:6f:4e:b7:21:ff:35:bc:a9:93:28:8b:f6:0c:95:
cb:dd:6e:d2:7d:47:8d:09:c6:b6:4b:6f:86:8a:d9:94:56:78:
8c:54:b8:4a:ef:a1:dd:40:d3:6c:6c:1a:19:34:79:d8:99:7f:
1a:5b:5c:bc:ad:83:ca:f9:8e:d6:5d:1e:b1:07:b0:53:6e:e8:
61:cc:3c:b8:f0:82:c2:d5:ac:64:ad:09:1c:2b:eb:d0:46:59:
bc:89:60:83:f5:04:49:03:c1:cb:d0:7c:5a:4e:48:71:87:a5:
6c:6d:34:ca
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYXpoJbeJYB+hk9zWv/W+e8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTI1MTU1MTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTExNDE0ZmNhNzcxMjc5YmE3Y2Q5MDU5YjEzMzFlNTJhMDJmOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKcPJm1Ln3iiaTFfPwyJMsq4HGh6
6IIJ9uVUx+ffd3ehjUZax1WV/cmfCd1Elme+pYWE6dcO351/mgyfGMBYz6g7rIBX
WYeyqWRQkCgGkuv0wLafI9/DvzWyALWgfAahdbx3IijNM9bWKfKj4SvYK8Tx9p0R
bNP/dR6NY+y+D/KDjiXqoj1IpxRG7WzGqRl9e5e37/g6Cu4GbAjJPBfKuLlUXZ0n
R4A3Y1KdCfOXOAQbD1/x4NuX1ZUIjM5ERotATsNsCKBXx/X86x1R3r2UEgnOdpC/
ag7E1361ohBGveO17o9sDwSN7/Syw8JG178MIG2Ct/rmVo/vnxqBhLJ09wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFB4RQU/KdxJ5unzZBZsTMeUqAvipMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSGhGQlQ4cDNFbm02Zk5rRm14TXg1U29DLUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAC0r
pwMEAmjpDDAMAwQDaOkYAwQAaOkaAwQAaO4KAwQBaO8KAwQAaO9LAwQAaO9OAwQB
aO9QAwQCaO9oAwQAaO9vMAwDBAJo73wDBABo734DBADYrUwDBADYrVIDBALYrWAD
BADYrWYDBAHYrWoDBADYrW4DBADYrXgwDQYJKoZIhvcNAQELBQADggEBAJrpdptr
zH8wAd+RK35SLpZS7N99wlm5QPYbUVBqcXLzc+akrwfFAYL2BxsMPQvhkt+M+H82
oJJLMfapwy1StkgoM8PpnIEoCPpegn9kwb/KImaQVIelBfv1GXvMsVQBy/QGWbR2
1LK1tbNycy2te6ER/siKzCXoSZa0F1/Hau/00fW2YfYvCvJN1ZlcYHaudleX9flv
Trch/zW8qZMoi/YMlcvdbtJ9R40JxrZLb4aK2ZRWeIxUuErvod1A02xsGhk0ediZ
fxpbXLytg8r5jtZdHrEHsFNu6GHMPLjwgsLVrGStCRwr69BGWbyJYIP1BEkDwcvQ
fFpOSHGHpWxtNMo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org