Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HpmIByv2F18bE3KpWjq3n9KRCA4.roa
File: HpmIByv2F18bE3KpWjq3n9KRCA4.roa (raw, json)
Hash identifier: MLK/oDOETed1dRrc8sYD1gsp/0f2kV91QN3W1QHmXfQ=
Subject key identifier: 1E:99:88:07:2B:F6:17:5F:1B:13:72:A9:5A:3A:B7:9F:D2:91:08:0E
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018D54C8266DB6ABA1FC086CD0159564D269
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HpmIByv2F18bE3KpWjq3n9KRCA4.roa
Signing time: Mon 29 Jan 2024 10:33:39 +0000
ROA not before: Mon 29 Jan 2024 10:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 45.43.166.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.222.191.0/24 maxlen: 24
104.238.31.0/24 maxlen: 24
104.249.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 12:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:c8:26:6d:b6:ab:a1:fc:08:6c:d0:15:95:64:d2:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 29 10:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e9988072bf6175f1b1372a95a3ab79fd291080e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d1:7a:29:dc:ee:9f:ba:bd:ac:c5:73:d6:7c:
01:a6:71:0b:af:23:1c:6e:ac:82:0d:bf:2a:af:2f:
72:dd:36:39:a6:95:18:aa:b9:c4:6f:fc:9b:91:f8:
0c:4a:6a:0d:39:b6:80:67:4c:e6:96:05:0e:41:39:
5c:0a:98:5d:43:b0:c8:9c:39:c4:44:58:e3:1f:af:
65:af:b2:81:8b:16:bb:f4:05:84:55:4c:35:8f:4e:
9a:8e:d5:7c:08:c3:4c:82:bf:dc:62:75:4a:39:66:
22:c8:96:b9:ec:7f:3e:f2:e5:0b:d5:26:7c:bc:df:
5d:5d:43:f7:ac:07:41:9a:2c:43:db:bd:07:c0:48:
fa:78:87:4a:e7:29:c9:e0:c4:01:ae:3d:3f:63:f6:
91:bc:f0:a9:87:0c:d1:3f:eb:eb:69:58:e9:3f:b9:
b2:ff:e6:cc:b7:89:16:40:2f:28:9f:4e:7d:a0:56:
d4:96:b8:37:98:fd:a0:93:a2:a0:e8:4d:0e:04:ef:
8e:35:36:f2:e9:ae:ec:6e:f0:02:76:1d:34:69:05:
c5:ab:f6:e9:3a:9e:f3:52:19:94:b6:c7:cb:8b:25:
a8:3f:7d:7e:9b:25:ee:55:06:ab:f1:31:f1:6e:3a:
37:03:56:d5:ff:ac:8a:25:fb:64:fb:7c:f1:eb:c8:
3f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:99:88:07:2B:F6:17:5F:1B:13:72:A9:5A:3A:B7:9F:D2:91:08:0E
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HpmIByv2F18bE3KpWjq3n9KRCA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.166.0/24
64.137.52.0/23
104.222.191.0/24
104.238.31.0/24
104.249.40.0/24
Signature Algorithm: sha256WithRSAEncryption
82:4c:60:91:5d:06:0d:d5:35:53:90:b1:8c:74:50:c5:44:fe:
e0:6d:5e:50:4c:52:8f:47:9c:09:f6:52:0f:67:0b:28:42:f6:
ec:8f:34:65:ef:8e:c5:a3:31:b2:3d:7e:a2:1d:ba:be:41:b7:
80:04:cb:40:84:12:03:1f:35:12:35:db:68:aa:aa:19:99:26:
d7:61:e9:fd:68:ed:88:8b:35:ab:da:cd:0f:98:71:b3:aa:d7:
ba:1c:41:36:5f:53:5f:a5:90:69:39:5e:2c:99:3e:ee:82:91:
e1:62:e9:e8:c6:27:b5:94:e7:47:be:85:3c:31:35:b4:9d:b9:
49:46:bb:f9:17:4e:85:5a:b7:94:26:46:88:0e:5c:ab:47:11:
d6:8d:91:b3:e1:ff:ec:b8:01:f4:df:67:a8:c4:af:0d:6b:e7:
84:d4:0a:ad:7d:be:6f:27:8f:39:e7:16:20:7d:6b:19:c6:72:
8e:5a:b6:c3:14:79:54:81:fa:83:7e:5c:11:c0:ce:45:65:24:
08:c1:4d:f6:0a:61:3d:71:f2:34:df:b9:d1:6a:5a:54:ce:5e:
95:bc:9d:13:6b:f9:6a:87:46:dc:84:eb:10:62:b4:b6:d7:80:
72:9b:f5:ff:be:17:ff:c0:08:d5:16:b1:d7:c3:38:a2:0c:f4:
09:d8:27:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY1UyCZttquh/Ahs0BWVZNJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTI5MTAzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTk5ODgwNzJiZjYxNzVmMWIxMzcyYTk1YTNhYjc5ZmQyOTEwODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdF6Kdzun7q9rMVz1nwBpnELryMc
bqyCDb8qry9y3TY5ppUYqrnEb/ybkfgMSmoNObaAZ0zmlgUOQTlcCphdQ7DInDnE
RFjjH69lr7KBixa79AWEVUw1j06ajtV8CMNMgr/cYnVKOWYiyJa57H8+8uUL1SZ8
vN9dXUP3rAdBmixD270HwEj6eIdK5ynJ4MQBrj0/Y/aRvPCphwzRP+vraVjpP7my
/+bMt4kWQC8on059oFbUlrg3mP2gk6Kg6E0OBO+ONTby6a7sbvACdh00aQXFq/bp
Op7zUhmUtsfLiyWoP31+myXuVQar8THxbjo3A1bV/6yKJftk+3zx68g/6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB6ZiAcr9hdfGxNyqVo6t5/SkQgOMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSHBtSUJ5djJGMThiRTNLcFdqcTNuOUtSQ0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALSumAwQB
QIk0AwQAaN6/AwQAaO4fAwQAaPkoMA0GCSqGSIb3DQEBCwUAA4IBAQCCTGCRXQYN
1TVTkLGMdFDFRP7gbV5QTFKPR5wJ9lIPZwsoQvbsjzRl747FozGyPX6iHbq+QbeA
BMtAhBIDHzUSNdtoqqoZmSbXYen9aO2IizWr2s0PmHGzqte6HEE2X1NfpZBpOV4s
mT7ugpHhYunoxie1lOdHvoU8MTW0nblJRrv5F06FWreUJkaIDlyrRxHWjZGz4f/s
uAH032eoxK8Na+eE1Aqtfb5vJ4855xYgfWsZxnKOWrbDFHlUgfqDflwRwM5FZSQI
wU32CmE9cfI037nRalpUzl6VvJ0Ta/lqh0bchOsQYrS214Bym/X/vhf/wAjVFrHX
wziiDPQJ2CcV
-----END CERTIFICATE-----
Generated at Mon Mar 25 17:25:42 2024 by rpki-client on console-fra.rpki-client.org