Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/K3caCODH5_Y1zjhMziwpfB4bKwc.roa
File: K3caCODH5_Y1zjhMziwpfB4bKwc.roa (raw, json)
Hash identifier: h5H7UyEZGj/5mwC6eHPlItDcWjSDaaRNI/C6lAJdN+k=
Subject key identifier: 2B:77:1A:08:E0:C7:E7:F6:35:CE:38:4C:CE:2C:29:7C:1E:1B:2B:07
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018FC38C4BE59C85A0C5365A3BEFE1DDFC05
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/K3caCODH5_Y1zjhMziwpfB4bKwc.roa
Signing time: Wed 29 May 2024 08:51:42 +0000
ROA not before: Wed 29 May 2024 08:51:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.43.136.0/21 maxlen: 21
45.43.136.0/24 maxlen: 24
45.43.138.0/24 maxlen: 24
45.43.139.0/24 maxlen: 24
45.43.164.0/23 maxlen: 23
64.137.8.0/24 maxlen: 24
64.137.10.0/23 maxlen: 23
64.137.14.0/23 maxlen: 23
64.137.18.0/23 maxlen: 23
64.137.42.0/23 maxlen: 23
64.137.48.0/23 maxlen: 23
64.137.58.0/23 maxlen: 23
64.137.60.0/22 maxlen: 22
64.137.73.0/24 maxlen: 24
64.137.74.0/24 maxlen: 24
64.137.77.0/24 maxlen: 24
64.137.78.0/24 maxlen: 24
64.137.80.0/22 maxlen: 22
64.137.89.0/24 maxlen: 24
64.137.92.0/23 maxlen: 23
64.137.94.0/23 maxlen: 23
64.137.96.0/22 maxlen: 22
64.137.100.0/23 maxlen: 23
104.143.232.0/21 maxlen: 21
104.143.240.0/22 maxlen: 22
104.143.248.0/21 maxlen: 24
104.222.190.0/24 maxlen: 24
104.233.0.0/21 maxlen: 21
104.233.31.0/24 maxlen: 24
104.233.32.0/20 maxlen: 20
104.233.57.0/24 maxlen: 24
104.233.60.0/24 maxlen: 24
104.233.61.0/24 maxlen: 24
104.233.62.0/24 maxlen: 24
104.238.0.0/22 maxlen: 22
104.238.15.0/24 maxlen: 24
104.238.16.0/24 maxlen: 24
104.238.18.0/24 maxlen: 24
104.238.22.0/24 maxlen: 24
104.238.25.0/24 maxlen: 24
104.239.9.0/24 maxlen: 24
104.239.45.0/24 maxlen: 24
104.239.46.0/24 maxlen: 24
104.239.48.0/24 maxlen: 24
104.239.95.0/24 maxlen: 24
104.239.99.0/24 maxlen: 24
104.239.110.0/24 maxlen: 24
104.249.29.0/24 maxlen: 24
104.249.32.0/22 maxlen: 22
104.249.36.0/24 maxlen: 24
104.249.37.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.250.192.0/21 maxlen: 21
104.250.208.0/20 maxlen: 20
138.128.151.0/24 maxlen: 24
138.128.153.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 20:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:8c:4b:e5:9c:85:a0:c5:36:5a:3b:ef:e1:dd:fc:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 29 08:51:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b771a08e0c7e7f635ce384cce2c297c1e1b2b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:1d:55:9a:3a:eb:55:5a:32:09:c9:30:1e:
d8:0b:8d:f3:b4:e7:83:26:b4:5a:f7:c4:79:40:8b:
72:d9:15:94:15:98:82:1c:3f:64:63:ff:c4:09:5d:
e1:06:46:3a:ca:ce:d9:c0:05:64:5c:8f:0a:70:9a:
7f:7e:55:d6:3f:f4:3e:d9:51:2e:5d:d3:ef:00:f2:
45:c3:e9:d2:8a:51:82:73:58:16:2e:d0:1c:36:8f:
e0:7b:22:82:37:00:83:d3:d3:54:0a:93:84:97:ba:
bc:46:2b:46:f0:89:26:ab:f1:f4:0b:2f:9c:10:54:
a6:31:9a:f4:d3:b3:37:35:d6:73:eb:2c:00:06:b9:
44:76:e1:bb:e3:b2:4f:49:e5:51:ae:df:f5:e2:c9:
f1:7d:fe:20:42:b9:3d:68:76:bd:78:f2:2e:71:a1:
92:13:e1:aa:52:b6:5a:15:9e:b8:b4:b5:d0:cd:11:
c3:3d:5a:95:05:b5:01:76:e3:51:34:8a:f2:aa:3e:
29:c9:b2:46:48:a7:75:39:26:56:67:de:bf:78:57:
5c:6f:ce:5c:70:02:2c:0b:e6:48:2a:51:9c:64:17:
bd:8d:44:3d:c0:8d:6d:c2:2e:b7:c6:a1:8c:28:5b:
48:12:04:de:10:42:db:4c:de:73:ba:fb:ce:1a:50:
80:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:77:1A:08:E0:C7:E7:F6:35:CE:38:4C:CE:2C:29:7C:1E:1B:2B:07
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/K3caCODH5_Y1zjhMziwpfB4bKwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.136.0/21
45.43.164.0/23
64.137.8.0/24
64.137.10.0/23
64.137.14.0/23
64.137.18.0/23
64.137.42.0/23
64.137.48.0/23
64.137.58.0-64.137.63.255
64.137.73.0-64.137.74.255
64.137.77.0-64.137.78.255
64.137.80.0/22
64.137.89.0/24
64.137.92.0-64.137.101.255
104.143.232.0-104.143.243.255
104.143.248.0/21
104.222.190.0/24
104.233.0.0/21
104.233.31.0-104.233.47.255
104.233.57.0/24
104.233.60.0-104.233.62.255
104.238.0.0/22
104.238.15.0-104.238.16.255
104.238.18.0/24
104.238.22.0/24
104.238.25.0/24
104.239.9.0/24
104.239.45.0-104.239.46.255
104.239.48.0/24
104.239.95.0/24
104.239.99.0/24
104.239.110.0/24
104.249.29.0/24
104.249.32.0-104.249.37.255
104.249.55.0/24
104.250.192.0/21
104.250.208.0/20
138.128.151.0/24
138.128.153.0/24
216.173.111.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:4c:e3:ac:91:13:45:40:b9:d9:63:7b:ec:71:1a:03:e2:7c:
d1:01:52:6a:70:8a:7f:48:ef:0c:d8:0c:1c:2c:38:bc:b6:d8:
4b:73:2b:df:8f:fd:41:4c:4c:ed:66:12:af:7a:7e:7c:a5:2b:
2d:fa:88:77:87:f5:78:a6:7a:56:d3:ba:d9:a8:20:dd:71:1b:
54:30:15:3f:e0:2a:7f:0e:e3:93:9f:eb:d8:60:f3:07:9a:92:
61:f3:ac:47:39:43:0a:87:75:65:9d:57:19:fc:34:23:0d:3b:
bf:71:55:d8:c1:3f:11:18:7f:43:70:d2:97:48:5e:1c:49:f2:
e9:7c:6e:f8:69:3b:1a:5c:d5:66:25:84:22:8f:fc:3a:3a:42:
f0:8a:95:e1:96:30:fe:65:3d:10:bb:9d:3b:d0:d6:d7:bb:0c:
a6:19:82:55:d8:01:12:66:f3:4d:0c:9c:89:2e:84:4a:7b:14:
4d:90:8e:9b:b0:ca:27:bd:a9:c2:01:3c:e5:82:f9:7d:a8:2f:
bc:c8:72:f8:96:a8:ae:b0:92:86:d1:e7:9e:78:28:92:75:ae:
0b:51:0a:33:60:fa:6f:0f:38:df:2f:aa:2e:05:62:fb:db:26:
d1:86:d2:4b:89:95:83:ad:8e:f3:b5:27:97:4d:a3:1a:25:1e:
a4:44:80:71
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAY/DjEvlnIWgxTZaO+/h3fwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNTI5MDg1MTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjc3MWEwOGUwYzdlN2Y2MzVjZTM4NGNjZTJjMjk3YzFlMWIyYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta0dVZo661VaMgnJMB7YC43ztOeD
JrRa98R5QIty2RWUFZiCHD9kY//ECV3hBkY6ys7ZwAVkXI8KcJp/flXWP/Q+2VEu
XdPvAPJFw+nSilGCc1gWLtAcNo/geyKCNwCD09NUCpOEl7q8RitG8Ikmq/H0Cy+c
EFSmMZr007M3NdZz6ywABrlEduG747JPSeVRrt/14snxff4gQrk9aHa9ePIucaGS
E+GqUrZaFZ64tLXQzRHDPVqVBbUBduNRNIryqj4pybJGSKd1OSZWZ96/eFdcb85c
cAIsC+ZIKlGcZBe9jUQ9wI1twi63xqGMKFtIEgTeEELbTN5zuvvOGlCAwQIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFCt3Ggjgx+f2Nc44TM4sKXweGysHMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSzNjYUNPREg1X1kxempoTXppd3BmQjRiS3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAy0riAMEAS0rpAMEAECJCAMEAUCJCgMEAUCJDgMEAUCJEgMEAUCJKgMEAUCJ
MDAMAwQBQIk6AwQGQIkAMAwDBABAiUkDBABAiUowDAMEAECJTQMEAECJTgMEAkCJ
UAMEAECJWTAMAwQCQIlcAwQBQIlkMAwDBANoj+gDBAJoj/ADBANoj/gDBABo3r4D
BANo6QAwDAMEAGjpHwMEBGjpIAMEAGjpOTAMAwQCaOk8AwQAaOk+AwQCaO4AMAwD
BABo7g8DBABo7hADBABo7hIDBABo7hYDBABo7hkDBABo7wkwDAMEAGjvLQMEAGjv
LgMEAGjvMAMEAGjvXwMEAGjvYwMEAGjvbgMEAGj5HTAMAwQFaPkgAwQBaPkkAwQA
aPk3AwQDaPrAAwQEaPrQAwQAioCXAwQAioCZAwQA2K1vMA0GCSqGSIb3DQEBCwUA
A4IBAQB+TOOskRNFQLnZY3vscRoD4nzRAVJqcIp/SO8M2AwcLDi8tthLcyvfj/1B
TEztZhKven58pSst+oh3h/V4pnpW07rZqCDdcRtUMBU/4Cp/DuOTn+vYYPMHmpJh
86xHOUMKh3VlnVcZ/DQjDTu/cVXYwT8RGH9DcNKXSF4cSfLpfG74aTsaXNVmJYQi
j/w6OkLwipXhljD+ZT0Qu5070NbXuwymGYJV2AESZvNNDJyJLoRKexRNkI6bsMon
vanCATzlgvl9qC+8yHL4lqiusJKG0eeeeCiSda4LUQozYPpvDzjfL6ouBWL72ybR
htJLiZWDrY7ztSeXTaMaJR6kRIBx
-----END CERTIFICATE-----
Generated at Tue Jul 30 23:16:52 2024 by rpki-client on console-ams.rpki-client.org