Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/KDiIHfei2fYIwn1eRMCSjJqTi5k.roa
File: KDiIHfei2fYIwn1eRMCSjJqTi5k.roa (raw, json)
Hash identifier: IC7aZtCOHeJ5weDJxM2Eni1tz42ir4zvTEdTUZtO1pY=
Subject key identifier: 28:38:88:1D:F7:A2:D9:F6:08:C2:7D:5E:44:C0:92:8C:9A:93:8B:99
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018EA34B00D82851CBFDC00D94EF4957B7CD
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/KDiIHfei2fYIwn1eRMCSjJqTi5k.roa
Signing time: Wed 03 Apr 2024 09:29:45 +0000
ROA not before: Wed 03 Apr 2024 09:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204729
IP address blocks: 45.43.153.0/24 maxlen: 24
104.249.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 08:24:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:4b:00:d8:28:51:cb:fd:c0:0d:94:ef:49:57:b7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 3 09:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2838881df7a2d9f608c27d5e44c0928c9a938b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:93:1e:80:65:29:d5:a1:4f:12:e3:07:02:2c:
7d:6a:7b:2c:23:c5:e4:a2:e7:30:fc:23:fb:3c:10:
1f:65:26:32:04:51:3a:01:fd:e1:d1:51:ab:cf:4d:
44:74:b3:7a:98:fe:c7:db:66:24:e4:f3:aa:71:ed:
46:40:0f:cd:68:cc:e0:67:ed:f3:c9:d2:e7:93:94:
81:83:eb:fb:46:11:b5:19:d1:b6:d2:10:1f:b0:e8:
ea:90:f9:a1:87:07:f3:2b:0d:82:79:14:4c:f6:c1:
d6:6e:b9:23:4f:c6:4d:4e:18:23:5a:7e:ce:c8:f2:
22:0c:fc:34:f2:bc:86:1b:e1:45:2e:e8:52:d8:e2:
1c:ff:23:99:5e:32:b2:c5:b3:b3:ef:ac:8a:13:95:
51:9d:99:cb:f0:de:40:ec:a5:17:1f:d2:f3:14:79:
d8:ab:b8:1a:d0:29:19:36:fa:16:87:87:22:e1:b1:
43:bf:f4:02:24:4b:4f:cc:f1:26:91:12:f0:33:9f:
2a:6e:b7:d7:d7:5b:3f:d1:69:1a:f8:44:b6:c5:d3:
4f:75:f3:7f:ca:af:42:1c:45:6d:75:52:64:c5:ea:
9a:c3:d3:53:c6:ee:1d:54:1f:81:7a:cc:34:20:57:
b5:82:6a:58:80:2b:43:ab:77:e3:cf:a0:ae:52:ab:
e4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:38:88:1D:F7:A2:D9:F6:08:C2:7D:5E:44:C0:92:8C:9A:93:8B:99
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/KDiIHfei2fYIwn1eRMCSjJqTi5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.153.0/24
104.249.40.0/24
Signature Algorithm: sha256WithRSAEncryption
16:65:2b:c8:da:a5:d2:25:e9:1d:47:b7:47:23:9a:d4:d1:99:
15:2b:1c:e1:db:83:30:9a:c6:1a:8e:57:0e:d0:62:0d:0c:46:
f8:6d:e4:4f:62:e1:e8:ca:0f:08:21:ca:bf:89:df:fe:1e:0a:
95:29:7d:14:fb:f0:eb:4f:94:4b:f3:f1:c6:7a:e2:da:0d:b1:
75:cb:13:37:ab:de:74:99:62:34:a5:5b:b6:88:7f:be:d0:84:
77:0e:49:6b:a7:44:e4:93:32:84:b9:25:69:16:d6:2e:f7:65:
5e:ea:55:b9:a8:c1:e4:6a:03:65:26:59:dc:6e:d2:7b:a3:58:
d1:0a:8b:bd:a1:4e:78:56:c6:40:70:72:08:6d:72:4e:f0:f0:
cd:5b:84:50:07:f1:1e:a0:a7:f6:26:c9:28:ad:3f:c2:1b:a6:
91:ad:dd:5e:ae:20:58:03:d2:38:d1:72:b4:57:95:e0:8b:f6:
3c:0d:5e:f6:73:75:56:7f:29:7a:45:ac:62:de:94:0c:cb:cc:
1f:9f:5d:0e:e5:68:83:6c:ec:52:fa:13:2a:55:6e:a9:c1:1f:
b3:f2:e6:ff:09:8d:0f:e6:d9:90:e8:fe:cb:eb:f8:8f:f5:27:
fb:93:de:39:3f:71:8a:3b:5f:0f:67:d7:34:c2:af:20:fa:a9:
b9:38:a3:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6jSwDYKFHL/cANlO9JV7fNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNDAzMDkyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODM4ODgxZGY3YTJkOWY2MDhjMjdkNWU0NGMwOTI4YzlhOTM4Yjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJMegGUp1aFPEuMHAix9anssI8Xk
oucw/CP7PBAfZSYyBFE6Af3h0VGrz01EdLN6mP7H22Yk5POqce1GQA/NaMzgZ+3z
ydLnk5SBg+v7RhG1GdG20hAfsOjqkPmhhwfzKw2CeRRM9sHWbrkjT8ZNThgjWn7O
yPIiDPw08ryGG+FFLuhS2OIc/yOZXjKyxbOz76yKE5VRnZnL8N5A7KUXH9LzFHnY
q7ga0CkZNvoWh4ci4bFDv/QCJEtPzPEmkRLwM58qbrfX11s/0Wka+ES2xdNPdfN/
yq9CHEVtdVJkxeqaw9NTxu4dVB+Besw0IFe1gmpYgCtDq3fjz6CuUqvkAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCg4iB33otn2CMJ9XkTAkoyak4uZMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvS0RpSUhmZWkyZllJd24xZVJNQ1NqSnFUaTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALSuZAwQA
aPkoMA0GCSqGSIb3DQEBCwUAA4IBAQAWZSvI2qXSJekdR7dHI5rU0ZkVKxzh24Mw
msYajlcO0GINDEb4beRPYuHoyg8IIcq/id/+HgqVKX0U+/DrT5RL8/HGeuLaDbF1
yxM3q950mWI0pVu2iH++0IR3Dklrp0TkkzKEuSVpFtYu92Ve6lW5qMHkagNlJlnc
btJ7o1jRCou9oU54VsZAcHIIbXJO8PDNW4RQB/EeoKf2JskorT/CG6aRrd1eriBY
A9I40XK0V5Xgi/Y8DV72c3VWfyl6Raxi3pQMy8wfn10O5WiDbOxS+hMqVW6pwR+z
8ub/CY0P5tmQ6P7L6/iP9Sf7k945P3GKO18PZ9c0wq8g+qm5OKOK
-----END CERTIFICATE-----
Generated at Mon Jul 22 11:14:30 2024 by rpki-client on console-ams.rpki-client.org