Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/LdrVOra9980YxXCT5vBB-tvio0M.roa
File: LdrVOra9980YxXCT5vBB-tvio0M.roa (raw, json)
Hash identifier: xI4g6Kzi16S4BVZfNp0+PW+fXB9nlfqrPjlvtKE9OYA=
Subject key identifier: 2D:DA:D5:3A:B6:BD:F7:CD:18:C5:70:93:E6:F0:41:FA:DB:E2:A3:43
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01878F0722D9D38D73DACDB1DBA77651B94E
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/LdrVOra9980YxXCT5vBB-tvio0M.roa
Signing time: Mon 17 Apr 2023 11:43:42 +0000
ROA not before: Mon 17 Apr 2023 11:43:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 64.137.29.0/24 maxlen: 24
64.137.44.0/24 maxlen: 24
64.137.72.0/24 maxlen: 24
64.137.85.0/24 maxlen: 24
64.137.114.0/24 maxlen: 24
64.137.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 May 2023 13:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8f:07:22:d9:d3:8d:73:da:cd:b1:db:a7:76:51:b9:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 17 11:43:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ddad53ab6bdf7cd18c57093e6f041fadbe2a343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:50:7a:63:d3:c2:42:b4:95:74:eb:ac:f7:ce:
e4:17:84:e5:ac:08:72:1c:a7:ce:46:2e:27:0b:76:
67:c6:e7:76:77:e3:33:07:09:cb:e7:ca:d4:a3:08:
49:c9:f6:a3:0d:e7:0b:e4:48:26:35:7a:15:ef:b7:
f2:25:c9:35:8c:36:f9:66:09:03:79:ec:e1:f2:e5:
e7:8c:ce:6a:f1:80:e7:4d:da:54:34:6e:f9:d6:ab:
7d:81:2f:b7:c8:7e:95:8b:d9:47:ad:bb:52:7f:d6:
63:0b:d9:c2:5d:d4:82:b3:9f:e3:35:39:79:3f:ca:
6b:57:cb:96:d7:79:0a:ec:42:b9:0c:2d:2c:a5:94:
f2:dd:66:bf:01:c0:ed:92:a0:67:25:e5:1c:1e:3d:
5d:45:1d:0f:a0:93:16:33:58:33:25:e4:fe:1d:bf:
0e:e0:fc:98:3f:24:7d:08:5b:85:97:ba:db:a5:68:
10:be:ec:a3:c7:f3:1c:2a:dc:3d:26:a5:c1:41:50:
bc:74:54:26:a8:08:21:b5:9b:3a:51:70:2e:e0:59:
c0:01:ed:cd:3b:c4:6c:8f:23:3a:51:1d:15:92:3a:
a4:0c:3a:42:63:4d:b4:e4:da:08:2b:67:de:31:e3:
73:54:00:2f:cb:85:78:49:22:8a:10:21:8a:be:35:
bf:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DA:D5:3A:B6:BD:F7:CD:18:C5:70:93:E6:F0:41:FA:DB:E2:A3:43
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/LdrVOra9980YxXCT5vBB-tvio0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.29.0/24
64.137.44.0/24
64.137.72.0/24
64.137.85.0/24
64.137.114.0/24
64.137.116.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:27:d1:3d:91:1e:b5:4a:4f:6d:36:e4:1e:af:2e:7f:8f:b7:
76:36:1b:b8:b9:ef:a5:da:66:f5:e3:f5:34:c9:ab:e6:6a:86:
fe:c2:32:5f:4e:fa:f4:e9:34:c7:de:a4:2a:bb:31:83:4a:11:
1f:c5:30:d1:e5:c2:ad:5f:81:a5:1d:54:4f:64:ef:1f:55:42:
fd:d0:c9:0d:d5:b0:fd:8b:6d:68:8d:61:2b:a0:19:02:ae:e3:
64:7b:0e:ce:ce:e3:14:68:fb:3d:1d:2a:32:5c:47:c3:0c:75:
bf:33:ee:7d:20:0d:16:bb:5a:39:2e:a5:41:8c:07:2d:41:61:
02:a3:30:a3:27:a4:5c:77:8d:13:b9:82:7e:f2:b9:50:e6:e0:
8f:3d:b2:46:1b:07:39:49:8a:04:87:e1:66:9b:dd:01:cb:85:
13:86:a4:b8:c1:ec:d6:36:15:44:fd:93:c8:f3:f8:29:59:c0:
8c:86:91:3a:b2:1d:24:de:00:bd:2b:d1:05:80:f7:35:1c:bd:
38:64:de:76:f4:f4:4f:d0:3d:c2:10:9d:1b:17:9a:f7:df:78:
d3:f0:cf:59:ec:32:7c:d6:dc:f5:bb:a4:21:5a:8a:c8:2e:39:
bd:88:b6:ef:44:db:ca:15:28:ff:07:fd:69:41:13:41:04:21:
7b:78:de:92
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYePByLZ041z2s2x26d2UblOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNDE3MTE0MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGRhZDUzYWI2YmRmN2NkMThjNTcwOTNlNmYwNDFmYWRiZTJhMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1B6Y9PCQrSVdOus987kF4TlrAhy
HKfORi4nC3Znxud2d+MzBwnL58rUowhJyfajDecL5EgmNXoV77fyJck1jDb5ZgkD
eezh8uXnjM5q8YDnTdpUNG751qt9gS+3yH6Vi9lHrbtSf9ZjC9nCXdSCs5/jNTl5
P8prV8uW13kK7EK5DC0spZTy3Wa/AcDtkqBnJeUcHj1dRR0PoJMWM1gzJeT+Hb8O
4PyYPyR9CFuFl7rbpWgQvuyjx/McKtw9JqXBQVC8dFQmqAghtZs6UXAu4FnAAe3N
O8RsjyM6UR0VkjqkDDpCY0205NoIK2feMeNzVAAvy4V4SSKKECGKvjW/nQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC3a1Tq2vffNGMVwk+bwQfrb4qNDMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTGRyVk9yYTk5ODBZeFhDVDV2QkItdHZpbzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAQIkdAwQA
QIksAwQAQIlIAwQAQIlVAwQAQIlyAwQAQIl0MA0GCSqGSIb3DQEBCwUAA4IBAQAd
J9E9kR61Sk9tNuQery5/j7d2Nhu4ue+l2mb14/U0yavmaob+wjJfTvr06TTH3qQq
uzGDShEfxTDR5cKtX4GlHVRPZO8fVUL90MkN1bD9i21ojWEroBkCruNkew7OzuMU
aPs9HSoyXEfDDHW/M+59IA0Wu1o5LqVBjActQWECozCjJ6Rcd40TuYJ+8rlQ5uCP
PbJGGwc5SYoEh+Fmm90By4UThqS4wezWNhVE/ZPI8/gpWcCMhpE6sh0k3gC9K9EF
gPc1HL04ZN529PRP0D3CEJ0bF5r333jT8M9Z7DJ81tz1u6QhWorILjm9iLbvRNvK
FSj/B/1pQRNBBCF7eN6S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:44 2024 by rpki-client on console-ams.rpki-client.org