Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Od-RnPF_nUmfEKGd5lmyh801aI4.roa
File: Od-RnPF_nUmfEKGd5lmyh801aI4.roa (raw, json)
Hash identifier: aiWwhF3pItKWeRAKX12HP2rvAq2bZyuH+Pqd6WxSU4s=
Subject key identifier: 39:DF:91:9C:F1:7F:9D:49:9F:10:A1:9D:E6:59:B2:87:CD:35:68:8E
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018FC38C4B981AC69D07E2925FB07FC689DE
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Od-RnPF_nUmfEKGd5lmyh801aI4.roa
Signing time: Wed 29 May 2024 08:51:42 +0000
ROA not before: Wed 29 May 2024 08:51:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 104.233.63.0/24 maxlen: 24
104.238.26.0/24 maxlen: 24
104.238.29.0/24 maxlen: 24
104.239.47.0/24 maxlen: 24
104.239.49.0/24 maxlen: 24
104.239.50.0/24 maxlen: 24
104.239.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jul 2024 10:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:8c:4b:98:1a:c6:9d:07:e2:92:5f:b0:7f:c6:89:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 29 08:51:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39df919cf17f9d499f10a19de659b287cd35688e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d7:f2:56:de:8c:55:4b:1c:5e:51:a1:c0:ae:
b2:a8:94:44:41:ce:da:7e:ff:47:fc:b0:25:2a:96:
17:df:8a:4a:06:f5:0c:e5:6d:73:16:2f:79:48:10:
41:d3:6a:52:b7:c3:93:ce:65:e6:f6:e9:98:28:a6:
f7:bd:0e:87:da:0c:e1:15:fd:0e:af:8f:db:ce:33:
8d:9b:af:20:0d:f8:76:ed:7c:d2:a0:f2:c9:b0:40:
ee:45:dd:fe:be:7d:5b:0b:b4:50:15:c5:e7:0f:62:
22:23:1d:bf:65:3f:a6:01:14:7c:15:60:55:ec:26:
e2:12:28:3d:d0:1f:7e:53:b7:e8:68:6a:69:8d:0a:
07:a0:32:de:38:ac:72:f9:d2:9a:3c:61:44:cf:a0:
e6:a2:6c:8b:17:5d:2d:93:c6:7a:37:dc:2b:3e:7e:
93:0c:d8:8f:41:06:c7:4d:6b:d4:0f:ed:85:15:06:
03:35:5c:b8:fe:66:9f:75:e1:8a:7e:e4:09:59:d9:
5f:48:50:e2:22:c8:a9:a4:c8:2e:7a:3b:eb:a6:48:
6d:c4:f4:c0:1b:7f:da:32:0d:f8:bd:d2:b7:b8:9a:
50:02:9b:c2:55:1b:55:24:e0:d6:2c:e8:5c:92:cd:
d8:c5:9f:63:40:3c:82:3a:35:95:21:2e:bc:53:19:
50:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:DF:91:9C:F1:7F:9D:49:9F:10:A1:9D:E6:59:B2:87:CD:35:68:8E
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Od-RnPF_nUmfEKGd5lmyh801aI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.63.0/24
104.238.26.0/24
104.238.29.0/24
104.239.47.0/24
104.239.49.0-104.239.51.255
Signature Algorithm: sha256WithRSAEncryption
2f:b6:1f:60:5e:0b:af:b7:35:2e:a4:be:48:4c:6f:73:60:72:
88:34:9c:82:10:4c:b6:84:ae:d1:f7:69:ea:b4:d5:cc:de:2e:
65:bf:be:d6:fd:13:9f:7a:57:97:1d:00:6b:f6:9f:ef:74:1d:
ab:1d:a7:d2:92:d3:71:10:02:cd:77:a8:cb:50:b4:1d:54:05:
81:6d:8e:1b:d7:2f:c8:2a:88:bc:37:e9:20:81:92:43:6c:44:
9d:10:2d:8e:8f:b5:99:2d:9b:54:12:60:f4:a1:c1:e9:be:f8:
49:31:96:6a:ee:4b:89:f4:89:3e:bf:df:21:af:7b:0c:63:0b:
09:eb:7b:e0:28:07:35:6c:d8:ea:2d:93:ff:5f:40:04:8a:f5:
2e:15:93:92:0f:e7:9a:a2:db:f3:b8:16:e4:7c:d7:fd:b1:89:
90:c1:1a:51:ce:75:8a:0b:26:e8:58:3b:fd:fb:a8:0c:03:a2:
06:8d:01:2f:60:9e:92:79:05:09:d1:92:44:cf:c8:13:10:ce:
62:a7:8d:7a:d9:0f:8d:01:88:2a:93:06:57:78:58:5e:36:5c:
b1:82:03:e0:3e:74:48:ec:16:53:2d:f0:b6:6e:dc:e1:ef:57:
3c:69:40:37:f0:ea:ee:5e:56:58:7e:ca:0c:70:b4:0f:9a:28:
c7:d8:69:2a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY/DjEuYGsadB+KSX7B/xoneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNTI5MDg1MTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWRmOTE5Y2YxN2Y5ZDQ5OWYxMGExOWRlNjU5YjI4N2NkMzU2ODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtfyVt6MVUscXlGhwK6yqJREQc7a
fv9H/LAlKpYX34pKBvUM5W1zFi95SBBB02pSt8OTzmXm9umYKKb3vQ6H2gzhFf0O
r4/bzjONm68gDfh27XzSoPLJsEDuRd3+vn1bC7RQFcXnD2IiIx2/ZT+mARR8FWBV
7CbiEig90B9+U7foaGppjQoHoDLeOKxy+dKaPGFEz6DmomyLF10tk8Z6N9wrPn6T
DNiPQQbHTWvUD+2FFQYDNVy4/mafdeGKfuQJWdlfSFDiIsippMguejvrpkhtxPTA
G3/aMg34vdK3uJpQApvCVRtVJODWLOhcks3YxZ9jQDyCOjWVIS68UxlQ8wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDnfkZzxf51JnxChneZZsofNNWiOMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvT2QtUm5QRl9uVW1mRUtHZDVsbXloODAxYUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAaOk/AwQA
aO4aAwQAaO4dAwQAaO8vMAwDBABo7zEDBAJo7zAwDQYJKoZIhvcNAQELBQADggEB
AC+2H2BeC6+3NS6kvkhMb3Ngcog0nIIQTLaErtH3aeq01czeLmW/vtb9E596V5cd
AGv2n+90Hasdp9KS03EQAs13qMtQtB1UBYFtjhvXL8gqiLw36SCBkkNsRJ0QLY6P
tZktm1QSYPShwem++EkxlmruS4n0iT6/3yGvewxjCwnre+AoBzVs2Ootk/9fQASK
9S4Vk5IP55qi2/O4FuR81/2xiZDBGlHOdYoLJuhYO/37qAwDogaNAS9gnpJ5BQnR
kkTPyBMQzmKnjXrZD40BiCqTBld4WF42XLGCA+A+dEjsFlMt8LZu3OHvVzxpQDfw
6u5eVlh+ygxwtA+aKMfYaSo=
-----END CERTIFICATE-----
Generated at Fri Jul 26 12:45:48 2024 by rpki-client on console-ams.rpki-client.org