Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Q6X0XVuh6vbaFoBdYyFXkGBusK0.roa
File: Q6X0XVuh6vbaFoBdYyFXkGBusK0.roa (raw, json)
Hash identifier: qzAA3pYikEX3BtKC3dEH37JK9aZGJLSXMtjmvbL9ok0=
Subject key identifier: 43:A5:F4:5D:5B:A1:EA:F6:DA:16:80:5D:63:21:57:90:60:6E:B0:AD
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0186C23008C4066CBD69C510AEDBD803AE87
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Q6X0XVuh6vbaFoBdYyFXkGBusK0.roa
Signing time: Wed 08 Mar 2023 17:06:13 +0000
ROA not before: Wed 08 Mar 2023 17:06:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 64.137.122.0/23 maxlen: 23
64.137.125.0/24 maxlen: 24
64.137.120.0/24 maxlen: 24
64.137.119.0/24 maxlen: 24
64.137.127.0/24 maxlen: 24
64.137.109.0/24 maxlen: 24
64.137.110.0/23 maxlen: 23
64.137.113.0/24 maxlen: 24
64.137.115.0/24 maxlen: 24
64.137.117.0/24 maxlen: 24
64.137.16.0/24 maxlen: 24
64.137.23.0/24 maxlen: 24
45.43.165.0/24 maxlen: 24
104.249.39.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
104.143.252.0/22 maxlen: 22
104.222.190.0/24 maxlen: 24
64.137.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c2:30:08:c4:06:6c:bd:69:c5:10:ae:db:d8:03:ae:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 8 17:06:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43a5f45d5ba1eaf6da16805d63215790606eb0ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1c:71:04:00:f2:86:a6:69:aa:f0:fe:0e:97:
64:09:41:83:1e:e2:18:e3:69:ab:20:bf:f6:18:fe:
25:23:b0:b6:4f:c1:ab:d7:77:64:a3:ba:00:32:fe:
83:40:b9:55:15:07:91:79:da:7c:e1:b2:12:8d:4b:
68:8b:ad:45:2a:cc:f2:f4:51:85:58:14:3d:8a:f9:
88:97:53:87:5a:4f:8a:80:8c:ae:6b:1a:2b:86:f4:
08:97:9c:e5:8a:f2:78:4d:3a:66:2e:f1:e6:ef:f2:
7d:56:b9:83:2f:cb:45:16:01:d5:bf:51:49:ea:9c:
b6:b6:2b:c9:3b:ea:83:6d:27:2c:06:07:2b:0e:ad:
22:67:51:b1:27:b6:f2:84:f9:d5:1a:5e:62:2a:3c:
f5:f4:43:7b:9f:92:00:5e:72:c5:20:9e:9f:fa:94:
60:1c:73:11:0d:13:0f:ab:93:4f:ac:71:e2:1b:2e:
71:8f:92:df:36:e6:86:3d:d9:7d:18:9f:1a:73:ab:
25:84:63:bd:92:46:2d:51:50:7f:f3:28:da:05:95:
d3:81:b8:4c:37:64:4d:f4:ab:f6:6b:25:e8:d0:28:
91:06:dc:ab:83:29:a2:b7:df:7a:1d:31:39:38:b4:
dd:39:54:4e:0f:a5:54:bc:48:8f:2c:7b:36:44:94:
3c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A5:F4:5D:5B:A1:EA:F6:DA:16:80:5D:63:21:57:90:60:6E:B0:AD
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Q6X0XVuh6vbaFoBdYyFXkGBusK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.165.0/24
64.137.9.0/24
64.137.16.0/24
64.137.23.0/24
64.137.54.0/24
64.137.109.0-64.137.111.255
64.137.113.0/24
64.137.115.0/24
64.137.117.0/24
64.137.119.0-64.137.120.255
64.137.122.0/23
64.137.125.0/24
64.137.127.0/24
104.143.252.0/22
104.222.190.0/24
104.249.39.0/24
Signature Algorithm: sha256WithRSAEncryption
42:98:0c:d3:54:c2:1d:a6:da:b4:22:bd:e8:56:e8:1c:64:af:
ba:98:11:8c:b3:93:24:e1:d3:7a:f9:fd:b0:5b:01:50:41:61:
8c:a6:a6:b9:ba:d1:a1:ea:c7:48:c1:14:6b:38:80:fd:a6:a6:
09:9a:90:d2:f7:ca:03:fa:bd:33:75:07:7c:f2:00:42:63:c9:
9f:a2:38:9e:61:67:67:0f:c2:04:a4:c0:69:51:0f:91:a4:d9:
f4:99:84:ee:81:7e:78:18:69:c7:c2:3f:6b:bd:bb:41:6d:f8:
dd:08:07:ab:1d:42:c0:3c:53:a5:3c:b3:d5:5f:bb:6c:55:f5:
b8:06:19:34:d4:9f:e6:14:2e:6a:24:5a:b3:b2:a6:70:d3:dd:
19:c2:9e:cc:db:53:8a:17:bb:7d:84:ef:40:0f:41:11:ec:20:
85:f0:b6:ec:2a:1f:9f:81:6b:11:99:a7:2b:4d:0c:58:f2:df:
a0:ca:85:37:a9:31:4c:a0:a6:51:42:06:23:6d:45:d4:da:59:
54:e2:74:8c:93:02:86:7a:f5:01:73:9c:df:af:b2:0f:48:39:
0a:4b:74:50:e0:71:17:99:0b:a7:9d:57:c9:c1:57:a5:fc:91:
4b:df:87:d0:e0:ad:1d:e4:9a:fc:ff:3c:6f:b7:83:d8:b4:dd:
1d:16:25:c5
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYbCMAjEBmy9acUQrtvYA66HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMzA4MTcwNjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2E1ZjQ1ZDViYTFlYWY2ZGExNjgwNWQ2MzIxNTc5MDYwNmViMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRxxBADyhqZpqvD+DpdkCUGDHuIY
42mrIL/2GP4lI7C2T8Gr13dko7oAMv6DQLlVFQeRedp84bISjUtoi61FKszy9FGF
WBQ9ivmIl1OHWk+KgIyuaxorhvQIl5zlivJ4TTpmLvHm7/J9VrmDL8tFFgHVv1FJ
6py2tivJO+qDbScsBgcrDq0iZ1GxJ7byhPnVGl5iKjz19EN7n5IAXnLFIJ6f+pRg
HHMRDRMPq5NPrHHiGy5xj5LfNuaGPdl9GJ8ac6slhGO9kkYtUVB/8yjaBZXTgbhM
N2RN9Kv2ayXo0CiRBtyrgymit996HTE5OLTdOVROD6VUvEiPLHs2RJQ8EQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFEOl9F1boer22haAXWMhV5BgbrCtMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUTZYMFhWdWg2dmJhRm9CZFl5RlhrR0J1c0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAC0rpQME
AECJCQMEAECJEAMEAECJFwMEAECJNjAMAwQAQIltAwQEQIlgAwQAQIlxAwQAQIlz
AwQAQIl1MAwDBABAiXcDBABAiXgDBAFAiXoDBABAiX0DBABAiX8DBAJoj/wDBABo
3r4DBABo+ScwDQYJKoZIhvcNAQELBQADggEBAEKYDNNUwh2m2rQivehW6Bxkr7qY
EYyzkyTh03r5/bBbAVBBYYymprm60aHqx0jBFGs4gP2mpgmakNL3ygP6vTN1B3zy
AEJjyZ+iOJ5hZ2cPwgSkwGlRD5Gk2fSZhO6BfngYacfCP2u9u0Ft+N0IB6sdQsA8
U6U8s9Vfu2xV9bgGGTTUn+YULmokWrOypnDT3RnCnszbU4oXu32E70APQRHsIIXw
tuwqH5+BaxGZpytNDFjy36DKhTepMUygplFCBiNtRdTaWVTidIyTAoZ69QFznN+v
sg9IOQpLdFDgcReZC6edV8nBV6X8kUvfh9DgrR3kmvz/PG+3g9i03R0WJcU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org