Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SH7yX46ENdOd_leYLDRu2qtqvok.roa
File: SH7yX46ENdOd_leYLDRu2qtqvok.roa (raw, json)
Hash identifier: EhF3DE736+YHluuZ/rZOKmZN+15kxJkehMBBW2GUui8=
Subject key identifier: 48:7E:F2:5F:8E:84:35:D3:9D:FE:57:98:2C:34:6E:DA:AB:6A:BE:89
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185725EBE3D06055E7AE2F03D64FFDA1669
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SH7yX46ENdOd_leYLDRu2qtqvok.roa
Signing time: Mon 02 Jan 2023 12:04:49 +0000
ROA not before: Mon 02 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202496
IP address blocks: 104.239.92.0/23 maxlen: 23
104.143.254.0/23 maxlen: 23
216.173.78.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.249.30.0/23 maxlen: 23
216.173.80.0/23 maxlen: 23
216.173.88.0/23 maxlen: 23
45.43.176.0/23 maxlen: 23
45.43.176.0/20 maxlen: 20
104.239.13.0/24 maxlen: 24
45.43.178.0/23 maxlen: 23
45.43.180.0/23 maxlen: 23
45.43.182.0/23 maxlen: 23
45.43.186.0/23 maxlen: 23
45.43.184.0/23 maxlen: 23
104.143.235.0/24 maxlen: 24
45.43.190.0/23 maxlen: 23
45.43.188.0/23 maxlen: 23
104.143.252.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
104.143.248.0/22 maxlen: 22
104.238.4.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5e:be:3d:06:05:5e:7a:e2:f0:3d:64:ff:da:16:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=487ef25f8e8435d39dfe57982c346edaab6abe89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8e:12:d9:42:cc:72:a2:82:4c:d7:d0:1a:97:
1b:a7:53:6f:b1:93:5f:be:d1:4e:40:f1:5d:1e:e9:
ae:b5:a8:23:46:06:ba:b2:6a:9c:c2:b7:39:21:24:
1b:04:d6:51:0a:ae:9c:25:84:fb:41:1f:a5:17:d2:
f2:ba:aa:c3:10:d2:ab:7c:db:9a:4f:77:35:5b:01:
2f:9a:c2:6a:0a:7b:78:a2:b7:03:a5:10:a1:42:c4:
13:19:b4:f7:08:dc:93:bf:d3:57:07:00:a6:89:02:
18:03:d5:3f:71:42:a2:e4:00:49:6e:07:e4:a9:5d:
ac:7f:ea:3a:cf:33:a1:eb:24:ed:df:f4:a4:4c:cc:
90:cb:bd:dc:c7:76:78:c0:39:5d:5d:40:ad:fa:a0:
2a:d6:a6:b6:42:ae:f1:f4:33:d3:c7:bd:1d:01:61:
1c:43:47:ea:d7:16:41:73:28:2f:72:21:cd:7c:41:
ae:d7:38:8c:64:9a:de:61:7c:2b:52:e9:45:01:3b:
ff:c9:5b:a8:21:a8:5d:bd:f5:f1:22:84:8c:66:c5:
a6:ff:8b:9f:3a:35:ad:3b:ca:2e:33:b1:4c:b0:e9:
77:b8:31:3d:77:1f:0e:2c:e2:50:f8:49:fa:9d:ca:
33:eb:9f:44:31:20:0d:a4:02:08:1f:61:95:b5:9e:
ca:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:7E:F2:5F:8E:84:35:D3:9D:FE:57:98:2C:34:6E:DA:AB:6A:BE:89
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SH7yX46ENdOd_leYLDRu2qtqvok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.176.0/20
104.143.235.0/24
104.143.248.0-104.143.252.255
104.143.254.0/23
104.233.20.0/24
104.238.4.0/23
104.239.13.0/24
104.239.92.0/23
104.249.30.0/23
104.249.60.0/23
216.173.78.0-216.173.81.255
216.173.88.0/23
Signature Algorithm: sha256WithRSAEncryption
48:69:45:bd:f8:b9:be:39:b0:05:11:be:fa:ef:5c:99:04:57:
8d:5f:1c:c9:2f:f3:90:8d:de:f8:80:60:be:07:a2:53:46:6b:
80:b7:95:8b:9b:c0:2a:b8:70:2d:c8:90:b5:d0:d4:f1:e5:db:
0b:b1:63:b5:6e:66:0b:d3:60:42:db:b1:9e:bd:03:80:0a:e2:
c8:1a:4b:d2:a8:2c:cc:39:e2:62:c2:ad:c7:2c:3f:c7:b6:e3:
42:3c:0b:c3:7e:0b:e5:52:d2:a7:de:11:f0:ea:1e:67:1c:34:
6a:95:22:56:3e:4c:34:db:71:a4:35:44:77:04:4e:c2:3b:c3:
f8:cf:81:65:c5:2f:79:fb:0b:b8:2a:4f:34:8c:76:16:ac:1d:
b7:ac:a8:12:8c:75:66:93:d7:f6:59:68:56:87:0e:fb:5b:23:
b1:5e:00:00:0b:84:09:58:88:94:61:85:08:13:93:06:8a:1e:
e5:c5:7e:99:1d:37:27:fa:cd:d0:d3:bd:0c:f5:4e:c0:46:90:
e9:9e:b6:5e:95:93:38:f0:ca:31:06:3c:71:65:ac:ae:87:b9:
37:d0:9a:0b:28:95:16:83:20:cd:b3:da:0f:91:ab:8a:c3:16:
1e:40:c0:43:bb:ba:26:ed:2b:fc:99:b7:27:6c:39:db:bf:39:
c3:46:3c:3e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVyXr49BgVeeuLwPWT/2hZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODdlZjI1ZjhlODQzNWQzOWRmZTU3OTgyYzM0NmVkYWFiNmFiZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI4S2ULMcqKCTNfQGpcbp1NvsZNf
vtFOQPFdHumutagjRga6smqcwrc5ISQbBNZRCq6cJYT7QR+lF9LyuqrDENKrfNua
T3c1WwEvmsJqCnt4orcDpRChQsQTGbT3CNyTv9NXBwCmiQIYA9U/cUKi5ABJbgfk
qV2sf+o6zzOh6yTt3/SkTMyQy73cx3Z4wDldXUCt+qAq1qa2Qq7x9DPTx70dAWEc
Q0fq1xZBcygvciHNfEGu1ziMZJreYXwrUulFATv/yVuoIahdvfXxIoSMZsWm/4uf
OjWtO8ouM7FMsOl3uDE9dx8OLOJQ+En6ncoz659EMSANpAIIH2GVtZ7K+QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFEh+8l+OhDXTnf5XmCw0btqrar6JMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvU0g3eVg0NkVOZE9kX2xlWUxEUnUycXRxdm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQELSuwAwQA
aI/rMAwDBANoj/gDBABoj/wDBAFoj/4DBABo6RQDBAFo7gQDBABo7w0DBAFo71wD
BAFo+R4DBAFo+TwwDAMEAditTgMEAditUAMEAditWDANBgkqhkiG9w0BAQsFAAOC
AQEASGlFvfi5vjmwBRG++u9cmQRXjV8cyS/zkI3e+IBgvgeiU0ZrgLeVi5vAKrhw
LciQtdDU8eXbC7FjtW5mC9NgQtuxnr0DgAriyBpL0qgszDniYsKtxyw/x7bjQjwL
w34L5VLSp94R8OoeZxw0apUiVj5MNNtxpDVEdwROwjvD+M+BZcUvefsLuCpPNIx2
Fqwdt6yoEox1ZpPX9lloVocO+1sjsV4AAAuECViIlGGFCBOTBooe5cV+mR03J/rN
0NO9DPVOwEaQ6Z62XpWTOPDKMQY8cWWsroe5N9CaCyiVFoMgzbPaD5GrisMWHkDA
Q7u6Ju0r/Jm3J2w52785w0Y8Pg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org