Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SKAXqpvZMGPkkGhzpKNDABFCzY8.roa
File: SKAXqpvZMGPkkGhzpKNDABFCzY8.roa (raw, json)
Hash identifier: SD1oDuZOXjH8w129tpLmsI1/N2cFJlPg9j7Pb+xhmhw=
Subject key identifier: 48:A0:17:AA:9B:D9:30:63:E4:90:68:73:A4:A3:43:00:11:42:CD:8F
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185725EB3FC7746E14F9D49C56B1B394389
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SKAXqpvZMGPkkGhzpKNDABFCzY8.roa
Signing time: Mon 02 Jan 2023 12:04:46 +0000
ROA not before: Mon 02 Jan 2023 12:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 104.239.10.0/23 maxlen: 23
104.239.28.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.167.0.0/24 maxlen: 24
104.167.10.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
138.128.148.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Jan 2023 15:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5e:b3:fc:77:46:e1:4f:9d:49:c5:6b:1b:39:43:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 12:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48a017aa9bd93063e4906873a4a343001142cd8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6c:9c:01:e5:7d:28:60:a3:00:d7:90:9e:b9:
97:8c:d8:7a:88:08:ad:28:f8:6e:8f:34:06:b3:6b:
23:05:07:93:e7:0b:36:e6:72:a9:00:2f:0b:c0:3f:
75:7c:7b:f0:4b:63:e4:a2:a7:39:f9:fe:2f:c7:26:
a7:3b:16:b0:bf:d0:10:d4:99:44:d5:57:32:3b:ff:
91:ef:e2:2d:d3:c5:68:e9:6e:88:4c:a6:a8:2b:d4:
bf:41:b7:56:88:34:4c:fa:96:5a:30:d3:7d:6f:c7:
aa:eb:89:6d:1c:40:d1:80:a6:af:5e:ef:d1:a9:db:
f7:1d:be:13:41:3b:69:85:0d:b3:94:8a:5e:be:3a:
3e:94:02:e9:c8:8a:d1:5f:03:54:19:b8:4a:88:dd:
28:36:78:d5:6a:71:51:c7:dd:3a:9b:44:0c:f4:b4:
ec:7b:a2:67:fa:ba:b7:0f:c7:2e:6e:88:e8:1b:7a:
35:6e:ce:50:55:cf:44:32:af:33:59:65:fa:59:71:
cf:bf:0b:03:28:ff:c0:68:8a:46:0b:d8:9e:b0:d5:
6b:a8:94:e8:7a:21:d7:d5:ea:52:5d:b4:ac:f9:86:
73:fc:a9:05:7b:1a:e6:fd:cc:41:87:76:38:25:48:
d1:ab:61:10:5d:32:52:0a:ef:40:30:fe:4b:f0:15:
d1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A0:17:AA:9B:D9:30:63:E4:90:68:73:A4:A3:43:00:11:42:CD:8F
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SKAXqpvZMGPkkGhzpKNDABFCzY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.52.0/23
104.167.0.0/24
104.167.10.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.86.0/24
104.239.88.0/24
104.239.90.0/23
104.239.94.0/24
104.239.98.0/24
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
138.128.148.0/24
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:67:3d:e0:a4:a9:0c:00:da:17:2d:89:c0:e4:60:83:3d:80:
aa:45:62:e1:5c:e1:6e:55:69:87:0d:ac:a2:cb:47:c4:a6:81:
02:0b:e5:2d:3c:f8:ab:dd:3a:c2:75:15:1b:49:8a:d6:a9:2a:
20:51:34:ef:8b:00:b4:ae:79:49:13:9d:d9:4b:a1:fa:b6:30:
34:bc:1d:cd:24:19:34:e0:3b:a2:37:ac:09:4a:c9:1b:dc:b8:
c7:ee:e7:54:dc:ef:65:e0:18:d3:a4:a9:d9:62:53:ea:77:d0:
0e:d2:5d:28:9e:65:77:05:9b:61:42:a6:74:d1:ac:69:5a:90:
aa:a5:42:0f:82:bb:43:b7:44:74:e3:a3:5f:d4:0f:05:9c:48:
fe:aa:c7:2b:9a:dc:32:2b:c9:fb:9b:08:81:ca:42:e5:02:36:
b9:e2:e8:1a:1a:f5:a5:d4:9b:96:33:c3:27:2b:c3:5b:8a:4c:
1f:49:77:d3:d9:c8:ed:a8:73:08:24:a5:b1:a9:2c:84:36:1e:
f7:a9:5e:17:4c:79:ec:a5:83:29:7b:4f:46:31:d3:da:22:91:
48:33:99:5b:ed:f6:80:69:3e:8b:c3:9a:91:d0:1c:4b:9f:70:
4d:37:df:f6:17:35:f9:57:b9:fb:e2:1c:a8:57:97:a0:b6:84:
56:a2:bd:b9
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYVyXrP8d0bhT51JxWsbOUOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGEwMTdhYTliZDkzMDYzZTQ5MDY4NzNhNGEzNDMwMDExNDJjZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGycAeV9KGCjANeQnrmXjNh6iAit
KPhujzQGs2sjBQeT5ws25nKpAC8LwD91fHvwS2Pkoqc5+f4vxyanOxawv9AQ1JlE
1VcyO/+R7+It08Vo6W6ITKaoK9S/QbdWiDRM+pZaMNN9b8eq64ltHEDRgKavXu/R
qdv3Hb4TQTtphQ2zlIpevjo+lALpyIrRXwNUGbhKiN0oNnjVanFRx906m0QM9LTs
e6Jn+rq3D8cubojoG3o1bs5QVc9EMq8zWWX6WXHPvwsDKP/AaIpGC9iesNVrqJTo
eiHX1epSXbSs+YZz/KkFexrm/cxBh3Y4JUjRq2EQXTJSCu9AMP5L8BXR0wIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFEigF6qb2TBj5JBoc6SjQwARQs2PMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvU0tBWHFwdlpNR1Bra0doenBLTkRBQkZDelk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBAFA
iTQDBABopwADBABopwowDAMEA2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4K
AwQBaO8KAwQAaO8cAwQBaO8eAwQAaO8sAwQAaO9JMAwDBABo70sDBABo704wDAME
BGjvUAMEAGjvUgMEAGjvVgMEAGjvWAMEAWjvWgMEAGjvXgMEAGjvYgMEAGjvZTAM
AwQDaO9oAwQAaO9sAwQAaO9vMAwDBAJo73wDBABo734DBACKgJQDBACKgJ0DBADY
rUwDBADYrVIwDAMEAditZgMEANitbgMEANiteDANBgkqhkiG9w0BAQsFAAOCAQEA
PGc94KSpDADaFy2JwORggz2AqkVi4VzhblVphw2sostHxKaBAgvlLTz4q906wnUV
G0mK1qkqIFE074sAtK55SROd2Uuh+rYwNLwdzSQZNOA7ojesCUrJG9y4x+7nVNzv
ZeAY06Sp2WJT6nfQDtJdKJ5ldwWbYUKmdNGsaVqQqqVCD4K7Q7dEdOOjX9QPBZxI
/qrHK5rcMivJ+5sIgcpC5QI2ueLoGhr1pdSbljPDJyvDW4pMH0l309nI7ahzCCSl
sakshDYe96leF0x57KWDKXtPRjHT2iKRSDOZW+32gGk+i8OakdAcS59wTTff9hc1
+Ve5++IcqFeXoLaEVqK9uQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org