Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SKZ1Sqz6xfqozefN9P9pY6t_jL8.roa
File: SKZ1Sqz6xfqozefN9P9pY6t_jL8.roa (raw, json)
Hash identifier: rwuOr4GVL39Swi13Uf4q5IkJcEM8OwWhx31/zzZdxMI=
Subject key identifier: 48:A6:75:4A:AC:FA:C5:FA:A8:CD:E7:CD:F4:FF:69:63:AB:7F:8C:BF
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01875221BA47802FAC886E8C368795E28B75
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SKZ1Sqz6xfqozefN9P9pY6t_jL8.roa
Signing time: Wed 05 Apr 2023 15:55:54 +0000
ROA not before: Wed 05 Apr 2023 15:55:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 64.137.44.0/24 maxlen: 24
64.137.72.0/24 maxlen: 24
64.137.85.0/24 maxlen: 24
64.137.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 11:43:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:21:ba:47:80:2f:ac:88:6e:8c:36:87:95:e2:8b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 5 15:55:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48a6754aacfac5faa8cde7cdf4ff6963ab7f8cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c3:88:d6:6d:b9:c0:58:56:31:f9:7c:65:63:
4c:a2:93:36:a0:f3:a0:a0:c8:f7:bb:01:9b:50:90:
e2:a9:6f:60:67:d7:bd:e0:6c:91:a9:a9:5e:8d:bf:
2d:7d:40:db:c1:fc:79:cf:34:69:1a:91:66:4b:7d:
af:57:76:5f:01:1d:fa:ca:b1:bc:d0:82:4f:7a:05:
b2:12:5b:e1:d8:5a:7b:31:7e:09:b2:2c:d8:4c:64:
e9:14:9d:46:f5:74:7d:51:18:c1:fb:4c:e2:cb:fc:
93:47:4c:e5:3d:da:32:66:4b:64:f2:59:98:04:09:
53:3a:37:bd:42:29:99:f3:2e:a5:17:25:85:ac:40:
d8:ac:d7:58:61:6f:e8:25:77:ca:5d:6b:94:ee:97:
7f:56:5f:77:05:1b:85:91:60:a4:bd:75:bc:61:74:
84:ae:0b:bb:bb:a0:c4:a4:f7:ba:20:fc:05:89:0e:
81:96:ed:58:d4:e5:cd:a9:a2:57:85:a9:20:19:c1:
6a:5e:cd:6c:e9:91:df:06:35:3c:32:12:0f:bf:5e:
49:60:6a:f9:bb:d6:9a:93:6a:1d:d8:76:6c:d0:82:
aa:05:d8:d1:16:a5:6c:c3:75:0c:31:89:3e:55:4b:
86:8f:e3:85:13:f4:d7:38:a5:d3:33:0b:8c:40:1c:
7d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A6:75:4A:AC:FA:C5:FA:A8:CD:E7:CD:F4:FF:69:63:AB:7F:8C:BF
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SKZ1Sqz6xfqozefN9P9pY6t_jL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.44.0/24
64.137.72.0/24
64.137.85.0/24
64.137.116.0/24
Signature Algorithm: sha256WithRSAEncryption
12:59:e3:e6:ec:4e:a4:a7:29:ff:da:34:74:f1:91:1c:1f:9f:
53:ea:da:6f:72:ce:d8:60:8c:bd:0d:c8:34:8b:ce:e8:b5:b9:
dd:11:74:74:c5:e8:b6:13:c8:e0:8b:62:ce:64:42:fd:cc:26:
93:33:1d:23:84:39:e9:fa:25:21:1d:8c:6d:85:cc:fa:5d:fe:
39:5a:09:a2:fa:9e:72:1e:a1:81:e1:4d:b0:3b:ba:53:cf:a4:
b4:27:a9:00:5d:1b:11:53:ef:a3:ac:b7:8d:70:36:08:5a:f2:
93:93:4f:c6:9b:ee:16:0e:2b:fb:03:13:ac:4b:67:32:b3:54:
40:37:22:48:0e:18:34:96:84:c9:1c:d8:40:4a:16:6f:71:0c:
37:58:f5:1b:9b:71:5e:3e:60:c0:cc:94:aa:92:14:2c:32:a8:
e3:16:a8:91:11:7f:3f:a9:de:2a:f3:51:96:3d:f3:a9:4d:59:
7e:68:40:c9:05:ee:c0:92:a3:c7:19:78:d1:f0:c9:fb:50:fc:
09:01:f7:8f:23:d7:89:26:75:16:85:8f:21:9f:1a:44:9e:b5:
4f:f9:30:d8:31:5f:a8:3b:f0:8c:6b:f1:c5:e4:0a:a0:06:3b:
98:d0:c7:c0:d5:89:e4:63:9e:08:52:d4:6e:71:ee:56:7c:ed:
93:94:35:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdSIbpHgC+siG6MNoeV4ot1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNDA1MTU1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGE2NzU0YWFjZmFjNWZhYThjZGU3Y2RmNGZmNjk2M2FiN2Y4Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsOI1m25wFhWMfl8ZWNMopM2oPOg
oMj3uwGbUJDiqW9gZ9e94GyRqalejb8tfUDbwfx5zzRpGpFmS32vV3ZfAR36yrG8
0IJPegWyElvh2Fp7MX4JsizYTGTpFJ1G9XR9URjB+0ziy/yTR0zlPdoyZktk8lmY
BAlTOje9QimZ8y6lFyWFrEDYrNdYYW/oJXfKXWuU7pd/Vl93BRuFkWCkvXW8YXSE
rgu7u6DEpPe6IPwFiQ6Blu1Y1OXNqaJXhakgGcFqXs1s6ZHfBjU8MhIPv15JYGr5
u9aak2od2HZs0IKqBdjRFqVsw3UMMYk+VUuGj+OFE/TXOKXTMwuMQBx9awIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEimdUqs+sX6qM3nzfT/aWOrf4y/MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvU0taMVNxejZ4ZnFvemVmTjlQOXBZNnRfakw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQIksAwQA
QIlIAwQAQIlVAwQAQIl0MA0GCSqGSIb3DQEBCwUAA4IBAQASWePm7E6kpyn/2jR0
8ZEcH59T6tpvcs7YYIy9Dcg0i87otbndEXR0xei2E8jgi2LOZEL9zCaTMx0jhDnp
+iUhHYxthcz6Xf45Wgmi+p5yHqGB4U2wO7pTz6S0J6kAXRsRU++jrLeNcDYIWvKT
k0/Gm+4WDiv7AxOsS2cys1RANyJIDhg0loTJHNhAShZvcQw3WPUbm3FePmDAzJSq
khQsMqjjFqiREX8/qd4q81GWPfOpTVl+aEDJBe7AkqPHGXjR8Mn7UPwJAfePI9eJ
JnUWhY8hnxpEnrVP+TDYMV+oO/CMa/HF5AqgBjuY0MfA1YnkY54IUtRuce5WfO2T
lDXm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org