Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VBf9YSlPjhuomQM5b36SVYBR3hs.roa
File: VBf9YSlPjhuomQM5b36SVYBR3hs.roa (raw, json)
Hash identifier: VwBUast9a6A+QMTS8r6VK6KXJRev63RFJRmDSgl0o+8=
Subject key identifier: 54:17:FD:61:29:4F:8E:1B:A8:99:03:39:6F:7E:92:55:80:51:DE:1B
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018608ED44C307E1BAEC24D9532D86305187
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VBf9YSlPjhuomQM5b36SVYBR3hs.roa
Signing time: Tue 31 Jan 2023 17:43:32 +0000
ROA not before: Tue 31 Jan 2023 17:43:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
216.173.102.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
216.173.107.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:ed:44:c3:07:e1:ba:ec:24:d9:53:2d:86:30:51:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 31 17:43:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5417fd61294f8e1ba89903396f7e92558051de1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:95:ba:70:46:29:16:6d:8e:60:2c:6d:e9:7b:
ba:f3:12:90:b6:f4:3b:eb:4e:d5:b5:b1:5e:2f:c6:
76:5e:fd:b8:e5:fa:7f:66:1b:a8:2e:93:60:fc:87:
a8:ec:60:5d:ce:0b:27:cc:b6:e7:a1:77:dc:d3:ee:
08:7c:4a:f5:04:17:84:42:80:0c:7e:3a:47:6f:e0:
1f:7e:f3:d8:18:ac:28:fb:7b:f3:d2:db:20:17:0f:
c8:f0:e3:58:af:ec:32:a3:a7:8a:4e:5a:85:8b:bc:
56:c2:ba:0b:78:5e:76:a1:9b:7c:b7:fd:fa:5f:2e:
95:d2:08:a1:04:a7:dc:49:63:c6:f5:28:ee:18:f1:
c1:0f:3b:2f:96:bb:40:b2:cb:4e:4a:a2:47:64:59:
df:39:d9:e5:9a:88:b6:93:0f:34:d4:f7:79:e1:ae:
e2:eb:a9:31:45:b6:7e:2e:01:15:68:c8:9a:de:13:
03:71:4b:9e:74:46:d9:a1:bf:cc:1c:59:eb:0c:7b:
ef:a9:e3:47:cf:5d:06:cd:c4:55:36:e0:2e:2d:fb:
50:5f:0a:8a:3d:88:4f:a5:8f:73:fb:7d:60:1a:20:
e0:03:8a:f2:e9:3c:f8:05:c1:50:6d:02:e6:b8:ca:
65:73:ab:f2:4c:ff:83:b1:4d:ee:41:32:a9:72:66:
e8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:17:FD:61:29:4F:8E:1B:A8:99:03:39:6F:7E:92:55:80:51:DE:1B
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VBf9YSlPjhuomQM5b36SVYBR3hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.8.0-104.238.10.255
104.239.10.0/23
104.239.30.0/23
104.239.75.0/24
104.239.78.0/24
104.239.80.0/23
104.239.94.0/24
104.239.104.0/22
104.239.111.0/24
104.239.124.0-104.239.126.255
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0/24
216.173.106.0/23
216.173.110.0/24
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
05:c6:aa:d9:aa:2d:62:63:57:7c:5b:4b:97:8d:19:6f:ee:ab:
6b:06:05:32:3f:12:3f:73:cf:68:e3:c3:fb:b1:ff:0e:d4:aa:
8f:01:a5:16:0e:c2:71:c8:af:60:c6:d2:79:70:77:7f:af:53:
60:20:2d:05:8c:ae:15:c5:60:ae:24:ca:8b:ee:0a:49:c4:41:
ef:40:ba:d0:1f:bf:5c:b5:8b:81:b0:c7:64:ac:fd:25:b2:96:
31:c3:9c:de:20:cd:70:82:95:4b:55:a5:2f:e8:35:28:3b:fe:
eb:02:aa:a0:af:86:23:90:d0:36:bd:9f:ac:f7:05:f3:eb:ae:
60:e8:7a:9b:b2:f1:4f:d2:67:e9:ee:79:9e:b9:3f:97:8f:79:
77:79:4f:1f:4d:ab:2d:11:1e:9f:09:7d:39:cf:9c:55:06:78:
5f:12:b1:fe:0a:79:23:5f:72:26:f2:6c:b3:41:93:4a:5b:63:
2a:15:70:ce:60:69:35:dc:ef:f3:c0:f8:d9:09:80:26:53:17:
0d:d8:c6:30:c9:49:96:ed:1b:74:aa:9a:79:77:bf:b7:00:db:
84:dc:5a:70:28:18:6c:6b:a8:58:67:d6:bd:ce:ac:01:b9:d7:
c1:91:6b:98:a4:cc:e3:8d:2d:9c:06:42:66:f6:62:c9:b9:05:
e6:85:3f:78
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYYI7UTDB+G67CTZUy2GMFGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTMxMTc0MzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDE3ZmQ2MTI5NGY4ZTFiYTg5OTAzMzk2ZjdlOTI1NTgwNTFkZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5W6cEYpFm2OYCxt6Xu68xKQtvQ7
607VtbFeL8Z2Xv245fp/ZhuoLpNg/Ieo7GBdzgsnzLbnoXfc0+4IfEr1BBeEQoAM
fjpHb+AffvPYGKwo+3vz0tsgFw/I8ONYr+wyo6eKTlqFi7xWwroLeF52oZt8t/36
Xy6V0gihBKfcSWPG9SjuGPHBDzsvlrtAsstOSqJHZFnfOdnlmoi2kw801Pd54a7i
66kxRbZ+LgEVaMia3hMDcUuedEbZob/MHFnrDHvvqeNHz10GzcRVNuAuLftQXwqK
PYhPpY9z+31gGiDgA4ry6Tz4BcFQbQLmuMplc6vyTP+DsU3uQTKpcmbotQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFFQX/WEpT44bqJkDOW9+klWAUd4bMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvVkJmOVlTbFBqaHVvbVFNNWIzNlNWWUJSM2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYowDAME
A2jpGAMEAGjpGgMEAWjuBDAMAwQDaO4IAwQAaO4KAwQBaO8KAwQBaO8eAwQAaO9L
AwQAaO9OAwQBaO9QAwQAaO9eAwQCaO9oAwQAaO9vMAwDBAJo73wDBABo734DBACK
gJ0DBADYrUwDBADYrVIDBADYrWYDBAHYrWoDBADYrW4DBADYrXgwDQYJKoZIhvcN
AQELBQADggEBAAXGqtmqLWJjV3xbS5eNGW/uq2sGBTI/Ej9zz2jjw/ux/w7Uqo8B
pRYOwnHIr2DG0nlwd3+vU2AgLQWMrhXFYK4kyovuCknEQe9AutAfv1y1i4Gwx2Ss
/SWyljHDnN4gzXCClUtVpS/oNSg7/usCqqCvhiOQ0Da9n6z3BfPrrmDoepuy8U/S
Z+nueZ65P5ePeXd5Tx9Nqy0RHp8JfTnPnFUGeF8Ssf4KeSNfcibybLNBk0pbYyoV
cM5gaTXc7/PA+NkJgCZTFw3YxjDJSZbtG3Sqmnl3v7cA24TcWnAoGGxrqFhn1r3O
rAG518GRa5ikzOONLZwGQmb2Ysm5BeaFP3g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org