Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VG5K41M5uamMkLcM8-lCTM52S0Y.roa
File: VG5K41M5uamMkLcM8-lCTM52S0Y.roa (raw, json)
Hash identifier: 6mJ70cg4/0aDxUTzwZ+Dn4xL2pWlF4Bi+LC8LQrjjw4=
Subject key identifier: 54:6E:4A:E3:53:39:B9:A9:8C:90:B7:0C:F3:E9:42:4C:CE:76:4B:46
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794CDA8F8B9114F84D6BF9B67D5F020
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VG5K41M5uamMkLcM8-lCTM52S0Y.roa
Signing time: Tue 02 Jan 2024 00:31:07 +0000
ROA not before: Tue 02 Jan 2024 00:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 45.150.32.0/23 maxlen: 23
45.150.34.0/23 maxlen: 23
104.239.50.0/24 maxlen: 24
104.239.49.0/24 maxlen: 24
104.239.51.0/24 maxlen: 24
104.239.47.0/24 maxlen: 24
104.238.26.0/24 maxlen: 24
104.238.29.0/24 maxlen: 24
45.43.164.0/23 maxlen: 23
104.233.63.0/24 maxlen: 24
104.233.61.0/24 maxlen: 24
104.233.62.0/24 maxlen: 24
104.233.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 21:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:cd:a8:f8:b9:11:4f:84:d6:bf:9b:67:d5:f0:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=546e4ae35339b9a98c90b70cf3e9424cce764b46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:10:c2:cf:01:86:a4:85:b6:fe:5e:24:4d:d2:
4f:a9:fa:18:1f:79:fb:c4:9a:63:31:3f:37:73:be:
43:4f:67:8f:30:78:b1:f3:e3:01:89:04:ff:2c:24:
8e:65:ae:b2:a2:a5:7c:30:c6:26:0f:08:d9:d1:1d:
21:6c:fd:57:1a:de:d3:01:e1:a7:b8:b0:5b:e4:16:
38:59:65:86:b2:55:7a:f2:68:0d:a9:0a:78:2e:35:
63:8f:17:98:77:06:d2:25:71:bd:f3:48:92:77:17:
dc:cc:65:a3:da:c6:e3:95:27:ac:b6:05:84:64:d7:
fa:8c:70:80:a3:7e:e4:7b:22:e8:05:53:1b:89:84:
bd:ca:8d:fc:aa:08:9b:40:00:01:a5:f4:99:c4:a9:
50:2c:f2:2d:48:29:03:fb:21:49:ee:72:a9:f9:18:
ab:3f:a8:b3:6d:40:f6:de:0d:ba:68:49:21:c8:8e:
5d:84:d4:3c:dc:dd:09:d7:66:18:b4:6b:85:e5:2a:
33:c6:26:cd:63:4f:9b:92:5f:91:3c:00:3e:ce:1f:
be:57:a3:14:85:3f:c9:a5:b4:9d:f6:25:c0:c7:7c:
2a:85:33:9e:51:c4:f4:c0:fc:8e:a2:e7:bf:92:a8:
b2:98:63:6a:11:77:96:54:7a:56:60:0b:5a:9f:2a:
63:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6E:4A:E3:53:39:B9:A9:8C:90:B7:0C:F3:E9:42:4C:CE:76:4B:46
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VG5K41M5uamMkLcM8-lCTM52S0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.164.0/23
45.150.32.0/22
104.233.60.0/22
104.238.26.0/24
104.238.29.0/24
104.239.47.0/24
104.239.49.0-104.239.51.255
Signature Algorithm: sha256WithRSAEncryption
8d:7d:54:3b:6b:ce:42:27:2f:15:31:d1:65:61:a4:da:83:60:
58:70:4b:01:0e:84:c8:93:de:45:fa:ac:91:9a:2c:bf:15:90:
98:66:0b:27:03:49:17:bd:2d:9f:ed:8c:33:21:8c:71:78:02:
af:e0:e6:5b:af:91:c1:ca:30:6b:10:55:00:31:32:86:8b:69:
68:30:9f:e0:35:ac:82:6a:ae:f8:84:15:fc:ab:13:16:d0:09:
88:60:37:7e:6e:3f:7d:89:8b:81:ea:90:a1:78:1e:dc:b8:47:
ed:4f:74:94:50:ce:c2:9c:11:9e:c3:be:2b:26:ee:54:ee:b6:
89:3e:ef:a3:94:59:4f:23:69:c5:66:60:72:c1:fd:29:49:66:
db:8f:5b:98:fb:1e:e5:7c:86:3b:2e:17:41:3e:22:8e:f2:2c:
95:7d:69:0c:2a:84:63:67:e2:ac:85:08:71:29:c5:87:a0:f2:
62:b0:74:e8:5e:a1:a2:8a:f0:75:22:4a:d0:92:9b:1e:19:03:
bd:36:06:66:56:b5:bc:a4:05:3f:57:39:ef:2c:47:3c:e2:1e:
10:8f:69:9a:1b:c1:58:4e:35:0b:36:24:7b:ec:fc:fc:8c:93:
82:a8:ce:52:a7:46:90:d5:fd:5b:ec:db:a9:0f:76:83:73:9a:
6c:17:59:c0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzHlM2o+LkRT4TWv5tn1fAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDZlNGFlMzUzMzliOWE5OGM5MGI3MGNmM2U5NDI0Y2NlNzY0YjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhDCzwGGpIW2/l4kTdJPqfoYH3n7
xJpjMT83c75DT2ePMHix8+MBiQT/LCSOZa6yoqV8MMYmDwjZ0R0hbP1XGt7TAeGn
uLBb5BY4WWWGslV68mgNqQp4LjVjjxeYdwbSJXG980iSdxfczGWj2sbjlSestgWE
ZNf6jHCAo37keyLoBVMbiYS9yo38qgibQAABpfSZxKlQLPItSCkD+yFJ7nKp+Rir
P6izbUD23g26aEkhyI5dhNQ83N0J12YYtGuF5SozxibNY0+bkl+RPAA+zh++V6MU
hT/JpbSd9iXAx3wqhTOeUcT0wPyOoue/kqiymGNqEXeWVHpWYAtanypj8QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFRuSuNTObmpjJC3DPPpQkzOdktGMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvVkc1SzQxTTV1YW1Na0xjTTgtbENUTTUyUzBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBLSukAwQC
LZYgAwQCaOk8AwQAaO4aAwQAaO4dAwQAaO8vMAwDBABo7zEDBAJo7zAwDQYJKoZI
hvcNAQELBQADggEBAI19VDtrzkInLxUx0WVhpNqDYFhwSwEOhMiT3kX6rJGaLL8V
kJhmCycDSRe9LZ/tjDMhjHF4Aq/g5luvkcHKMGsQVQAxMoaLaWgwn+A1rIJqrviE
FfyrExbQCYhgN35uP32Ji4HqkKF4Hty4R+1PdJRQzsKcEZ7Dvism7lTutok+76OU
WU8jacVmYHLB/SlJZtuPW5j7HuV8hjsuF0E+Io7yLJV9aQwqhGNn4qyFCHEpxYeg
8mKwdOheoaKK8HUiStCSmx4ZA702BmZWtbykBT9XOe8sRzziHhCPaZobwVhONQs2
JHvs/PyMk4KozlKnRpDV/Vvs26kPdoNzmmwXWcA=
-----END CERTIFICATE-----
Generated at Mon Jan 8 22:31:59 2024 by rpki-client on console-ams.rpki-client.org