Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VKh03xLslYTVG5LF7XfGRRU_ecM.roa
File: VKh03xLslYTVG5LF7XfGRRU_ecM.roa (raw, json)
Hash identifier: KHuJSVdOvhRAWqao34l/fIImNMH+l63RqxLE4aimCJM=
Subject key identifier: 54:A8:74:DF:12:EC:95:84:D5:1B:92:C5:ED:77:C6:45:15:3F:79:C3
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01867AF75F2DEEBEB30EAC35170B871C7CEF
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VKh03xLslYTVG5LF7XfGRRU_ecM.roa
Signing time: Wed 22 Feb 2023 21:11:17 +0000
ROA not before: Wed 22 Feb 2023 21:11:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133944
IP address blocks: 64.137.124.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
64.137.66.0/24 maxlen: 24
64.137.91.0/24 maxlen: 24
64.137.86.0/24 maxlen: 24
64.137.88.0/24 maxlen: 24
64.137.104.0/24 maxlen: 24
64.137.103.0/24 maxlen: 24
64.137.106.0/24 maxlen: 24
64.137.108.0/24 maxlen: 24
64.137.112.0/24 maxlen: 24
64.137.118.0/24 maxlen: 24
104.239.86.0/24 maxlen: 24
64.137.17.0/24 maxlen: 24
216.173.84.0/24 maxlen: 24
64.137.38.0/24 maxlen: 24
216.173.87.0/24 maxlen: 24
104.143.229.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
138.128.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:f7:5f:2d:ee:be:b3:0e:ac:35:17:0b:87:1c:7c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Feb 22 21:11:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54a874df12ec9584d51b92c5ed77c645153f79c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7f:6b:d8:df:a4:1f:fd:12:5e:8a:3f:49:f2:
53:ed:f8:1b:d8:86:31:fd:ba:61:48:9a:3c:e0:97:
64:b6:25:e1:70:1a:00:5a:ef:71:07:96:b0:5e:0e:
11:44:a2:d9:1d:3d:c7:f2:fb:19:99:d2:dc:5c:00:
1f:89:71:03:f7:fc:80:35:bf:f1:de:8d:65:74:b6:
37:33:8f:bf:dd:91:40:6b:0e:dc:bd:f0:0f:dd:7a:
f3:e8:3b:9d:65:3f:85:67:e1:67:14:80:12:8e:4c:
0b:22:49:ea:ed:58:58:5d:cd:f9:63:5d:48:f5:3a:
20:66:b0:06:22:af:32:5a:bb:29:8e:f9:c9:90:54:
6a:62:7f:6c:83:dd:ce:40:b9:28:73:c3:07:2c:c9:
99:9d:03:1e:6e:34:88:ea:8c:b8:cc:b5:2c:d4:1d:
f4:e2:70:85:02:e4:67:09:cc:cb:54:60:3e:fd:ca:
5e:32:64:14:26:97:12:72:b2:a6:4d:4f:0a:fb:8c:
2f:68:50:53:1e:b6:71:cc:b7:06:33:09:0d:e9:90:
6f:28:87:7c:f8:97:f3:f2:b4:60:5a:fc:5d:8e:96:
3c:5b:0e:01:1e:23:78:dd:47:ad:74:e4:15:98:24:
f9:ce:ec:15:fd:fb:74:31:81:12:57:7e:ec:13:7c:
b1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A8:74:DF:12:EC:95:84:D5:1B:92:C5:ED:77:C6:45:15:3F:79:C3
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VKh03xLslYTVG5LF7XfGRRU_ecM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.17.0/24
64.137.38.0/24
64.137.66.0/24
64.137.86.0/24
64.137.88.0/24
64.137.91.0/24
64.137.103.0-64.137.104.255
64.137.106.0/24
64.137.108.0/24
64.137.112.0/24
64.137.118.0/24
64.137.124.0/24
104.143.229.0/24
104.239.86.0/24
104.239.101.0/24
104.239.108.0/24
138.128.145.0/24
216.173.84.0/24
216.173.87.0/24
216.173.103.0/24
216.173.109.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:d5:07:93:35:b9:e4:d6:ce:d4:cd:ab:22:2c:2e:08:58:d3:
81:77:3a:98:3a:25:0e:10:b4:94:96:fb:85:7c:9a:ce:d1:29:
64:55:71:17:54:0a:2e:68:88:21:a1:69:a9:b5:89:c0:69:90:
e7:2d:6e:71:29:79:23:05:3e:1b:dd:df:86:c5:c2:fb:ed:1e:
bc:75:44:5b:b4:7e:01:88:bd:35:1d:72:c8:f5:1c:44:16:2a:
6f:b3:bb:04:8d:da:b1:cf:48:0f:90:2a:be:1e:b6:df:34:d4:
16:f5:b5:0c:d2:e2:ef:8e:8d:b0:a5:4a:79:54:74:1b:26:77:
e7:30:3a:60:7c:b1:6b:4b:59:38:a1:92:40:ed:25:83:68:e0:
db:ef:d4:a5:c9:10:4a:38:09:a6:77:5d:35:fb:91:12:8f:6f:
9a:4b:02:07:94:23:a6:67:b2:6e:ce:40:0a:76:f2:5e:0a:18:
87:0f:51:60:96:e8:9a:45:27:a1:f3:8f:f5:5e:65:3a:a0:b6:
b7:63:5d:8b:fc:cd:37:9c:79:1f:70:e8:62:89:3c:8c:8a:0e:
d3:39:a9:72:bf:eb:e5:02:96:b3:05:d7:d6:d7:8b:c6:26:66:
5b:7e:70:c0:05:f7:3e:78:dd:74:6d:58:8a:a5:36:4f:4d:54:
fd:4d:e0:02
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYZ6918t7r6zDqw1FwuHHHzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMjIyMjExMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGE4NzRkZjEyZWM5NTg0ZDUxYjkyYzVlZDc3YzY0NTE1M2Y3OWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH9r2N+kH/0SXoo/SfJT7fgb2IYx
/bphSJo84JdktiXhcBoAWu9xB5awXg4RRKLZHT3H8vsZmdLcXAAfiXED9/yANb/x
3o1ldLY3M4+/3ZFAaw7cvfAP3Xrz6DudZT+FZ+FnFIASjkwLIknq7VhYXc35Y11I
9TogZrAGIq8yWrspjvnJkFRqYn9sg93OQLkoc8MHLMmZnQMebjSI6oy4zLUs1B30
4nCFAuRnCczLVGA+/cpeMmQUJpcScrKmTU8K+4wvaFBTHrZxzLcGMwkN6ZBvKId8
+Jfz8rRgWvxdjpY8Ww4BHiN43UetdOQVmCT5zuwV/ft0MYESV37sE3yxnwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFFSodN8S7JWE1RuSxe13xkUVP3nDMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvVktoMDN4THNsWVRWRzVMRjdYZkdSUlVfZWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBABA
iREDBABAiSYDBABAiUIDBABAiVYDBABAiVgDBABAiVswDAMEAECJZwMEAECJaAME
AECJagMEAECJbAMEAECJcAMEAECJdgMEAECJfAMEAGiP5QMEAGjvVgMEAGjvZQME
AGjvbAMEAIqAkQMEANitVAMEANitVwMEANitZwMEANitbTANBgkqhkiG9w0BAQsF
AAOCAQEAnNUHkzW55NbO1M2rIiwuCFjTgXc6mDolDhC0lJb7hXyaztEpZFVxF1QK
LmiIIaFpqbWJwGmQ5y1ucSl5IwU+G93fhsXC++0evHVEW7R+AYi9NR1yyPUcRBYq
b7O7BI3asc9ID5Aqvh623zTUFvW1DNLi746NsKVKeVR0GyZ35zA6YHyxa0tZOKGS
QO0lg2jg2+/UpckQSjgJpnddNfuREo9vmksCB5Qjpmeybs5ACnbyXgoYhw9RYJbo
mkUnofOP9V5lOqC2t2Ndi/zNN5x5H3DoYok8jIoO0zmpcr/r5QKWswXX1teLxiZm
W35wwAX3PnjddG1YiqU2T01U/U3gAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org