Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/V_gxEXflckZb41atg2qxSg0Q5lg.roa
File: V_gxEXflckZb41atg2qxSg0Q5lg.roa (raw, json)
Hash identifier: XceTBRS4grUI9jEGxjqY0ADv5hUIY4N2+9bPUx1UjrU=
Subject key identifier: 57:F8:31:11:77:E5:72:46:5B:E3:56:AD:83:6A:B1:4A:0D:10:E6:58
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CF8A48557D7D871B6B4F04A944BAE288F
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/V_gxEXflckZb41atg2qxSg0Q5lg.roa
Signing time: Thu 11 Jan 2024 13:09:40 +0000
ROA not before: Thu 11 Jan 2024 13:09:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 104.238.27.0/24 maxlen: 24
216.173.68.0/22 maxlen: 22
45.43.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 13:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:a4:85:57:d7:d8:71:b6:b4:f0:4a:94:4b:ae:28:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 11 13:09:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57f8311177e572465be356ad836ab14a0d10e658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8a:50:f8:8f:84:51:5a:8a:a6:8c:e3:5f:9a:
c8:23:8e:6a:89:44:c9:6a:a5:65:b3:02:be:4c:92:
e9:a8:4e:b0:25:a0:d7:ea:a6:ab:9f:07:63:00:2f:
c9:af:d1:20:ba:24:56:e1:a0:e2:49:17:a7:78:8d:
92:f6:2b:9a:fc:13:ed:b4:90:32:e4:c9:22:0d:fb:
4c:93:2a:c1:7a:e2:f3:17:4a:60:2c:0f:d1:38:28:
3c:13:a9:95:ce:21:91:4e:d6:98:35:ef:71:fe:61:
78:e3:29:7c:3b:8c:eb:6d:dd:80:66:1c:c5:ec:eb:
cc:45:ef:1d:b0:7f:4d:ee:0f:03:19:8e:fe:d0:ff:
02:dd:0f:44:a2:be:06:43:8e:ec:e8:28:55:b9:c4:
de:8b:24:7b:2d:d2:04:a0:a2:93:bd:26:ac:6f:40:
63:ef:75:fb:b4:7d:ec:94:05:83:22:70:a1:f0:55:
61:13:de:56:b5:3c:76:55:e5:80:e9:de:29:05:de:
68:d1:ae:70:57:d2:de:e9:44:00:e9:81:89:77:a2:
ad:3e:42:33:bc:87:b1:9c:ef:d3:54:3e:8e:6c:23:
53:3a:da:da:03:8f:c9:a3:67:48:0f:d8:8d:a4:1c:
09:f1:87:56:7a:14:dd:95:da:f4:d2:ee:f2:16:69:
3d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F8:31:11:77:E5:72:46:5B:E3:56:AD:83:6A:B1:4A:0D:10:E6:58
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/V_gxEXflckZb41atg2qxSg0Q5lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.163.0/24
104.238.27.0/24
216.173.68.0/22
Signature Algorithm: sha256WithRSAEncryption
11:ba:de:e1:63:1d:96:28:b4:fb:d8:b8:3d:ff:9a:57:91:bb:
cd:3f:53:c9:2d:b4:d5:8d:13:ea:4a:9e:f5:34:d5:d7:23:1e:
a4:be:44:fc:2c:8e:60:f9:39:b6:49:f8:b6:16:75:8b:02:cc:
94:f8:e3:c5:4c:ee:05:48:b8:ae:2e:a4:49:23:2a:43:76:c1:
90:17:41:d2:92:b9:4c:6c:27:33:5f:44:f5:0e:20:18:76:47:
29:d5:8c:97:54:8f:3f:f7:2c:35:fa:fc:d9:37:7a:2f:3a:f1:
a9:06:96:7a:30:0c:5c:17:17:aa:48:49:0a:2c:32:9b:9b:eb:
ac:72:72:96:bf:9a:d9:3b:d2:6e:07:fa:34:09:6c:bc:79:1f:
e4:d2:66:27:a2:71:4d:67:09:2b:b3:e2:07:4e:0f:3e:3c:d3:
aa:7c:6b:0c:aa:f0:a4:2f:34:4c:a8:de:78:08:23:87:11:00:
3e:55:83:16:29:29:c2:6d:93:40:55:e9:69:87:8d:de:e8:a5:
f0:f9:c0:ae:91:fb:94:da:ea:ad:bb:8a:fb:ba:e0:39:fe:fb:
77:b2:54:67:9d:ba:c3:82:df:b6:37:a1:9f:96:1c:9f:04:96:
eb:b6:30:9c:66:9f:32:fb:b7:65:65:8c:21:5f:db:e1:35:34:
28:71:f7:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYz4pIVX19hxtrTwSpRLriiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTExMTMwOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2Y4MzExMTc3ZTU3MjQ2NWJlMzU2YWQ4MzZhYjE0YTBkMTBlNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIpQ+I+EUVqKpozjX5rII45qiUTJ
aqVlswK+TJLpqE6wJaDX6qarnwdjAC/Jr9EguiRW4aDiSReneI2S9iua/BPttJAy
5MkiDftMkyrBeuLzF0pgLA/ROCg8E6mVziGRTtaYNe9x/mF44yl8O4zrbd2AZhzF
7OvMRe8dsH9N7g8DGY7+0P8C3Q9Eor4GQ47s6ChVucTeiyR7LdIEoKKTvSasb0Bj
73X7tH3slAWDInCh8FVhE95WtTx2VeWA6d4pBd5o0a5wV9Le6UQA6YGJd6KtPkIz
vIexnO/TVD6ObCNTOtraA4/Jo2dID9iNpBwJ8YdWehTdldr00u7yFmk9DQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFf4MRF35XJGW+NWrYNqsUoNEOZYMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvVl9neEVYZmxja1piNDFhdGcycXhTZzBRNWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALSujAwQA
aO4bAwQC2K1EMA0GCSqGSIb3DQEBCwUAA4IBAQARut7hYx2WKLT72Lg9/5pXkbvN
P1PJLbTVjRPqSp71NNXXIx6kvkT8LI5g+Tm2Sfi2FnWLAsyU+OPFTO4FSLiuLqRJ
IypDdsGQF0HSkrlMbCczX0T1DiAYdkcp1YyXVI8/9yw1+vzZN3ovOvGpBpZ6MAxc
FxeqSEkKLDKbm+uscnKWv5rZO9JuB/o0CWy8eR/k0mYnonFNZwkrs+IHTg8+PNOq
fGsMqvCkLzRMqN54CCOHEQA+VYMWKSnCbZNAVelph43e6KXw+cCukfuU2uqtu4r7
uuA5/vt3slRnnbrDgt+2N6GflhyfBJbrtjCcZp8y+7dlZYwhX9vhNTQocff/
-----END CERTIFICATE-----
Generated at Sun Jan 21 15:33:34 2024 by rpki-client on console-fra.rpki-client.org