Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/X2IkH5bANGDgCOAsENL0OUw_Axk.roa
File: X2IkH5bANGDgCOAsENL0OUw_Axk.roa (raw, json)
Hash identifier: XII9KUDHuFQFyrnaKoTaqVZbNPqfu+gueEcte+pj6+c=
Subject key identifier: 5F:62:24:1F:96:C0:34:60:E0:08:E0:2C:10:D2:F4:39:4C:3F:03:19
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0190EE888CE5F5C34D8C57236D1064B7C86F
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/X2IkH5bANGDgCOAsENL0OUw_Axk.roa
Signing time: Fri 26 Jul 2024 10:14:04 +0000
ROA not before: Fri 26 Jul 2024 10:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 104.238.26.0/24 maxlen: 24
104.238.29.0/24 maxlen: 24
104.239.47.0/24 maxlen: 24
104.239.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 17:11:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:88:8c:e5:f5:c3:4d:8c:57:23:6d:10:64:b7:c8:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jul 26 10:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f62241f96c03460e008e02c10d2f4394c3f0319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:84:b8:02:ce:6b:2f:91:9e:f1:d6:b7:fa:0e:
da:85:99:89:cb:cc:05:f4:44:c3:25:42:3f:2e:53:
ca:c1:2c:a5:f0:eb:f0:2a:9f:5e:d5:09:28:53:60:
3d:ac:b8:2a:1d:e3:dd:9a:8c:ac:3b:a8:65:85:39:
0a:5e:85:0a:02:33:eb:09:06:30:6a:7b:db:eb:a8:
f8:95:b5:8a:3e:56:f1:45:c3:ba:05:b6:11:12:43:
d8:36:39:b5:43:ce:d4:19:18:d4:4c:4f:90:c5:04:
e4:f5:42:1c:ec:55:7c:17:ba:f9:37:af:8c:bb:25:
3e:b5:10:5b:b8:51:f9:77:37:5d:09:64:7d:90:33:
66:5c:6a:53:d7:9f:1a:1e:67:cc:31:c4:14:69:93:
18:97:2e:83:d8:55:d3:cc:95:01:df:32:e9:f9:e2:
7f:20:fc:85:a3:f8:56:14:25:5a:04:13:00:83:eb:
c5:74:08:12:73:27:6e:ac:e6:08:95:8e:8a:87:4b:
b9:26:78:38:6a:2a:aa:1d:f9:96:be:6b:1c:71:d1:
60:a3:29:ed:af:a9:41:2c:2f:81:09:cc:4d:f9:c4:
e9:b6:a8:d3:05:5e:b4:0b:24:05:af:da:ad:b4:b6:
6d:a0:25:0c:d7:d8:8b:53:9d:86:a9:df:93:6b:c0:
27:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:62:24:1F:96:C0:34:60:E0:08:E0:2C:10:D2:F4:39:4C:3F:03:19
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/X2IkH5bANGDgCOAsENL0OUw_Axk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.238.26.0/24
104.238.29.0/24
104.239.47.0/24
104.239.51.0/24
Signature Algorithm: sha256WithRSAEncryption
16:6f:65:aa:13:7e:de:3b:b7:cf:ce:4d:b0:9e:9c:f3:6f:af:
5b:54:1d:b9:3a:f2:47:8c:87:07:39:82:b3:d1:11:7c:0d:4a:
db:e2:c5:85:6f:2b:4d:d1:a2:41:d5:70:d0:6e:fa:e8:dc:cb:
72:3e:e1:ab:03:6b:c4:0c:e2:c3:3c:4a:77:14:fd:88:59:92:
2e:67:08:59:16:07:f2:f6:c8:31:f3:ae:6d:5d:3c:82:a5:9e:
b7:a9:69:37:83:4e:6d:e0:16:cb:45:86:e0:40:3a:f9:5a:e2:
f8:43:84:e3:dd:4b:46:43:43:86:3a:76:84:1c:f6:bc:b0:89:
11:23:1c:46:ed:3a:4b:1d:46:29:b6:a5:be:1e:98:d6:3c:c8:
e0:15:2c:b1:05:08:29:d7:51:5f:cc:9a:83:18:a8:4d:ab:e2:
b2:47:3c:af:cb:14:d2:76:91:e1:b3:0a:92:df:8a:56:19:6f:
ea:35:0e:0f:70:ed:a5:f8:93:15:00:be:e3:90:a9:f4:52:3d:
ba:a0:70:52:11:34:c9:14:a2:b4:4a:80:52:d6:22:f0:43:d4:
2c:03:cb:9f:8d:b0:6e:93:e2:1e:df:8d:ce:b2:c7:9b:86:7e:
6f:a9:55:bf:ab:90:6e:31:43:13:e3:46:c2:16:31:ae:0f:2b:
55:82:47:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZDuiIzl9cNNjFcjbRBkt8hvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNzI2MTAxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjYyMjQxZjk2YzAzNDYwZTAwOGUwMmMxMGQyZjQzOTRjM2YwMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IS4As5rL5Ge8da3+g7ahZmJy8wF
9ETDJUI/LlPKwSyl8OvwKp9e1QkoU2A9rLgqHePdmoysO6hlhTkKXoUKAjPrCQYw
anvb66j4lbWKPlbxRcO6BbYREkPYNjm1Q87UGRjUTE+QxQTk9UIc7FV8F7r5N6+M
uyU+tRBbuFH5dzddCWR9kDNmXGpT158aHmfMMcQUaZMYly6D2FXTzJUB3zLp+eJ/
IPyFo/hWFCVaBBMAg+vFdAgScydurOYIlY6Kh0u5Jng4aiqqHfmWvmsccdFgoynt
r6lBLC+BCcxN+cTptqjTBV60CyQFr9qttLZtoCUM19iLU52Gqd+Ta8AnzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF9iJB+WwDRg4AjgLBDS9DlMPwMZMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWDJJa0g1YkFOR0RnQ09Bc0VOTDBPVXdfQXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAaO4aAwQA
aO4dAwQAaO8vAwQAaO8zMA0GCSqGSIb3DQEBCwUAA4IBAQAWb2WqE37eO7fPzk2w
npzzb69bVB25OvJHjIcHOYKz0RF8DUrb4sWFbytN0aJB1XDQbvro3MtyPuGrA2vE
DOLDPEp3FP2IWZIuZwhZFgfy9sgx865tXTyCpZ63qWk3g05t4BbLRYbgQDr5WuL4
Q4Tj3UtGQ0OGOnaEHPa8sIkRIxxG7TpLHUYptqW+HpjWPMjgFSyxBQgp11FfzJqD
GKhNq+KyRzyvyxTSdpHhswqS34pWGW/qNQ4PcO2l+JMVAL7jkKn0Uj26oHBSETTJ
FKK0SoBS1iLwQ9QsA8ufjbBuk+Ie343Ossebhn5vqVW/q5BuMUMT40bCFjGuDytV
gkf+
-----END CERTIFICATE-----
Generated at Tue Oct 29 20:19:37 2024 by rpki-client on console-ams.rpki-client.org