Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/X3ZQ1Lu01nxF4coX9P4HdD8vtkQ.roa
File: X3ZQ1Lu01nxF4coX9P4HdD8vtkQ.roa (raw, json)
Hash identifier: eXHu/xPiOR+q5ZmyYw/JBfopr/PBpmHCYwdfikMOs0U=
Subject key identifier: 5F:76:50:D4:BB:B4:D6:7C:45:E1:CA:17:F4:FE:07:74:3F:2F:B6:44
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185725EBED5AC8D342C64F597C43308DE67
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/X3ZQ1Lu01nxF4coX9P4HdD8vtkQ.roa
Signing time: Mon 02 Jan 2023 12:04:49 +0000
ROA not before: Mon 02 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 64.137.74.0/24 maxlen: 24
64.137.73.0/24 maxlen: 24
64.137.78.0/24 maxlen: 24
64.137.77.0/24 maxlen: 24
64.137.80.0/22 maxlen: 22
64.137.89.0/24 maxlen: 24
64.137.96.0/22 maxlen: 22
64.137.94.0/23 maxlen: 23
64.137.92.0/23 maxlen: 23
64.137.100.0/23 maxlen: 23
104.249.29.0/24 maxlen: 24
216.173.87.0/24 maxlen: 24
104.249.36.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
64.137.14.0/23 maxlen: 23
64.137.18.0/23 maxlen: 23
104.143.232.0/21 maxlen: 21
64.137.42.0/23 maxlen: 23
104.143.240.0/22 maxlen: 22
64.137.48.0/23 maxlen: 23
64.137.58.0/23 maxlen: 23
104.143.248.0/21 maxlen: 24
64.137.60.0/22 maxlen: 22
104.238.0.0/22 maxlen: 22
104.233.0.0/21 maxlen: 21
138.128.151.0/24 maxlen: 24
64.137.10.0/23 maxlen: 23
138.128.153.0/24 maxlen: 24
64.137.8.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5e:be:d5:ac:8d:34:2c:64:f5:97:c4:33:08:de:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f7650d4bbb4d67c45e1ca17f4fe07743f2fb644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0e:b6:61:96:3e:9e:fb:fd:ae:17:be:4d:85:
e5:3c:fc:e7:7e:aa:21:67:c2:32:fd:db:95:fd:e4:
01:91:25:a8:58:f8:4e:f0:74:21:e1:1e:d9:e0:4c:
94:11:3c:5e:6d:90:c6:b1:c1:a5:e3:67:db:6d:bd:
cd:f3:b9:81:a2:b6:61:a6:2a:da:6b:98:39:47:80:
89:1e:0f:88:63:1b:b3:a4:6c:6e:99:a5:a9:08:3d:
4d:1c:53:50:34:f6:04:44:ef:c0:32:1c:32:b1:65:
af:1a:b1:e7:e7:5a:b3:96:7d:dd:f3:52:12:85:c4:
29:e0:0b:db:ad:da:52:34:a4:61:86:94:9d:15:19:
29:03:84:57:ad:fe:9e:42:98:80:b7:30:27:cd:76:
b0:ce:4d:a8:f9:ad:1d:fa:e2:07:bf:55:48:71:0b:
aa:ef:e9:2d:9e:02:bb:59:23:2d:01:17:81:8d:83:
da:96:b1:da:28:f9:56:8d:c6:01:65:99:1c:94:aa:
e2:be:33:d0:30:53:c5:1d:7a:ee:1f:6c:27:c0:31:
fe:f9:76:56:51:ba:3b:3b:05:85:82:7f:4e:a6:65:
63:d8:2b:93:bc:41:db:a4:c7:41:4d:68:22:38:01:
2f:59:2d:12:fc:b0:bc:32:a4:10:7b:99:b3:77:f4:
dc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:76:50:D4:BB:B4:D6:7C:45:E1:CA:17:F4:FE:07:74:3F:2F:B6:44
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/X3ZQ1Lu01nxF4coX9P4HdD8vtkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.8.0/24
64.137.10.0/23
64.137.14.0/23
64.137.18.0/23
64.137.42.0/23
64.137.48.0/23
64.137.58.0-64.137.63.255
64.137.73.0-64.137.74.255
64.137.77.0-64.137.78.255
64.137.80.0/22
64.137.89.0/24
64.137.92.0-64.137.101.255
104.143.232.0-104.143.243.255
104.143.248.0/21
104.233.0.0/21
104.238.0.0/22
104.249.29.0/24
104.249.36.0/24
104.249.55.0/24
138.128.151.0/24
138.128.153.0/24
216.173.87.0/24
216.173.111.0/24
Signature Algorithm: sha256WithRSAEncryption
74:47:d2:e2:82:ef:5b:55:24:10:93:a9:a9:a5:64:d9:93:62:
5e:03:13:cc:79:ca:e6:89:a7:4a:e6:58:05:b5:14:2c:7c:d2:
96:14:9c:32:92:29:2e:39:13:f9:2c:5b:d8:6b:86:d6:60:e5:
f2:d9:29:0e:a1:16:e2:63:fb:7e:cb:fb:f7:c0:98:42:cd:50:
be:e7:54:80:78:0c:05:b9:36:03:bc:6e:18:e3:e3:26:22:da:
b0:f5:31:c5:d1:e5:61:73:ad:9d:4d:ac:83:7d:1a:61:99:14:
41:50:1d:67:c2:a8:6e:11:77:9a:8b:18:2e:17:71:cf:94:f0:
4b:12:02:ca:47:92:dc:f8:64:f5:55:6f:dc:5f:fa:75:a3:0b:
94:90:56:6c:4a:f1:cb:a5:3b:69:2c:5d:5e:82:4e:60:1a:72:
15:e6:f8:ad:38:af:f3:60:94:ec:69:75:2b:01:3b:a3:5d:24:
06:45:53:5c:f4:ca:e3:bd:06:9a:be:4b:18:2f:3e:59:04:7a:
04:1d:e5:8e:db:6f:85:89:21:c1:86:b9:8d:6c:e5:41:bc:d5:
6e:72:d9:ed:9c:57:ea:73:a3:3a:6e:b5:6f:90:04:46:32:10:
5e:36:c7:2f:fb:90:fa:9e:c0:60:d8:91:95:ec:72:6a:36:d3:
a5:19:7e:26
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYVyXr7VrI00LGT1l8QzCN5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjc2NTBkNGJiYjRkNjdjNDVlMWNhMTdmNGZlMDc3NDNmMmZiNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA62YZY+nvv9rhe+TYXlPPznfqoh
Z8Iy/duV/eQBkSWoWPhO8HQh4R7Z4EyUETxebZDGscGl42fbbb3N87mBorZhpira
a5g5R4CJHg+IYxuzpGxumaWpCD1NHFNQNPYERO/AMhwysWWvGrHn51qzln3d81IS
hcQp4AvbrdpSNKRhhpSdFRkpA4RXrf6eQpiAtzAnzXawzk2o+a0d+uIHv1VIcQuq
7+ktngK7WSMtAReBjYPalrHaKPlWjcYBZZkclKrivjPQMFPFHXruH2wnwDH++XZW
Ubo7OwWFgn9OpmVj2CuTvEHbpMdBTWgiOAEvWS0S/LC8MqQQe5mzd/TcJQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFF92UNS7tNZ8ReHKF/T+B3Q/L7ZEMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWDNaUTFMdTAxbnhGNGNvWDlQNEhkRDh2dGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBABA
iQgDBAFAiQoDBAFAiQ4DBAFAiRIDBAFAiSoDBAFAiTAwDAMEAUCJOgMEBkCJADAM
AwQAQIlJAwQAQIlKMAwDBABAiU0DBABAiU4DBAJAiVADBABAiVkwDAMEAkCJXAME
AUCJZDAMAwQDaI/oAwQCaI/wAwQDaI/4AwQDaOkAAwQCaO4AAwQAaPkdAwQAaPkk
AwQAaPk3AwQAioCXAwQAioCZAwQA2K1XAwQA2K1vMA0GCSqGSIb3DQEBCwUAA4IB
AQB0R9Ligu9bVSQQk6mppWTZk2JeAxPMecrmiadK5lgFtRQsfNKWFJwykikuORP5
LFvYa4bWYOXy2SkOoRbiY/t+y/v3wJhCzVC+51SAeAwFuTYDvG4Y4+MmItqw9THF
0eVhc62dTayDfRphmRRBUB1nwqhuEXeaixguF3HPlPBLEgLKR5Lc+GT1VW/cX/p1
owuUkFZsSvHLpTtpLF1egk5gGnIV5vitOK/zYJTsaXUrATujXSQGRVNc9MrjvQaa
vksYLz5ZBHoEHeWO22+FiSHBhrmNbOVBvNVuctntnFfqc6M6brVvkARGMhBeNscv
+5D6nsBg2JGV7HJqNtOlGX4m
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org