Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XzwKl8tuRLGowgrXusz4L100lZE.roa
File: XzwKl8tuRLGowgrXusz4L100lZE.roa (raw, json)
Hash identifier: e6PKS2Ni/JgpLANBGPQoJKQfConhqs6BXNgc1T4aZRI=
Subject key identifier: 5F:3C:0A:97:CB:6E:44:B1:A8:C2:0A:D7:BA:CC:F8:2F:5D:34:95:91
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018D36D698C3F18B2E278B109BEBAEC4C4A8
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XzwKl8tuRLGowgrXusz4L100lZE.roa
Signing time: Tue 23 Jan 2024 15:00:49 +0000
ROA not before: Tue 23 Jan 2024 15:00:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 45.43.166.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.222.191.0/24 maxlen: 24
104.238.31.0/24 maxlen: 24
104.249.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 18:55:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:d6:98:c3:f1:8b:2e:27:8b:10:9b:eb:ae:c4:c4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 23 15:00:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f3c0a97cb6e44b1a8c20ad7baccf82f5d349591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:46:bd:ae:39:ff:73:8b:e5:4c:b0:ec:20:1c:
37:25:5b:7c:cb:66:05:17:6d:38:9a:0b:d2:96:f1:
7a:6c:2d:88:9e:f3:aa:09:49:44:26:0f:16:09:c1:
0e:cc:60:a7:57:10:6e:bc:8a:b6:05:98:96:db:68:
a8:99:99:70:20:f2:d6:4c:81:75:21:e7:0a:b9:7b:
13:27:8b:50:1b:75:c7:ab:96:e3:d5:aa:4a:9b:d7:
7c:7d:1a:9f:f7:c0:52:ef:44:de:cb:64:02:0a:01:
c0:de:7d:ec:27:59:2d:30:b9:7c:6e:2a:05:88:3c:
3f:c7:c5:57:52:e3:f8:ec:fd:da:0b:e0:5b:11:c5:
0a:5c:c5:da:44:3f:01:28:80:cb:c5:47:82:98:2c:
59:8e:fd:b1:86:75:dd:f6:14:58:54:43:97:2c:47:
1f:47:06:c1:41:14:3a:81:67:80:08:99:be:ac:82:
3a:e1:bc:d3:ac:fc:c8:fe:97:8f:8c:88:2b:1c:97:
7d:51:28:f2:6e:50:09:24:3d:c7:be:44:34:cc:cb:
b9:d9:b6:72:a0:a8:a4:88:4f:fb:f7:44:51:bb:ad:
34:b0:43:2e:c8:c5:b6:97:99:a4:d5:ef:5e:44:09:
08:b6:77:d0:0a:d3:4a:9a:6c:fc:e7:b2:64:07:3c:
81:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3C:0A:97:CB:6E:44:B1:A8:C2:0A:D7:BA:CC:F8:2F:5D:34:95:91
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XzwKl8tuRLGowgrXusz4L100lZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.166.0/24
64.137.52.0/23
104.222.191.0/24
104.238.31.0/24
104.249.40.0/24
Signature Algorithm: sha256WithRSAEncryption
69:d1:e4:0c:87:b7:d2:af:8d:b2:96:95:8b:00:49:64:17:35:
ee:f0:4c:8c:ca:a1:6c:4f:57:10:b7:95:ef:df:f3:02:42:ea:
16:e7:0b:a9:99:f5:82:0e:45:43:ee:58:7a:f0:0f:a2:a7:83:
87:61:93:9a:99:0d:61:3e:27:0f:6f:12:a9:8d:55:80:bf:54:
b5:99:b1:ea:17:40:59:16:ac:e6:2b:77:f0:05:7b:7a:11:d1:
e1:95:50:56:28:fe:70:74:1f:cd:24:8e:6c:96:56:61:8f:58:
82:24:f9:76:c4:7a:66:c2:e3:3e:7f:eb:a7:1c:fd:3e:7f:6b:
d7:31:a7:7c:08:c8:52:b2:58:da:dd:73:0c:7f:2b:a1:b7:10:
e2:0f:09:12:f3:88:4b:90:21:ab:3d:b7:56:3e:18:25:6f:78:
28:03:6a:cf:25:72:78:e2:fb:36:ac:d4:2b:a0:2d:e7:87:2e:
30:00:8c:ec:53:77:67:20:a5:3c:ad:75:99:ee:f4:17:51:10:
36:0f:a1:9d:24:25:cf:47:ab:4d:1a:90:c2:87:a7:8d:51:7d:
26:76:b9:82:d7:db:c2:c1:55:07:c2:18:96:54:33:0c:c3:2e:
d7:35:6d:07:e2:af:5d:7d:b6:a2:85:10:7f:10:ec:a3:ce:5b:
48:c2:96:38
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY021pjD8YsuJ4sQm+uuxMSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTIzMTUwMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjNjMGE5N2NiNmU0NGIxYThjMjBhZDdiYWNjZjgyZjVkMzQ5NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0a9rjn/c4vlTLDsIBw3JVt8y2YF
F204mgvSlvF6bC2InvOqCUlEJg8WCcEOzGCnVxBuvIq2BZiW22iomZlwIPLWTIF1
IecKuXsTJ4tQG3XHq5bj1apKm9d8fRqf98BS70Tey2QCCgHA3n3sJ1ktMLl8bioF
iDw/x8VXUuP47P3aC+BbEcUKXMXaRD8BKIDLxUeCmCxZjv2xhnXd9hRYVEOXLEcf
RwbBQRQ6gWeACJm+rII64bzTrPzI/pePjIgrHJd9USjyblAJJD3HvkQ0zMu52bZy
oKikiE/790RRu600sEMuyMW2l5mk1e9eRAkItnfQCtNKmmz857JkBzyBRwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF88CpfLbkSxqMIK17rM+C9dNJWRMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWHp3S2w4dHVSTEdvd2dyWHVzejRMMTAwbFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALSumAwQB
QIk0AwQAaN6/AwQAaO4fAwQAaPkoMA0GCSqGSIb3DQEBCwUAA4IBAQBp0eQMh7fS
r42ylpWLAElkFzXu8EyMyqFsT1cQt5Xv3/MCQuoW5wupmfWCDkVD7lh68A+ip4OH
YZOamQ1hPicPbxKpjVWAv1S1mbHqF0BZFqzmK3fwBXt6EdHhlVBWKP5wdB/NJI5s
llZhj1iCJPl2xHpmwuM+f+unHP0+f2vXMad8CMhSslja3XMMfyuhtxDiDwkS84hL
kCGrPbdWPhglb3goA2rPJXJ44vs2rNQroC3nhy4wAIzsU3dnIKU8rXWZ7vQXURA2
D6GdJCXPR6tNGpDCh6eNUX0mdrmC19vCwVUHwhiWVDMMwy7XNW0H4q9dfbaihRB/
EOyjzltIwpY4
-----END CERTIFICATE-----
Generated at Fri Jan 26 21:38:59 2024 by rpki-client on console-ams.rpki-client.org