Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Z_fcMyoh2TyLFMo8OxJbPsbzgJA.roa
File: Z_fcMyoh2TyLFMo8OxJbPsbzgJA.roa (raw, json)
Hash identifier: BryuwFRMICAci3BbjSB6Z6zsLPwrB14AsYqp+9t9tgw=
Subject key identifier: 67:F7:DC:33:2A:21:D9:3C:8B:14:CA:3C:3B:12:5B:3E:C6:F3:80:90
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018B4741A6E43925CA4294F78365EDF04FD4
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Z_fcMyoh2TyLFMo8OxJbPsbzgJA.roa
Signing time: Thu 19 Oct 2023 09:26:06 +0000
ROA not before: Thu 19 Oct 2023 09:26:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 64.137.74.0/24 maxlen: 24
64.137.73.0/24 maxlen: 24
64.137.78.0/24 maxlen: 24
64.137.77.0/24 maxlen: 24
64.137.80.0/22 maxlen: 22
64.137.89.0/24 maxlen: 24
64.137.96.0/22 maxlen: 22
64.137.94.0/23 maxlen: 23
64.137.92.0/23 maxlen: 23
64.137.100.0/23 maxlen: 23
104.249.29.0/24 maxlen: 24
104.249.37.0/24 maxlen: 24
104.249.36.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.239.95.0/24 maxlen: 24
64.137.14.0/23 maxlen: 23
64.137.18.0/23 maxlen: 23
104.143.232.0/21 maxlen: 21
64.137.42.0/23 maxlen: 23
104.143.240.0/22 maxlen: 22
64.137.48.0/23 maxlen: 23
64.137.58.0/23 maxlen: 23
104.143.248.0/21 maxlen: 24
64.137.60.0/22 maxlen: 22
104.238.0.0/22 maxlen: 22
104.233.0.0/21 maxlen: 21
138.128.151.0/24 maxlen: 24
64.137.10.0/23 maxlen: 23
138.128.153.0/24 maxlen: 24
64.137.8.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:41:a6:e4:39:25:ca:42:94:f7:83:65:ed:f0:4f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 19 09:26:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67f7dc332a21d93c8b14ca3c3b125b3ec6f38090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:fc:fc:2a:d1:52:04:69:47:1a:a6:06:94:52:
08:ca:05:d2:df:71:13:b5:9a:25:02:1f:6d:1c:b2:
e1:c8:d2:bb:e4:4e:4a:60:d7:15:21:23:a8:f9:af:
d6:69:e2:dd:77:7a:fd:8a:0e:2e:98:06:0c:58:02:
eb:f3:9f:80:64:09:8d:29:a7:c0:cc:6a:e0:b3:11:
9e:3d:06:82:fd:1a:5d:dd:0a:25:b0:c4:b4:d9:68:
a6:2e:ee:23:4d:39:11:a6:96:1c:f2:2b:09:8d:22:
16:dd:e3:a5:ba:c0:ac:a9:12:21:d8:fb:37:f4:e8:
56:55:98:82:c4:88:9d:1f:cd:37:36:4e:c5:00:26:
23:98:96:09:e9:41:2f:e2:8b:ff:fe:fc:70:61:59:
c3:1c:a2:9d:4e:62:05:e0:a8:54:2c:87:6b:65:c4:
70:f2:91:62:65:61:03:14:a1:c2:80:f3:72:fc:06:
05:0a:c6:6e:ea:af:86:22:c5:9e:6a:c2:91:d4:e0:
5c:f0:89:79:be:c4:9a:2e:33:ba:b5:0f:1a:4c:a1:
77:ac:ab:97:54:10:9e:57:a2:9a:c2:84:cf:63:76:
9c:8e:f5:13:04:9d:da:c2:3a:61:bd:57:1a:c3:0a:
f6:05:51:bc:48:bc:73:2b:ff:05:d5:7a:2d:c6:37:
12:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F7:DC:33:2A:21:D9:3C:8B:14:CA:3C:3B:12:5B:3E:C6:F3:80:90
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Z_fcMyoh2TyLFMo8OxJbPsbzgJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.8.0/24
64.137.10.0/23
64.137.14.0/23
64.137.18.0/23
64.137.42.0/23
64.137.48.0/23
64.137.58.0-64.137.63.255
64.137.73.0-64.137.74.255
64.137.77.0-64.137.78.255
64.137.80.0/22
64.137.89.0/24
64.137.92.0-64.137.101.255
104.143.232.0-104.143.243.255
104.143.248.0/21
104.233.0.0/21
104.238.0.0/22
104.239.95.0/24
104.249.29.0/24
104.249.36.0/23
104.249.55.0/24
138.128.151.0/24
138.128.153.0/24
216.173.111.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:56:09:87:62:ea:98:6a:11:ff:f4:25:c4:26:3d:78:b8:c6:
4f:bb:00:d8:5b:06:ee:8d:a3:c7:be:61:03:48:f7:2d:82:b4:
43:e8:34:fa:97:b3:5a:e4:36:21:53:f7:a6:f7:d5:64:53:a8:
90:4e:74:57:17:0f:ce:9f:4d:2f:50:b8:08:cd:b8:79:df:9a:
d7:85:84:da:4a:cb:d9:ce:57:63:71:1a:1c:42:1b:0a:1b:2c:
7c:b4:a2:4c:cf:5b:f4:ab:5c:cf:79:73:12:46:da:b7:24:54:
9b:e3:cc:d5:56:e8:f6:76:34:e3:44:78:a5:db:3b:ac:18:a5:
f9:47:f3:79:8f:04:4f:d5:5a:6f:55:d1:2c:52:21:6e:ed:6f:
f7:55:07:ff:3a:60:7a:2f:6c:4e:31:0b:2a:96:29:a5:0f:24:
cc:89:f3:d2:38:fe:c0:a4:59:a0:cd:82:17:ea:ac:bc:cf:f8:
c3:fa:e7:ce:4f:26:1d:a7:02:84:da:99:4d:0d:5d:66:17:60:
79:c8:86:b6:d7:6a:98:52:47:a9:33:74:7c:5c:a3:3e:48:56:
c8:ad:85:a8:e5:e6:b9:51:37:0f:08:28:b1:d2:90:ff:e4:c8:
f8:72:f7:6e:c9:49:1e:a1:f0:c2:40:77:d9:80:63:a2:f1:4b:
0b:b6:7b:41
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYtHQabkOSXKQpT3g2Xt8E/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMxMDE5MDkyNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Y3ZGMzMzJhMjFkOTNjOGIxNGNhM2MzYjEyNWIzZWM2ZjM4MDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPz8KtFSBGlHGqYGlFIIygXS33ET
tZolAh9tHLLhyNK75E5KYNcVISOo+a/WaeLdd3r9ig4umAYMWALr85+AZAmNKafA
zGrgsxGePQaC/Rpd3QolsMS02WimLu4jTTkRppYc8isJjSIW3eOlusCsqRIh2Ps3
9OhWVZiCxIidH803Nk7FACYjmJYJ6UEv4ov//vxwYVnDHKKdTmIF4KhULIdrZcRw
8pFiZWEDFKHCgPNy/AYFCsZu6q+GIsWeasKR1OBc8Il5vsSaLjO6tQ8aTKF3rKuX
VBCeV6KawoTPY3acjvUTBJ3awjphvVcawwr2BVG8SLxzK/8F1XotxjcSwQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFGf33DMqIdk8ixTKPDsSWz7G84CQMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWl9mY015b2gyVHlMRk1vOE94SmJQc2J6Z0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBABA
iQgDBAFAiQoDBAFAiQ4DBAFAiRIDBAFAiSoDBAFAiTAwDAMEAUCJOgMEBkCJADAM
AwQAQIlJAwQAQIlKMAwDBABAiU0DBABAiU4DBAJAiVADBABAiVkwDAMEAkCJXAME
AUCJZDAMAwQDaI/oAwQCaI/wAwQDaI/4AwQDaOkAAwQCaO4AAwQAaO9fAwQAaPkd
AwQBaPkkAwQAaPk3AwQAioCXAwQAioCZAwQA2K1vMA0GCSqGSIb3DQEBCwUAA4IB
AQCcVgmHYuqYahH/9CXEJj14uMZPuwDYWwbujaPHvmEDSPctgrRD6DT6l7Na5DYh
U/em99VkU6iQTnRXFw/On00vULgIzbh535rXhYTaSsvZzldjcRocQhsKGyx8tKJM
z1v0q1zPeXMSRtq3JFSb48zVVuj2djTjRHil2zusGKX5R/N5jwRP1VpvVdEsUiFu
7W/3VQf/OmB6L2xOMQsqlimlDyTMifPSOP7ApFmgzYIX6qy8z/jD+ufOTyYdpwKE
2plNDV1mF2B5yIa212qYUkepM3R8XKM+SFbIrYWo5ea5UTcPCCix0pD/5Mj4cvdu
yUkeofDCQHfZgGOi8UsLtntB
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:40 2024 by rpki-client on console-fra.rpki-client.org