Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/bl5nW0UZnAUNtxGE4irEF-oeKIU.roa
File: bl5nW0UZnAUNtxGE4irEF-oeKIU.roa (raw, json)
Hash identifier: vS7b2IPNzDl22DhsuPDMwjnVRoELzV6/kVB0KV5nRoA=
Subject key identifier: 6E:5E:67:5B:45:19:9C:05:0D:B7:11:84:E2:2A:C4:17:EA:1E:28:85
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0189BAD14282543497EB6F70747250C073D6
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/bl5nW0UZnAUNtxGE4irEF-oeKIU.roa
Signing time: Thu 03 Aug 2023 09:53:43 +0000
ROA not before: Thu 03 Aug 2023 09:53:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397373
IP address blocks: 104.249.24.0/24 maxlen: 24
216.173.83.0/24 maxlen: 24
104.249.28.0/24 maxlen: 24
104.249.27.0/24 maxlen: 24
104.249.26.0/24 maxlen: 24
104.143.228.0/24 maxlen: 24
216.173.101.0/24 maxlen: 24
104.249.56.0/22 maxlen: 22
104.249.57.0/24 maxlen: 24
216.173.118.0/24 maxlen: 24
104.143.253.0/24 maxlen: 24
45.43.128.0/21 maxlen: 21
45.43.128.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:d1:42:82:54:34:97:eb:6f:70:74:72:50:c0:73:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Aug 3 09:53:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e5e675b45199c050db71184e22ac417ea1e2885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:89:7e:eb:58:13:8e:f6:fa:10:e8:c8:73:c0:
89:f1:6b:6a:26:f1:0a:d1:2d:04:d8:69:0e:54:30:
17:99:c7:b7:3e:b9:33:a2:6d:5b:58:82:78:42:c4:
26:0b:55:06:76:63:b8:6d:41:36:b4:11:e8:9e:cc:
21:60:08:f0:e6:e4:7a:57:b5:4e:de:91:e5:88:bd:
54:1a:4d:b8:33:b6:53:1c:0c:71:6b:90:9b:ac:d2:
14:69:90:62:8f:29:bd:dc:0b:54:c5:62:53:6e:95:
2e:57:d3:06:10:8e:8b:a6:e1:7f:a0:92:54:32:7a:
d0:95:a3:ed:af:1d:9f:79:14:eb:9c:52:fb:3d:01:
22:93:f7:72:c7:07:dd:ee:24:b9:b0:5d:46:b5:b2:
be:2e:9a:3d:55:34:e6:c0:91:5e:5a:5c:d5:11:4f:
ee:f2:41:d9:e6:33:7e:1d:2e:f9:6a:e3:b6:36:ff:
7b:b3:c2:90:0e:0a:45:00:a2:ca:54:1e:81:a7:72:
9f:a2:5a:d9:f5:2e:2a:37:67:ba:08:d3:cd:ac:13:
8e:19:8a:81:d8:a9:a0:16:14:25:57:51:47:53:2d:
28:b7:60:5a:22:6d:c8:82:e3:33:d4:4c:34:f1:fc:
89:b1:56:15:5e:50:87:ea:3b:d0:ff:14:2f:e9:50:
47:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:5E:67:5B:45:19:9C:05:0D:B7:11:84:E2:2A:C4:17:EA:1E:28:85
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/bl5nW0UZnAUNtxGE4irEF-oeKIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.128.0/21
104.143.228.0/24
104.143.253.0/24
104.249.24.0/24
104.249.26.0-104.249.28.255
104.249.56.0/22
216.173.83.0/24
216.173.101.0/24
216.173.118.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:aa:a4:c2:f3:05:75:e2:39:d9:ea:68:1e:82:a9:6f:6a:0b:
ee:ae:d1:d3:0e:c2:7c:d9:cc:80:12:3c:b1:b1:d8:98:c5:15:
e8:19:dd:cf:e3:97:6d:64:d6:87:7b:63:fc:c4:59:34:82:d2:
e4:26:9a:49:30:d1:7c:37:84:25:79:96:c6:96:75:da:f3:aa:
12:80:0c:22:d1:89:e6:6f:b8:c3:1c:f6:da:fb:ac:76:4e:25:
85:e6:cb:1a:ec:1f:0a:c9:0d:41:06:91:26:b7:ee:ca:fe:c6:
8e:af:b0:da:d0:be:a1:4e:c1:1d:06:52:69:8d:e9:f6:70:65:
0f:c4:00:ce:40:37:00:18:77:4d:de:72:ff:48:6d:61:eb:36:
7f:d9:9c:f8:d8:a0:bd:03:10:cb:a9:f2:b6:47:c6:6a:48:7a:
19:f5:2e:ad:ba:3e:91:1e:5c:49:01:92:8c:ed:36:42:b3:53:
82:c1:e4:06:f8:7e:cc:38:b6:22:db:e5:a8:e8:18:e3:19:02:
c4:3e:e3:b5:36:cb:61:a3:9f:71:db:13:f3:3e:b6:6e:bf:94:
b1:30:03:b3:46:f4:f2:f3:99:45:07:e0:4a:b0:5b:86:89:8c:
66:cd:2a:9b:e1:fd:8f:16:1a:f4:fb:5c:32:d4:e8:3f:99:0f:
3b:cb:f4:3b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYm60UKCVDSX629wdHJQwHPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwODAzMDk1MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTVlNjc1YjQ1MTk5YzA1MGRiNzExODRlMjJhYzQxN2VhMWUyODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgol+61gTjvb6EOjIc8CJ8WtqJvEK
0S0E2GkOVDAXmce3Prkzom1bWIJ4QsQmC1UGdmO4bUE2tBHonswhYAjw5uR6V7VO
3pHliL1UGk24M7ZTHAxxa5CbrNIUaZBijym93AtUxWJTbpUuV9MGEI6LpuF/oJJU
MnrQlaPtrx2feRTrnFL7PQEik/dyxwfd7iS5sF1GtbK+Lpo9VTTmwJFeWlzVEU/u
8kHZ5jN+HS75auO2Nv97s8KQDgpFAKLKVB6Bp3KfolrZ9S4qN2e6CNPNrBOOGYqB
2KmgFhQlV1FHUy0ot2BaIm3IguMz1Ew08fyJsVYVXlCH6jvQ/xQv6VBH3QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFG5eZ1tFGZwFDbcRhOIqxBfqHiiFMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvYmw1blcwVVpuQVVOdHhHRTRpckVGLW9lS0lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDLSuAAwQA
aI/kAwQAaI/9AwQAaPkYMAwDBAFo+RoDBABo+RwDBAJo+TgDBADYrVMDBADYrWUD
BADYrXYwDQYJKoZIhvcNAQELBQADggEBAC6qpMLzBXXiOdnqaB6CqW9qC+6u0dMO
wnzZzIASPLGx2JjFFegZ3c/jl21k1od7Y/zEWTSC0uQmmkkw0Xw3hCV5lsaWddrz
qhKADCLRieZvuMMc9tr7rHZOJYXmyxrsHwrJDUEGkSa37sr+xo6vsNrQvqFOwR0G
UmmN6fZwZQ/EAM5ANwAYd03ecv9IbWHrNn/ZnPjYoL0DEMup8rZHxmpIehn1Lq26
PpEeXEkBkoztNkKzU4LB5Ab4fsw4tiLb5ajoGOMZAsQ+47U2y2Gjn3HbE/M+tm6/
lLEwA7NG9PLzmUUH4EqwW4aJjGbNKpvh/Y8WGvT7XDLU6D+ZDzvL9Ds=
-----END CERTIFICATE-----
Generated at Sun Oct 8 20:49:24 2023 by rpki-client on console-ams.rpki-client.org