Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/cMZ_axhfjaQf4i0Dx7L8RtbsMKM.roa
File: cMZ_axhfjaQf4i0Dx7L8RtbsMKM.roa (raw, json)
Hash identifier: WyLSPhnXDqRow+z9NaTLhzxCflxfChhLFx9JI0qc5u0=
Subject key identifier: 70:C6:7F:6B:18:5F:8D:A4:1F:E2:2D:03:C7:B2:FC:46:D6:EC:30:A3
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185E9A0955940D4DD54D23E1B69F81E65C2
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/cMZ_axhfjaQf4i0Dx7L8RtbsMKM.roa
Signing time: Wed 25 Jan 2023 15:51:33 +0000
ROA not before: Wed 25 Jan 2023 15:51:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
216.173.104.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.239.28.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.88.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Jan 2023 17:40:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:a0:95:59:40:d4:dd:54:d2:3e:1b:69:f8:1e:65:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 25 15:51:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70c67f6b185f8da41fe22d03c7b2fc46d6ec30a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4e:dc:4f:2b:2b:35:7e:8f:51:9a:07:f4:2a:
08:c0:ce:cb:92:71:8c:ce:f5:1b:ab:45:97:60:69:
60:2e:e6:a9:b4:3e:86:db:b4:24:79:b5:b9:0c:ca:
48:34:50:50:1d:01:be:7e:bc:01:6b:44:f9:2b:97:
56:32:22:04:77:66:70:0a:3f:5b:f2:61:ea:5f:f6:
d9:3b:01:16:e9:9b:bd:e1:1f:67:e6:c8:2e:66:ea:
9e:65:6f:96:7d:51:16:d6:a2:08:c7:41:5e:f1:4a:
73:5b:d5:62:ef:0a:c5:dc:58:bf:63:6c:49:3c:22:
e4:16:87:ad:7d:d8:10:36:8a:6c:d0:2f:4f:1f:23:
08:d1:48:d0:f4:c4:04:82:9a:17:21:c9:e5:ac:3b:
dd:22:14:c7:f2:c4:05:02:aa:e0:6b:70:8c:f0:37:
b5:b3:c2:39:68:41:03:63:85:dd:1a:6b:e8:c2:c7:
f8:3b:ee:41:0d:97:9c:01:3d:30:a2:b2:c8:a5:73:
93:0b:03:41:52:82:58:63:7c:d5:1e:86:3e:18:cb:
40:5b:2b:54:dc:5f:86:17:09:23:45:ba:09:12:ac:
a3:5c:5e:6e:e4:ff:05:86:e4:a8:0b:dc:4a:c1:b0:
72:cd:32:f0:79:17:f5:b3:34:1c:e8:b0:5d:dc:b4:
89:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C6:7F:6B:18:5F:8D:A4:1F:E2:2D:03:C7:B2:FC:46:D6:EC:30:A3
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/cMZ_axhfjaQf4i0Dx7L8RtbsMKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0/24
104.239.78.0/24
104.239.80.0/23
104.239.88.0/24
104.239.94.0/24
104.239.104.0/22
104.239.111.0/24
104.239.124.0-104.239.126.255
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0/24
216.173.104.0/22
216.173.110.0/24
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:d4:92:8d:33:70:6b:cc:f8:b8:3f:b0:4f:a3:b9:7d:34:f9:
ed:64:51:ad:b0:f0:81:6c:9d:99:6b:58:b5:cc:58:f3:4c:af:
9a:5b:b5:50:3f:f5:1d:a6:60:17:7e:44:94:65:e0:b1:76:15:
59:be:b6:af:b4:f4:9c:34:a9:1f:b6:71:2f:92:31:43:03:5a:
94:c7:c0:cb:8a:35:3e:33:5d:6a:60:85:05:82:fa:f0:b3:f1:
b8:e9:ff:41:6d:c1:5a:f2:3f:86:81:7b:48:08:3b:47:ff:96:
21:0c:81:54:78:72:f9:7f:de:63:e4:05:1f:d2:89:9e:69:f9:
39:2c:eb:c4:cf:c9:90:cf:0f:d0:31:26:f4:9b:65:fb:0c:07:
d8:f5:5a:37:c4:ad:cb:16:58:d8:56:e7:ca:c0:b5:7d:cc:c0:
25:f8:b3:06:f9:d6:bd:83:9c:dc:1b:c2:cc:ef:26:c3:f6:5d:
1a:28:98:b2:b2:b8:7f:00:4b:24:d2:a2:57:41:0d:74:6d:ac:
0f:b9:c0:73:7c:42:60:c0:3a:6c:cd:48:4d:43:1f:f1:9b:cf:
ba:58:96:33:dd:b5:42:ab:cd:f6:27:d4:9d:bb:5a:55:f5:47:
c9:7a:94:02:a4:7a:32:a0:96:3b:98:e3:db:d9:70:f2:90:2a:
78:12:7e:89
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYXpoJVZQNTdVNI+G2n4HmXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTI1MTU1MTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM2N2Y2YjE4NWY4ZGE0MWZlMjJkMDNjN2IyZmM0NmQ2ZWMzMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzU7cTysrNX6PUZoH9CoIwM7LknGM
zvUbq0WXYGlgLuaptD6G27QkebW5DMpINFBQHQG+frwBa0T5K5dWMiIEd2ZwCj9b
8mHqX/bZOwEW6Zu94R9n5sguZuqeZW+WfVEW1qIIx0Fe8UpzW9Vi7wrF3Fi/Y2xJ
PCLkFoetfdgQNops0C9PHyMI0UjQ9MQEgpoXIcnlrDvdIhTH8sQFAqrga3CM8De1
s8I5aEEDY4XdGmvowsf4O+5BDZecAT0worLIpXOTCwNBUoJYY3zVHoY+GMtAWytU
3F+GFwkjRboJEqyjXF5u5P8FhuSoC9xKwbByzTLweRf1szQc6LBd3LSJMwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFHDGf2sYX42kH+ItA8ey/EbW7DCjMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvY01aX2F4aGZqYVFmNGkwRHg3TDhSdGJzTUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIwDAME
A2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQBaO8KAwQAaO8cAwQBaO8e
AwQAaO8sAwQAaO9JAwQAaO9LAwQAaO9OAwQBaO9QAwQAaO9YAwQAaO9eAwQCaO9o
AwQAaO9vMAwDBAJo73wDBABo734DBACKgJ0DBADYrUwDBADYrVIDBADYrWYDBALY
rWgDBADYrW4DBADYrXgwDQYJKoZIhvcNAQELBQADggEBADzUko0zcGvM+Lg/sE+j
uX00+e1kUa2w8IFsnZlrWLXMWPNMr5pbtVA/9R2mYBd+RJRl4LF2FVm+tq+09Jw0
qR+2cS+SMUMDWpTHwMuKNT4zXWpghQWC+vCz8bjp/0FtwVryP4aBe0gIO0f/liEM
gVR4cvl/3mPkBR/SiZ5p+Tks68TPyZDPD9AxJvSbZfsMB9j1WjfErcsWWNhW58rA
tX3MwCX4swb51r2DnNwbwszvJsP2XRoomLKyuH8ASyTSoldBDXRtrA+5wHN8QmDA
OmzNSE1DH/Gbz7pYljPdtUKrzfYn1J27WlX1R8l6lAKkejKgljuY49vZcPKQKngS
fok=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org