Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/eUwa8JDahtaRCgr9xis3zG0x0H0.roa
File: eUwa8JDahtaRCgr9xis3zG0x0H0.roa (raw, json)
Hash identifier: nVFSQnzcTIvv/X9RdpTofrrBHvoN1u7IscgFHgDUNJs=
Subject key identifier: 79:4C:1A:F0:90:DA:86:D6:91:0A:0A:FD:C6:2B:37:CC:6D:31:D0:7D
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0187C742E2A6488ADFE2155DE2805BC3207F
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/eUwa8JDahtaRCgr9xis3zG0x0H0.roa
Signing time: Fri 28 Apr 2023 09:47:41 +0000
ROA not before: Fri 28 Apr 2023 09:47:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397373
IP address blocks: 104.249.24.0/24 maxlen: 24
216.173.83.0/24 maxlen: 24
104.249.28.0/24 maxlen: 24
104.249.27.0/24 maxlen: 24
104.249.26.0/24 maxlen: 24
104.143.228.0/24 maxlen: 24
216.173.101.0/24 maxlen: 24
104.249.56.0/22 maxlen: 22
104.143.253.0/24 maxlen: 24
45.43.128.0/21 maxlen: 21
45.43.128.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 20:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:42:e2:a6:48:8a:df:e2:15:5d:e2:80:5b:c3:20:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 28 09:47:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=794c1af090da86d6910a0afdc62b37cc6d31d07d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:98:e0:77:83:cb:5d:59:87:b0:ef:5d:2e:03:
10:4f:ef:8e:40:14:ba:6a:18:e3:1b:97:0f:a4:22:
7d:4c:09:90:bc:4c:de:1f:bd:c4:32:91:8b:78:ad:
98:fd:65:97:1f:67:68:89:5e:11:27:ee:f4:1d:1b:
1d:93:75:28:d1:ab:72:0b:5f:b9:04:7f:10:58:1c:
df:59:53:29:87:31:6d:67:09:4f:84:1d:0f:2a:b1:
d5:38:29:c0:45:b9:c9:7b:83:22:64:75:eb:06:f6:
10:45:5d:07:36:85:63:f9:89:4c:ff:83:d5:1a:be:
8f:aa:19:7f:8b:b0:3e:8b:f2:1a:36:e8:64:4b:46:
a3:b3:65:5e:d5:78:da:93:60:ee:6a:e3:12:3e:a8:
16:e2:ad:c1:c2:57:25:b3:d1:ce:e6:3d:a3:a4:a3:
e3:ff:de:16:a3:9f:59:9a:03:81:4a:dc:e9:e0:8c:
6a:c1:40:13:8b:fe:e5:2b:86:dd:0c:77:28:4c:53:
70:3a:3e:61:f8:92:06:85:6d:20:ff:86:07:90:5f:
ce:03:98:7e:e1:5f:c3:1f:95:b3:3d:c7:2a:fc:d7:
b0:55:22:90:bb:6f:82:1c:9c:83:de:c5:a1:e4:bf:
42:8b:71:b4:36:a2:be:3c:40:98:8a:39:5a:ab:20:
85:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:4C:1A:F0:90:DA:86:D6:91:0A:0A:FD:C6:2B:37:CC:6D:31:D0:7D
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/eUwa8JDahtaRCgr9xis3zG0x0H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.128.0/21
104.143.228.0/24
104.143.253.0/24
104.249.24.0/24
104.249.26.0-104.249.28.255
104.249.56.0/22
216.173.83.0/24
216.173.101.0/24
Signature Algorithm: sha256WithRSAEncryption
64:e3:39:fa:c2:43:be:57:56:0f:aa:a9:11:2b:78:e0:ae:75:
bb:52:ae:87:f4:f5:0f:35:b7:8a:36:ad:be:a7:03:1e:20:eb:
87:d2:11:7d:66:b2:5e:9d:f1:bc:78:f6:5c:d1:b2:e8:eb:dc:
b7:29:1c:7a:72:e2:5b:1c:cf:39:2d:6b:53:fb:00:eb:5f:9b:
74:91:ec:b9:c1:6a:46:d7:60:a4:3d:cd:c4:bb:ad:11:e1:c4:
a9:90:30:c8:8a:95:79:f5:c7:97:87:00:06:bd:54:02:38:b5:
6f:4b:b1:57:35:ec:6b:05:9b:af:7c:74:63:e5:57:30:02:f0:
6c:b4:b2:6f:59:6f:f1:01:e7:87:2d:38:e0:17:5c:d4:b3:b1:
17:45:91:01:1d:96:37:63:cf:d6:f4:04:50:d8:bb:9e:6f:5d:
2e:29:58:25:fa:1a:3f:10:1e:ef:bc:d4:df:fa:35:1c:4f:6b:
8c:02:2d:2f:1c:90:19:48:41:e2:02:d4:0a:9d:19:69:b4:c7:
03:de:f8:b8:84:d0:89:f6:bc:ef:ba:58:01:f8:45:89:89:8f:
5b:4b:bf:60:c7:48:de:0d:8e:6d:81:37:3d:37:9d:ec:be:ea:
c1:37:80:36:d0:bd:48:a4:51:df:1d:14:23:54:1f:74:cb:c4:
d7:31:1c:d1
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYfHQuKmSIrf4hVd4oBbwyB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNDI4MDk0NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTRjMWFmMDkwZGE4NmQ2OTEwYTBhZmRjNjJiMzdjYzZkMzFkMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopjgd4PLXVmHsO9dLgMQT++OQBS6
ahjjG5cPpCJ9TAmQvEzeH73EMpGLeK2Y/WWXH2doiV4RJ+70HRsdk3Uo0atyC1+5
BH8QWBzfWVMphzFtZwlPhB0PKrHVOCnARbnJe4MiZHXrBvYQRV0HNoVj+YlM/4PV
Gr6Pqhl/i7A+i/IaNuhkS0ajs2Ve1Xjak2DuauMSPqgW4q3Bwlcls9HO5j2jpKPj
/94Wo59ZmgOBStzp4IxqwUATi/7lK4bdDHcoTFNwOj5h+JIGhW0g/4YHkF/OA5h+
4V/DH5WzPccq/NewVSKQu2+CHJyD3sWh5L9Ci3G0NqK+PECYijlaqyCFpQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHlMGvCQ2obWkQoK/cYrN8xtMdB9MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZVV3YThKRGFodGFSQ2dyOXhpczN6RzB4MEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQDLSuAAwQA
aI/kAwQAaI/9AwQAaPkYMAwDBAFo+RoDBABo+RwDBAJo+TgDBADYrVMDBADYrWUw
DQYJKoZIhvcNAQELBQADggEBAGTjOfrCQ75XVg+qqREreOCudbtSrof09Q81t4o2
rb6nAx4g64fSEX1msl6d8bx49lzRsujr3LcpHHpy4lsczzkta1P7AOtfm3SR7LnB
akbXYKQ9zcS7rRHhxKmQMMiKlXn1x5eHAAa9VAI4tW9LsVc17GsFm698dGPlVzAC
8Gy0sm9Zb/EB54ctOOAXXNSzsRdFkQEdljdjz9b0BFDYu55vXS4pWCX6Gj8QHu+8
1N/6NRxPa4wCLS8ckBlIQeIC1AqdGWm0xwPe+LiE0In2vO+6WAH4RYmJj1tLv2DH
SN4Njm2BNz03ney+6sE3gDbQvUikUd8dFCNUH3TLxNcxHNE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org