Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/esSHV1oC6EyWwgmzFQZI1NVElhk.roa
File: esSHV1oC6EyWwgmzFQZI1NVElhk.roa (raw, json)
Hash identifier: S4bgZw2TXGf+6N7I/bAbMB3B1AzeUg7T9JKJlftywdA=
Subject key identifier: 7A:C4:87:57:5A:02:E8:4C:96:C2:09:B3:15:06:48:D4:D5:44:96:19
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018866CD35F926FF000A4F48CBD661483CDE
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/esSHV1oC6EyWwgmzFQZI1NVElhk.roa
Signing time: Mon 29 May 2023 09:18:24 +0000
ROA not before: Mon 29 May 2023 09:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 64.137.122.0/23 maxlen: 23
64.137.16.0/24 maxlen: 24
104.249.39.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
104.222.190.0/24 maxlen: 24
64.137.109.0/24 maxlen: 24
64.137.110.0/23 maxlen: 23
64.137.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Sep 2023 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:cd:35:f9:26:ff:00:0a:4f:48:cb:d6:61:48:3c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 29 09:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ac487575a02e84c96c209b3150648d4d5449619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c0:b1:fc:4a:49:6a:fc:2d:92:53:31:c5:9b:
06:13:5e:e9:15:f1:19:92:60:29:de:e8:2f:e6:ac:
4e:c6:a0:d0:f7:2c:53:76:8f:76:32:e6:07:1d:6f:
9e:f1:29:25:13:c2:c6:36:50:9c:4f:a9:77:7b:9b:
b4:7f:f0:67:24:6f:ae:c2:b4:a4:e3:68:16:c9:d0:
21:49:f1:12:e4:e4:40:b1:bd:6d:f1:7e:7c:a5:90:
07:64:e5:a8:82:ae:82:6c:62:55:13:3c:ae:59:1d:
c6:8a:64:65:06:eb:cb:bf:f7:e0:fc:e5:16:9e:f1:
25:44:37:6a:38:97:23:cc:a2:72:43:54:1b:94:e0:
83:3c:6f:97:04:02:7b:a3:8a:a8:56:2c:d1:36:8a:
c0:6a:e7:8a:77:c1:bf:0b:21:a4:fd:6a:f7:92:29:
bf:8e:c2:41:4a:42:e0:97:d4:2c:74:2c:9e:3d:c0:
94:77:d9:1d:84:f2:0f:44:54:17:8a:7e:97:6f:45:
ce:09:7d:f3:e8:8f:6e:de:7d:3f:2a:2a:de:73:bc:
df:60:d2:0d:0f:af:ba:d2:55:d4:12:ed:7b:91:4e:
37:68:26:41:67:02:4d:3c:bb:35:38:07:cb:ad:48:
38:bd:8f:36:f0:4c:ed:ac:95:52:3e:00:6d:35:75:
4a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C4:87:57:5A:02:E8:4C:96:C2:09:B3:15:06:48:D4:D5:44:96:19
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/esSHV1oC6EyWwgmzFQZI1NVElhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.9.0/24
64.137.16.0/24
64.137.54.0/24
64.137.109.0-64.137.111.255
64.137.122.0/23
104.222.190.0/24
104.249.39.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ff:91:8b:8a:ab:c6:4f:66:2b:7e:f3:ba:bc:0f:e5:e2:70:
94:85:31:68:b9:ca:42:67:43:c1:4c:c5:09:3b:fb:e6:61:59:
75:f6:f5:c2:13:54:19:08:48:3c:fc:7d:22:a2:ea:2f:4a:5c:
f6:7a:a5:9e:0c:e0:0d:e6:92:c0:80:64:bc:38:33:f8:2f:b6:
78:f8:e0:71:59:bf:d4:35:3a:4a:42:49:51:e8:fa:6e:3f:99:
16:09:d9:5b:8b:5a:ab:1f:2d:71:9c:94:af:73:1a:c8:6c:53:
10:ee:4e:86:d1:84:13:bd:06:57:6e:f7:c4:5d:37:f8:b5:4d:
8f:7b:b9:ea:40:4a:ca:bb:83:0d:ed:de:1f:be:92:d6:21:a4:
7f:bd:a2:11:4d:c0:49:e9:06:87:25:cb:ba:ab:f9:18:82:22:
46:b7:26:eb:30:8e:ef:05:3c:f6:f2:15:9e:78:da:b0:e1:c8:
83:d3:d7:69:07:79:1a:e2:66:03:76:a4:01:a4:e6:7b:79:91:
e2:ff:96:b1:04:e4:d0:7a:60:00:d4:ef:36:f0:fe:f4:dc:d3:
26:8e:21:2e:d0:70:08:bb:45:84:81:32:40:ce:04:e7:1d:ab:
ff:72:2f:d4:28:83:80:5d:1f:e9:fe:a5:41:65:0b:a4:9f:17:
9b:86:20:3f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYhmzTX5Jv8ACk9Iy9ZhSDzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNTI5MDkxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWM0ODc1NzVhMDJlODRjOTZjMjA5YjMxNTA2NDhkNGQ1NDQ5NjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMCx/EpJavwtklMxxZsGE17pFfEZ
kmAp3ugv5qxOxqDQ9yxTdo92MuYHHW+e8SklE8LGNlCcT6l3e5u0f/BnJG+uwrSk
42gWydAhSfES5ORAsb1t8X58pZAHZOWogq6CbGJVEzyuWR3GimRlBuvLv/fg/OUW
nvElRDdqOJcjzKJyQ1QblOCDPG+XBAJ7o4qoVizRNorAaueKd8G/CyGk/Wr3kim/
jsJBSkLgl9QsdCyePcCUd9kdhPIPRFQXin6Xb0XOCX3z6I9u3n0/Kirec7zfYNIN
D6+60lXUEu17kU43aCZBZwJNPLs1OAfLrUg4vY828EztrJVSPgBtNXVKawIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHrEh1daAuhMlsIJsxUGSNTVRJYZMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZXNTSFYxb0M2RXlXd2dtekZRWkkxTlZFbGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAQIkJAwQA
QIkQAwQAQIk2MAwDBABAiW0DBARAiWADBAFAiXoDBABo3r4DBABo+ScwDQYJKoZI
hvcNAQELBQADggEBABj/kYuKq8ZPZit+87q8D+XicJSFMWi5ykJnQ8FMxQk7++Zh
WXX29cITVBkISDz8fSKi6i9KXPZ6pZ4M4A3mksCAZLw4M/gvtnj44HFZv9Q1OkpC
SVHo+m4/mRYJ2VuLWqsfLXGclK9zGshsUxDuTobRhBO9Bldu98RdN/i1TY97uepA
Ssq7gw3t3h++ktYhpH+9ohFNwEnpBocly7qr+RiCIka3Juswju8FPPbyFZ542rDh
yIPT12kHeRriZgN2pAGk5nt5keL/lrEE5NB6YADU7zbw/vTc0yaOIS7QcAi7RYSB
MkDOBOcdq/9yL9Qog4BdH+n+pUFlC6SfF5uGID8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org