Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ez5wDyYGi9w0DRw-3WQkXYbBQx4.roa
File: ez5wDyYGi9w0DRw-3WQkXYbBQx4.roa (raw, json)
Hash identifier: p8EoqwloZwEOjer6ahz9NEOm4eLiOy7gFcAa3kP3QbA=
Subject key identifier: 7B:3E:70:0F:26:06:8B:DC:34:0D:1C:3E:DD:64:24:5D:86:C1:43:1E
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794C83D23834BCB8E1967341B126E0D
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ez5wDyYGi9w0DRw-3WQkXYbBQx4.roa
Signing time: Tue 02 Jan 2024 00:31:05 +0000
ROA not before: Tue 02 Jan 2024 00:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 64.137.119.0/24 maxlen: 24
64.137.125.0/24 maxlen: 24
64.137.127.0/24 maxlen: 24
64.137.29.0/24 maxlen: 24
64.137.34.0/23 maxlen: 23
64.137.40.0/23 maxlen: 23
84.246.108.0/24 maxlen: 24
64.137.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 15:42:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:c8:3d:23:83:4b:cb:8e:19:67:34:1b:12:6e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b3e700f26068bdc340d1c3edd64245d86c1431e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e2:e9:87:06:6a:10:75:33:53:84:62:c6:26:
e9:bc:eb:f9:2a:7c:a1:c1:0d:e2:9c:b3:64:4e:79:
a3:bb:8a:38:e6:3c:50:04:7b:a3:b5:e2:17:28:31:
32:29:51:cc:88:21:2f:ef:d0:d4:f3:ff:4c:40:71:
5d:c1:ea:41:d4:d7:61:d8:e4:ef:ec:4e:f2:30:89:
d4:2d:eb:26:0c:f8:f0:4f:25:ff:68:24:0f:21:54:
94:4e:3d:04:b5:d9:52:3c:e2:c1:0d:44:8e:06:96:
d9:cf:bd:6f:7d:ff:da:76:7e:52:8a:40:69:55:54:
7e:4a:0a:2b:02:fd:94:cf:16:3c:04:90:94:3b:7b:
43:4d:9d:52:16:bf:96:c2:d4:1e:fa:11:af:32:a9:
8d:5b:a2:c7:5c:2b:b5:41:ed:c5:fb:4f:d4:2a:01:
e1:1e:68:4a:ed:3d:59:0d:89:5c:a7:ce:20:4b:e9:
6a:8e:e5:d2:75:c0:82:56:ce:1c:68:ec:06:d2:42:
44:ac:7f:97:f1:53:4a:66:fd:c9:1c:51:00:91:32:
46:45:ee:65:ff:3d:82:1f:1f:25:bf:d2:ac:93:50:
b5:8a:7d:08:f8:7c:45:90:f6:9b:b4:38:57:93:3a:
35:ad:65:33:46:cb:be:ff:af:39:cc:07:07:1f:6b:
c3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:3E:70:0F:26:06:8B:DC:34:0D:1C:3E:DD:64:24:5D:86:C1:43:1E
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ez5wDyYGi9w0DRw-3WQkXYbBQx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.29.0/24
64.137.34.0/23
64.137.40.0/23
64.137.114.0/24
64.137.119.0/24
64.137.125.0/24
64.137.127.0/24
84.246.108.0/24
Signature Algorithm: sha256WithRSAEncryption
40:59:39:4c:3f:c6:75:0e:d9:e1:09:74:87:97:34:80:6d:d2:
34:a8:16:a3:25:d2:86:cc:62:d1:95:7a:52:e4:04:ab:a8:c0:
43:d4:55:9b:65:7a:79:50:a1:72:c6:02:df:ea:dc:1d:f2:a9:
67:56:fb:02:78:e4:c5:97:fd:89:e3:58:2c:44:ee:d4:1a:9e:
82:03:d8:a8:09:e2:2a:a3:66:dc:8d:71:c3:63:36:4a:03:e2:
c6:f0:c9:18:ad:bc:1f:98:44:60:88:55:ad:ad:27:68:5f:0d:
e9:48:94:85:16:70:0c:2d:e0:a5:46:44:3c:64:1b:39:57:a2:
0f:31:bc:c0:3e:7c:b6:84:05:e5:8a:9b:b9:11:0e:ce:58:21:
43:52:6e:41:a5:46:7d:0e:2c:98:5d:86:39:4b:e2:c8:02:1c:
ec:d6:a0:58:1f:6a:45:1f:c8:e5:f3:e3:2f:70:90:f8:2f:2e:
f3:b7:a1:b9:a6:f9:27:63:9f:a1:9e:cd:9f:0e:f2:fb:64:ba:
88:3d:be:04:d5:43:0b:9a:3d:a5:a6:d2:03:20:1f:e8:ed:6f:
04:09:73:9e:c1:4d:a8:05:d7:4f:e0:31:a9:b5:b7:a4:9a:98:
ff:01:da:f7:03:c5:56:3a:c3:ee:71:c1:01:fa:03:7f:e0:45:
4e:6b:08:ca
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzHlMg9I4NLy44ZZzQbEm4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjNlNzAwZjI2MDY4YmRjMzQwZDFjM2VkZDY0MjQ1ZDg2YzE0MzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeLphwZqEHUzU4RixibpvOv5Knyh
wQ3inLNkTnmju4o45jxQBHujteIXKDEyKVHMiCEv79DU8/9MQHFdwepB1Ndh2OTv
7E7yMInULesmDPjwTyX/aCQPIVSUTj0EtdlSPOLBDUSOBpbZz71vff/adn5SikBp
VVR+SgorAv2UzxY8BJCUO3tDTZ1SFr+WwtQe+hGvMqmNW6LHXCu1Qe3F+0/UKgHh
HmhK7T1ZDYlcp84gS+lqjuXSdcCCVs4caOwG0kJErH+X8VNKZv3JHFEAkTJGRe5l
/z2CHx8lv9Ksk1C1in0I+HxFkPabtDhXkzo1rWUzRsu+/685zAcHH2vDcQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHs+cA8mBovcNA0cPt1kJF2GwUMeMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZXo1d0R5WUdpOXcwRFJ3LTNXUWtYWWJCUXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAQIkdAwQB
QIkiAwQBQIkoAwQAQIlyAwQAQIl3AwQAQIl9AwQAQIl/AwQAVPZsMA0GCSqGSIb3
DQEBCwUAA4IBAQBAWTlMP8Z1DtnhCXSHlzSAbdI0qBajJdKGzGLRlXpS5ASrqMBD
1FWbZXp5UKFyxgLf6twd8qlnVvsCeOTFl/2J41gsRO7UGp6CA9ioCeIqo2bcjXHD
YzZKA+LG8MkYrbwfmERgiFWtrSdoXw3pSJSFFnAMLeClRkQ8ZBs5V6IPMbzAPny2
hAXlipu5EQ7OWCFDUm5BpUZ9DiyYXYY5S+LIAhzs1qBYH2pFH8jl8+MvcJD4Ly7z
t6G5pvknY5+hns2fDvL7ZLqIPb4E1UMLmj2lptIDIB/o7W8ECXOewU2oBddP4DGp
tbekmpj/Adr3A8VWOsPuccEB+gN/4EVOawjK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org