Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/gHsYgg40VztCTfYwpiO4B3JCw8k.roa
File: gHsYgg40VztCTfYwpiO4B3JCw8k.roa (raw, json)
Hash identifier: J8SfcMKFPMxf37xg1QUp/yTMG1Hx4PIGgOVImSJJGPE=
Subject key identifier: 80:7B:18:82:0E:34:57:3B:42:4D:F6:30:A6:23:B8:07:72:42:C3:C9
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185E9A0974D58251FA954F93FDDC306C487
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/gHsYgg40VztCTfYwpiO4B3JCw8k.roa
Signing time: Wed 25 Jan 2023 15:51:33 +0000
ROA not before: Wed 25 Jan 2023 15:51:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202496
IP address blocks: 104.143.254.0/23 maxlen: 23
216.173.78.0/23 maxlen: 23
104.249.30.0/23 maxlen: 23
45.43.176.0/23 maxlen: 23
45.43.176.0/20 maxlen: 20
45.43.178.0/23 maxlen: 23
45.43.180.0/23 maxlen: 23
45.43.182.0/23 maxlen: 23
45.43.186.0/23 maxlen: 23
45.43.184.0/23 maxlen: 23
104.143.235.0/24 maxlen: 24
45.43.190.0/23 maxlen: 23
45.43.188.0/23 maxlen: 23
104.143.252.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
104.143.248.0/22 maxlen: 22
104.238.4.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:a0:97:4d:58:25:1f:a9:54:f9:3f:dd:c3:06:c4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 25 15:51:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=807b18820e34573b424df630a623b8077242c3c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fd:60:f7:65:5a:b8:e1:91:80:b6:11:e7:be:
41:9c:ec:fa:cf:45:c0:84:15:be:c3:89:31:b6:3e:
cb:b1:b9:94:dc:a0:b7:b6:cf:bf:6b:3a:6a:e2:1c:
1d:fb:f2:8a:03:c8:c3:85:26:94:a6:26:89:9a:54:
69:a4:a3:f3:fc:25:2c:c2:bf:e2:a5:79:78:84:c0:
26:48:80:b8:4d:37:1a:6a:04:ff:52:72:b7:e6:3e:
23:89:70:4f:dc:76:84:14:c2:0c:90:20:79:bc:ae:
e7:b0:b4:b5:25:f5:12:72:99:58:15:9c:f5:fe:6f:
4c:18:13:78:02:76:0d:e6:60:35:31:03:82:2e:71:
e9:fb:bc:1f:eb:6f:b1:86:69:d3:ed:4f:7e:53:e5:
e1:dd:db:98:e8:9e:99:c1:d3:c9:bd:57:fc:9e:8a:
30:92:29:a8:07:dd:3b:23:c6:e6:fc:d7:96:7c:58:
b5:07:ba:aa:ce:30:8f:7c:c3:06:5e:1d:a1:f7:bd:
6d:c1:15:fc:f7:67:44:4f:cc:34:de:af:b4:46:56:
ad:0b:40:16:8a:2d:89:32:8e:5d:24:b0:96:15:d0:
37:ea:0d:cd:f6:f1:22:03:8b:8f:13:76:fe:7f:ff:
75:a3:b2:35:aa:99:1b:f3:33:a1:14:19:2a:e5:0f:
b9:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:7B:18:82:0E:34:57:3B:42:4D:F6:30:A6:23:B8:07:72:42:C3:C9
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/gHsYgg40VztCTfYwpiO4B3JCw8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.176.0/20
104.143.235.0/24
104.143.248.0-104.143.252.255
104.143.254.0/23
104.238.4.0/23
104.249.30.0/23
104.249.60.0/23
216.173.78.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:46:7b:1d:f7:d8:74:3b:27:c7:58:52:5f:4b:fe:bc:9f:09:
d1:d0:62:bf:b2:36:73:9c:51:ac:88:f0:31:77:32:20:1c:e2:
ad:d8:6e:e9:8f:d5:b6:4d:30:a4:c5:70:22:77:6a:f0:c2:8c:
80:f0:3d:3a:86:ac:1d:d5:1d:ed:9f:48:a3:6d:81:22:5c:e8:
4b:dd:9d:5b:5c:f7:c9:f1:d0:57:23:62:82:ea:91:98:7c:15:
a7:f2:3f:b0:35:8d:79:62:61:e8:18:e2:d8:68:ba:84:70:55:
3f:55:9e:82:b2:94:36:7b:d3:50:e0:a9:62:69:4a:56:f3:8e:
db:94:59:5c:f3:b1:b8:72:63:58:77:13:11:88:30:14:a3:ab:
38:cf:ca:fe:73:be:8f:c2:83:95:53:19:7c:b8:3e:6e:da:62:
a4:08:3b:76:13:7b:78:92:ee:b0:5c:9e:13:41:76:ac:61:4f:
de:44:08:f4:c4:3d:f9:4a:47:6b:a2:11:26:be:c3:37:e9:e6:
3e:a8:a0:28:dd:8f:3d:cf:b6:9d:2f:26:60:21:de:5c:25:b7:
5c:4c:2d:c0:8a:a6:bd:f4:df:f1:2f:a1:8b:cc:62:e3:95:0a:
d9:21:0d:01:ce:39:b3:cb:e0:d3:94:32:aa:bb:ab:46:07:83:
69:fc:37:fa
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYXpoJdNWCUfqVT5P93DBsSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTI1MTU1MTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDdiMTg4MjBlMzQ1NzNiNDI0ZGY2MzBhNjIzYjgwNzcyNDJjM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv1g92VauOGRgLYR575BnOz6z0XA
hBW+w4kxtj7LsbmU3KC3ts+/azpq4hwd+/KKA8jDhSaUpiaJmlRppKPz/CUswr/i
pXl4hMAmSIC4TTcaagT/UnK35j4jiXBP3HaEFMIMkCB5vK7nsLS1JfUScplYFZz1
/m9MGBN4AnYN5mA1MQOCLnHp+7wf62+xhmnT7U9+U+Xh3duY6J6ZwdPJvVf8noow
kimoB907I8bm/NeWfFi1B7qqzjCPfMMGXh2h971twRX892dET8w03q+0RlatC0AW
ii2JMo5dJLCWFdA36g3N9vEiA4uPE3b+f/91o7I1qpkb8zOhFBkq5Q+5UwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIB7GIIONFc7Qk32MKYjuAdyQsPJMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZ0hzWWdnNDBWenRDVGZZd3BpTzRCM0pDdzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQELSuwAwQA
aI/rMAwDBANoj/gDBABoj/wDBAFoj/4DBAFo7gQDBAFo+R4DBAFo+TwDBAHYrU4w
DQYJKoZIhvcNAQELBQADggEBAApGex332HQ7J8dYUl9L/ryfCdHQYr+yNnOcUayI
8DF3MiAc4q3YbumP1bZNMKTFcCJ3avDCjIDwPTqGrB3VHe2fSKNtgSJc6EvdnVtc
98nx0FcjYoLqkZh8FafyP7A1jXliYegY4thouoRwVT9VnoKylDZ701DgqWJpSlbz
jtuUWVzzsbhyY1h3ExGIMBSjqzjPyv5zvo/Cg5VTGXy4Pm7aYqQIO3YTe3iS7rBc
nhNBdqxhT95ECPTEPflKR2uiESa+wzfp5j6ooCjdjz3Ptp0vJmAh3lwlt1xMLcCK
pr303/EvoYvMYuOVCtkhDQHOObPL4NOUMqq7q0YHg2n8N/o=
-----END CERTIFICATE-----
Generated at Tue Aug 8 10:43:31 2023 by rpki-client on console-fra.rpki-client.org