Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/gRf8SxlAOhUnuCTnwql5fDTiC9A.roa
File: gRf8SxlAOhUnuCTnwql5fDTiC9A.roa (raw, json)
Hash identifier: m5z66CC+8fdigJQ3mREnliZx1FPL9FqYib6oD91GBKE=
Subject key identifier: 81:17:FC:4B:19:40:3A:15:27:B8:24:E7:C2:A9:79:7C:34:E2:0B:D0
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185E9A0948997CB74BD03481D75BB0DB675
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/gRf8SxlAOhUnuCTnwql5fDTiC9A.roa
Signing time: Wed 25 Jan 2023 15:51:33 +0000
ROA not before: Wed 25 Jan 2023 15:51:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
216.173.102.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.239.94.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.167.10.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.88.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
138.128.148.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Jan 2023 17:40:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:a0:94:89:97:cb:74:bd:03:48:1d:75:bb:0d:b6:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 25 15:51:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8117fc4b19403a1527b824e7c2a9797c34e20bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a5:b6:40:dd:c5:6e:56:ea:6e:a6:6b:c6:e9:
37:b5:ac:99:24:c9:ae:64:82:2e:1b:fd:c3:e5:93:
2b:8b:c5:2e:92:2f:7e:2f:a4:f9:61:6f:05:b0:5d:
ec:1d:82:f7:b3:2f:f7:41:b0:79:49:17:dc:cf:ef:
73:75:51:d4:3a:f0:2a:bb:f6:16:43:37:40:35:68:
07:af:1b:0e:f1:67:28:14:ac:b2:e1:96:d2:0f:90:
20:ef:52:9c:9a:bf:7d:af:80:fe:4f:0f:a5:e6:05:
14:42:57:c5:05:50:a4:77:dc:e3:6f:d1:31:45:d9:
e1:8b:f0:ea:ff:b6:e7:48:56:d6:de:53:a0:19:09:
e2:a1:00:4d:f1:62:1e:6b:2e:47:09:77:c7:49:e3:
90:d0:b6:ff:f3:44:1a:7e:ae:b2:38:17:4f:e2:c2:
81:85:0e:03:80:38:32:d2:80:39:a9:1e:b7:bd:7f:
e8:c8:a9:6f:3f:ec:37:89:b1:07:7e:4b:45:ca:51:
b6:69:13:2d:20:e3:6e:20:e3:29:d5:0e:45:d5:08:
2f:8f:3d:b1:8a:6b:51:5d:4d:f0:b8:0e:83:c6:95:
85:77:5a:c9:01:11:52:f5:8e:41:d8:26:0a:1c:a7:
20:d8:c8:31:fe:12:6e:6e:87:f4:8d:91:2d:2e:f9:
b7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:17:FC:4B:19:40:3A:15:27:B8:24:E7:C2:A9:79:7C:34:E2:0B:D0
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/gRf8SxlAOhUnuCTnwql5fDTiC9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.52.0/23
104.167.10.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0/24
104.239.78.0/24
104.239.80.0/23
104.239.88.0/24
104.239.94.0/24
104.239.104.0/22
104.239.111.0/24
104.239.124.0-104.239.126.255
138.128.148.0/24
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0/24
216.173.104.0/22
216.173.110.0/24
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:5b:66:26:93:f7:30:56:0b:8b:3b:61:ac:e9:30:2a:4a:1d:
c4:76:d7:ad:d3:e1:5e:52:ac:25:5b:fc:0e:a8:0f:d7:ae:29:
7c:8f:33:eb:ef:ad:57:a2:fd:1d:38:fe:42:07:47:ea:3b:f9:
93:32:3c:84:15:f4:71:2a:05:37:55:f9:06:1f:64:54:50:22:
0d:58:54:d7:4e:45:e2:24:e7:ca:24:5b:6d:17:df:f0:50:cc:
d5:8d:4f:60:aa:4b:d8:fe:34:82:d4:23:21:77:f4:83:3e:cb:
29:53:41:9b:32:79:26:c3:53:83:ab:fa:b5:49:1f:e1:01:35:
36:21:64:c8:33:af:b5:68:3c:f7:e7:c9:92:c2:e2:d5:a7:0f:
ad:2d:b8:6c:4c:78:a1:77:34:ed:56:8f:97:4b:ca:9a:1c:5a:
65:cb:38:b7:7b:19:0d:cb:a1:26:c3:d4:00:68:0f:97:26:e0:
bf:9d:41:b1:50:2c:41:4e:f3:8c:90:70:33:71:cb:37:13:91:
e8:cc:93:d5:c5:80:a6:b0:6d:ef:db:61:e8:c6:be:7f:a6:c8:
a4:32:5d:a2:d9:0a:d3:fe:b3:03:bb:81:8c:b0:e5:07:a4:e9:
b5:e9:d3:90:0d:5d:89:c6:9b:58:5e:71:59:94:12:b4:a6:4c:
82:dc:e7:6e
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYXpoJSJl8t0vQNIHXW7DbZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTI1MTU1MTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTE3ZmM0YjE5NDAzYTE1MjdiODI0ZTdjMmE5Nzk3YzM0ZTIwYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6W2QN3FblbqbqZrxuk3tayZJMmu
ZIIuG/3D5ZMri8Uuki9+L6T5YW8FsF3sHYL3sy/3QbB5SRfcz+9zdVHUOvAqu/YW
QzdANWgHrxsO8WcoFKyy4ZbSD5Ag71Kcmr99r4D+Tw+l5gUUQlfFBVCkd9zjb9Ex
Rdnhi/Dq/7bnSFbW3lOgGQnioQBN8WIeay5HCXfHSeOQ0Lb/80Qafq6yOBdP4sKB
hQ4DgDgy0oA5qR63vX/oyKlvP+w3ibEHfktFylG2aRMtIONuIOMp1Q5F1Qgvjz2x
imtRXU3wuA6DxpWFd1rJARFS9Y5B2CYKHKcg2Mgx/hJubof0jZEtLvm3YQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFIEX/EsZQDoVJ7gk58KpeXw04gvQMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZ1JmOFN4bEFPaFVudUNUbndxbDVmRFRpQzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAFA
iTQDBABopwowDAMEA2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQBaO8K
AwQAaO8cAwQBaO8eAwQAaO8sAwQAaO9JAwQAaO9LAwQAaO9OAwQBaO9QAwQAaO9Y
AwQAaO9eAwQCaO9oAwQAaO9vMAwDBAJo73wDBABo734DBACKgJQDBACKgJ0DBADY
rUwDBADYrVIDBADYrWYDBALYrWgDBADYrW4DBADYrXgwDQYJKoZIhvcNAQELBQAD
ggEBAJxbZiaT9zBWC4s7YazpMCpKHcR2163T4V5SrCVb/A6oD9euKXyPM+vvrVei
/R04/kIHR+o7+ZMyPIQV9HEqBTdV+QYfZFRQIg1YVNdOReIk58okW20X3/BQzNWN
T2CqS9j+NILUIyF39IM+yylTQZsyeSbDU4Or+rVJH+EBNTYhZMgzr7VoPPfnyZLC
4tWnD60tuGxMeKF3NO1Wj5dLypocWmXLOLd7GQ3LoSbD1ABoD5cm4L+dQbFQLEFO
84yQcDNxyzcTkejMk9XFgKawbe/bYejGvn+myKQyXaLZCtP+swO7gYyw5Qek6bXp
05ANXYnGm1hecVmUErSmTILc524=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org