Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/giwytYJ2IgfyHl-ZeTpmZMuPKIw.roa
File: giwytYJ2IgfyHl-ZeTpmZMuPKIw.roa (raw, json)
Hash identifier: 2xtpUlcrggbGJGJmYBgnEksZVpEmG6rFBzvgHeFoi3w=
Subject key identifier: 82:2C:32:B5:82:76:22:07:F2:1E:5F:99:79:3A:66:64:CB:8F:28:8C
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018A83552E784813CF64ED44BA80BD3BED76
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/giwytYJ2IgfyHl-ZeTpmZMuPKIw.roa
Signing time: Mon 11 Sep 2023 08:21:52 +0000
ROA not before: Mon 11 Sep 2023 08:21:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 64.137.54.0/24 maxlen: 24
104.222.190.0/24 maxlen: 24
64.137.109.0/24 maxlen: 24
64.137.110.0/23 maxlen: 23
64.137.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:55:2e:78:48:13:cf:64:ed:44:ba:80:bd:3b:ed:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Sep 11 08:21:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=822c32b582762207f21e5f99793a6664cb8f288c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:43:49:be:a7:2e:9e:31:d6:44:fd:7a:6d:5a:
41:a1:da:d3:b5:62:f3:0f:5f:ac:37:82:19:96:b6:
79:50:88:5c:45:5b:78:3e:19:66:45:ab:b6:3c:bf:
ac:6d:75:d5:99:83:2d:2c:21:5d:c0:9a:69:dd:23:
bb:26:6c:c0:ac:09:d8:11:18:ed:78:b6:ea:51:e2:
85:a9:95:15:0a:a1:1d:38:79:7e:cd:7b:1e:23:27:
d4:92:8e:34:88:7e:72:58:1a:89:f9:91:fd:75:a6:
6b:dc:93:7f:bc:f0:81:b8:81:78:92:e4:f4:45:48:
26:ee:c6:07:b1:1e:bf:41:63:4e:28:8b:69:c4:d3:
db:12:5f:6b:a3:fb:55:78:31:59:db:1f:6a:bb:63:
bb:09:75:51:32:75:03:32:e2:e9:22:c3:5a:8d:4f:
6e:0d:88:33:32:b3:a3:a5:15:0c:67:3b:2f:97:45:
4f:1d:39:01:88:9e:5e:c7:97:3e:bc:d0:2b:37:43:
82:80:9c:0d:c9:ac:57:f9:d8:5a:0e:d5:b4:3d:47:
bc:cd:9f:3d:ee:9f:ab:e6:87:47:f9:b7:50:82:be:
c7:45:b5:54:0f:da:e5:a9:3d:32:f7:d1:61:be:5b:
7d:fd:a8:36:09:32:ab:0a:87:90:46:06:e1:54:4c:
e5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:2C:32:B5:82:76:22:07:F2:1E:5F:99:79:3A:66:64:CB:8F:28:8C
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/giwytYJ2IgfyHl-ZeTpmZMuPKIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.9.0/24
64.137.54.0/24
64.137.109.0-64.137.111.255
104.222.190.0/24
Signature Algorithm: sha256WithRSAEncryption
35:09:55:c0:03:a1:a7:05:c9:06:db:ca:4d:d6:e4:32:69:96:
08:c3:3a:5b:ea:cf:91:44:1e:62:57:97:98:d4:3c:ef:90:54:
e1:6c:cc:94:fa:26:72:17:79:8d:70:92:00:89:11:38:08:a2:
4f:a2:22:2d:0d:8d:e2:d5:9e:97:0a:d8:26:17:f6:fb:f8:dc:
b3:9f:0a:3c:20:84:74:8d:ae:a6:44:8b:e7:47:43:64:79:04:
65:94:db:46:17:30:3a:bf:0c:5b:73:da:ed:9d:ca:fb:e7:3c:
8f:8d:61:47:ce:1e:69:cb:da:0a:7e:09:67:ad:6a:3f:7d:98:
64:f2:7f:f8:64:31:00:33:a2:5b:16:3f:c7:dd:98:3d:7e:dc:
5e:02:20:90:38:26:2a:63:d2:4e:96:56:2f:8d:6b:48:5e:52:
1c:3c:2e:c5:31:d1:fe:98:b4:1f:ab:e9:0b:80:55:a7:98:27:
70:ef:8f:0d:ea:ef:39:35:35:10:97:12:ff:2e:2a:8c:63:c2:
64:5e:c7:0a:06:d0:a4:41:f0:af:fc:09:44:4d:9e:81:e3:9f:
de:d8:6a:c3:4c:8e:dc:03:2f:99:d9:8e:61:4d:13:1f:d2:e7:
05:e7:bc:7b:4f:26:77:6d:87:ca:b0:e6:5e:58:da:5b:c6:ab:
62:5a:25:bd
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYqDVS54SBPPZO1EuoC9O+12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwOTExMDgyMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjJjMzJiNTgyNzYyMjA3ZjIxZTVmOTk3OTNhNjY2NGNiOGYyODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlENJvqcunjHWRP16bVpBodrTtWLz
D1+sN4IZlrZ5UIhcRVt4PhlmRau2PL+sbXXVmYMtLCFdwJpp3SO7JmzArAnYERjt
eLbqUeKFqZUVCqEdOHl+zXseIyfUko40iH5yWBqJ+ZH9daZr3JN/vPCBuIF4kuT0
RUgm7sYHsR6/QWNOKItpxNPbEl9ro/tVeDFZ2x9qu2O7CXVRMnUDMuLpIsNajU9u
DYgzMrOjpRUMZzsvl0VPHTkBiJ5ex5c+vNArN0OCgJwNyaxX+dhaDtW0PUe8zZ89
7p+r5odH+bdQgr7HRbVUD9rlqT0y99Fhvlt9/ag2CTKrCoeQRgbhVEzlMQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIIsMrWCdiIH8h5fmXk6ZmTLjyiMMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZ2l3eXRZSjJJZ2Z5SGwtWmVUcG1aTXVQS0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAQIkJAwQA
QIk2MAwDBABAiW0DBARAiWADBABo3r4wDQYJKoZIhvcNAQELBQADggEBADUJVcAD
oacFyQbbyk3W5DJplgjDOlvqz5FEHmJXl5jUPO+QVOFszJT6JnIXeY1wkgCJETgI
ok+iIi0NjeLVnpcK2CYX9vv43LOfCjwghHSNrqZEi+dHQ2R5BGWU20YXMDq/DFtz
2u2dyvvnPI+NYUfOHmnL2gp+CWetaj99mGTyf/hkMQAzolsWP8fdmD1+3F4CIJA4
Jipj0k6WVi+Na0heUhw8LsUx0f6YtB+r6QuAVaeYJ3Dvjw3q7zk1NRCXEv8uKoxj
wmRexwoG0KRB8K/8CURNnoHjn97YasNMjtwDL5nZjmFNEx/S5wXnvHtPJndth8qw
5l5Y2lvGq2JaJb0=
-----END CERTIFICATE-----
Generated at Mon Nov 27 19:56:50 2023 by rpki-client on console-ams.rpki-client.org