Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/gl0p_c6TLhKgiuXj0e05E7dZ4zQ.roa
File: gl0p_c6TLhKgiuXj0e05E7dZ4zQ.roa (raw, json)
Hash identifier: jHSWrTV6TZnMU4dP1OMWsfjyRsOoHSp+Ki6dsGVbXeI=
Subject key identifier: 82:5D:29:FD:CE:93:2E:12:A0:8A:E5:E3:D1:ED:39:13:B7:59:E3:34
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01864AE5FB9ABBD14C1C7FA2E7998B112EDF
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/gl0p_c6TLhKgiuXj0e05E7dZ4zQ.roa
Signing time: Mon 13 Feb 2023 13:10:31 +0000
ROA not before: Mon 13 Feb 2023 13:10:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 104.239.94.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:e5:fb:9a:bb:d1:4c:1c:7f:a2:e7:99:8b:11:2e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Feb 13 13:10:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=825d29fdce932e12a08ae5e3d1ed3913b759e334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:66:00:ef:73:bd:c3:51:1c:8a:19:85:68:f8:
d6:eb:e5:e7:d6:92:b8:02:1f:ca:ae:f0:ee:5d:f9:
27:4a:40:27:66:c3:c8:c5:73:b4:72:b5:b4:59:b4:
75:d5:68:e2:06:40:13:5e:35:9d:9a:65:77:e1:a4:
e9:42:bb:d1:98:39:a0:20:ee:43:31:0e:cc:17:0d:
57:af:fd:59:ae:a9:cd:ca:02:0d:7e:22:c2:96:44:
6c:40:e8:60:2e:08:e0:41:31:4a:93:5b:a5:69:96:
fd:05:dc:12:82:4d:03:6a:2f:de:c2:f1:41:9a:d1:
99:c2:67:fe:b2:0f:d6:2a:5b:20:99:1d:a8:11:57:
14:94:d2:26:af:6a:0b:e1:38:78:37:90:12:c8:22:
6c:d3:1e:fe:1e:0e:ca:89:98:57:80:29:62:40:9c:
a0:7b:4e:4a:11:be:1f:24:40:00:fa:58:d8:82:5a:
c0:db:d1:85:b7:f8:56:a8:4f:97:70:ca:ad:08:42:
bb:91:d3:74:0f:a4:b3:44:83:34:1a:41:80:08:5c:
d8:9e:4a:9c:a6:a2:25:76:93:b2:4e:ac:ae:df:fe:
b8:9b:ed:f9:19:fb:0e:4b:2e:b9:35:67:b0:78:97:
57:19:0b:5b:48:68:21:7b:3b:20:ab:27:58:08:db:
0f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:5D:29:FD:CE:93:2E:12:A0:8A:E5:E3:D1:ED:39:13:B7:59:E3:34
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/gl0p_c6TLhKgiuXj0e05E7dZ4zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.238.4.0/23
104.238.8.0/23
104.239.30.0/23
104.239.94.0/24
138.128.157.0/24
Signature Algorithm: sha256WithRSAEncryption
87:3f:0c:b4:89:6d:1c:80:76:ab:5f:db:f4:48:e3:c9:bc:27:
db:92:b3:b9:cc:af:07:9d:da:29:df:83:81:8b:b5:87:f5:61:
7c:5d:e2:08:13:39:0d:c1:b1:f4:8f:0a:78:5c:24:6f:36:03:
1e:85:ab:0e:95:39:b0:a6:55:3f:eb:af:b5:fb:06:34:f1:e6:
93:59:89:2f:2b:2f:c2:f8:69:b1:78:64:04:3c:3c:a0:57:d0:
7c:25:af:20:c3:5a:22:bb:66:4d:7a:fe:8b:43:58:58:8f:d9:
77:17:20:da:96:98:ac:85:2c:71:ad:2e:e3:31:c4:5e:35:b3:
f2:4d:b7:f9:ad:43:8b:f5:cc:89:63:19:e9:c7:ba:03:60:a7:
a5:be:18:ca:19:8d:33:ef:af:67:ff:7e:83:01:84:58:f8:49:
de:2f:7a:af:72:e8:ca:d1:b3:d3:01:09:00:2f:15:c7:27:63:
b0:4b:39:a7:e2:60:49:2d:14:29:5e:0c:c8:6c:9c:b1:c1:fa:
72:26:cc:50:d6:e3:1e:99:00:9d:6b:3e:66:e4:31:03:88:e1:
81:21:fb:3b:03:76:0a:15:2b:33:b9:d9:ac:ca:bc:a1:c9:08:
d9:c4:5b:e7:a9:ac:9a:74:b3:a0:96:5d:0d:7b:f6:d3:21:89:
32:66:92:38
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYZK5fuau9FMHH+i55mLES7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMjEzMTMxMDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjVkMjlmZGNlOTMyZTEyYTA4YWU1ZTNkMWVkMzkxM2I3NTllMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmYA73O9w1EcihmFaPjW6+Xn1pK4
Ah/KrvDuXfknSkAnZsPIxXO0crW0WbR11WjiBkATXjWdmmV34aTpQrvRmDmgIO5D
MQ7MFw1Xr/1ZrqnNygINfiLClkRsQOhgLgjgQTFKk1ulaZb9BdwSgk0Dai/ewvFB
mtGZwmf+sg/WKlsgmR2oEVcUlNImr2oL4Th4N5ASyCJs0x7+Hg7KiZhXgCliQJyg
e05KEb4fJEAA+ljYglrA29GFt/hWqE+XcMqtCEK7kdN0D6SzRIM0GkGACFzYnkqc
pqIldpOyTqyu3/64m+35GfsOSy65NWeweJdXGQtbSGghezsgqydYCNsPawIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIJdKf3Oky4SoIrl49HtORO3WeM0MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZ2wwcF9jNlRMaEtnaXVYajBlMDVFN2RaNHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBaO4EAwQB
aO4IAwQBaO8eAwQAaO9eAwQAioCdMA0GCSqGSIb3DQEBCwUAA4IBAQCHPwy0iW0c
gHarX9v0SOPJvCfbkrO5zK8Hndop34OBi7WH9WF8XeIIEzkNwbH0jwp4XCRvNgMe
hasOlTmwplU/66+1+wY08eaTWYkvKy/C+GmxeGQEPDygV9B8Ja8gw1oiu2ZNev6L
Q1hYj9l3FyDalpishSxxrS7jMcReNbPyTbf5rUOL9cyJYxnpx7oDYKelvhjKGY0z
769n/36DAYRY+EneL3qvcujK0bPTAQkALxXHJ2OwSzmn4mBJLRQpXgzIbJyxwfpy
JsxQ1uMemQCdaz5m5DEDiOGBIfs7A3YKFSszudmsyryhyQjZxFvnqayadLOgll0N
e/bTIYkyZpI4
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:54 2024 by rpki-client on console-ams.rpki-client.org