Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/hbm8pvoRvozoQARDigNAGxNH-dU.roa
File: hbm8pvoRvozoQARDigNAGxNH-dU.roa (raw, json)
Hash identifier: ZCC0inlN17NQD1v5e8fJhkc6kg8t4VuChDWnTqJVB6w=
Subject key identifier: 85:B9:BC:A6:FA:11:BE:8C:E8:40:04:43:8A:03:40:1B:13:47:F9:D5
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01878F0722046240BFDBB9C9090B6FE6EF65
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/hbm8pvoRvozoQARDigNAGxNH-dU.roa
Signing time: Mon 17 Apr 2023 11:43:41 +0000
ROA not before: Mon 17 Apr 2023 11:43:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 64.137.39.0/24 maxlen: 24
64.137.76.0/24 maxlen: 24
64.137.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 May 2023 14:35:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8f:07:22:04:62:40:bf:db:b9:c9:09:0b:6f:e6:ef:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 17 11:43:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85b9bca6fa11be8ce84004438a03401b1347f9d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:60:8a:7a:4f:91:3c:bc:ce:bd:1f:53:31:1b:
11:c2:3d:a5:f1:8b:b4:aa:53:9c:6e:b1:45:c4:7e:
08:2e:aa:7e:b4:6c:b3:2c:cf:80:f5:35:17:f2:9f:
3e:8f:9c:83:96:81:99:83:d2:25:38:98:95:7f:27:
27:09:aa:0d:8f:e4:dc:38:43:02:1d:f1:f4:83:28:
fe:e0:34:be:57:9f:9a:b2:cb:14:b9:cd:04:6e:94:
8c:ce:26:87:c6:e8:ea:cb:eb:cb:ec:5e:51:af:22:
c6:cd:3d:30:be:92:f4:f4:22:7b:da:1b:43:76:8d:
5d:e7:3e:45:b4:5e:a4:76:dd:0d:15:ef:8c:07:bc:
23:79:bb:30:66:49:f3:f8:0f:0f:f6:a6:cd:93:ee:
89:38:c2:7e:b8:5a:69:41:64:9b:42:88:d3:8b:1b:
f8:e5:b7:6c:a7:32:a1:07:e5:61:21:be:9e:de:34:
ca:e8:05:0d:84:f3:a8:dd:5c:8a:e5:aa:a6:cc:fd:
e4:7b:8e:88:81:bc:36:ee:26:76:ee:5d:2a:53:4f:
24:e0:76:46:98:91:0b:ea:fa:54:38:e9:0e:04:65:
8d:d5:82:f0:4c:de:4b:6e:2e:fc:f7:11:81:07:81:
25:bd:e3:7a:61:21:3e:1b:1d:38:a5:37:62:d5:91:
15:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B9:BC:A6:FA:11:BE:8C:E8:40:04:43:8A:03:40:1B:13:47:F9:D5
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/hbm8pvoRvozoQARDigNAGxNH-dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.39.0/24
64.137.76.0/24
64.137.102.0/24
Signature Algorithm: sha256WithRSAEncryption
75:8e:86:76:8c:d3:48:7b:f6:4c:78:10:ea:6a:c5:87:17:d4:
a7:a4:74:14:8a:b3:fb:0e:64:3e:b5:de:84:9b:7d:ac:9c:2a:
1b:9a:ab:3e:e7:ff:34:c8:bf:e0:9d:96:af:73:05:f4:c0:8b:
af:4d:ba:af:32:86:aa:99:6e:94:ea:43:11:5b:bb:6f:3b:72:
02:fa:a8:45:da:90:d1:30:93:1a:48:06:fd:b1:0a:50:fa:66:
1d:ce:58:ce:14:98:51:d5:73:48:d9:32:8f:ee:d8:96:c7:3b:
6d:e3:38:cc:01:f7:67:2b:a8:10:6f:1d:cc:11:61:70:40:a6:
4c:ef:6e:be:f3:7d:23:52:73:92:72:a3:21:cc:8a:c2:8e:72:
5f:36:fe:50:15:48:a1:01:4d:97:5b:9a:a3:e6:0b:96:1c:13:
94:56:0b:3c:00:35:0f:6d:e4:31:f7:ee:27:35:0b:74:32:8a:
1f:bc:93:b6:95:0d:9b:20:ef:f3:0d:2f:a3:67:64:28:f1:aa:
97:3b:43:9d:ae:19:a4:07:89:d4:9a:08:0c:6e:c9:4c:df:b1:
1a:f4:e9:57:fb:ff:07:f3:0a:ea:13:59:bd:58:ee:97:b3:75:
4c:27:ca:1d:f7:b8:73:46:2f:7a:a6:87:27:98:1e:ba:8b:47:
94:69:8b:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYePByIEYkC/27nJCQtv5u9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNDE3MTE0MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI5YmNhNmZhMTFiZThjZTg0MDA0NDM4YTAzNDAxYjEzNDdmOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2CKek+RPLzOvR9TMRsRwj2l8Yu0
qlOcbrFFxH4ILqp+tGyzLM+A9TUX8p8+j5yDloGZg9IlOJiVfycnCaoNj+TcOEMC
HfH0gyj+4DS+V5+asssUuc0EbpSMziaHxujqy+vL7F5RryLGzT0wvpL09CJ72htD
do1d5z5FtF6kdt0NFe+MB7wjebswZknz+A8P9qbNk+6JOMJ+uFppQWSbQojTixv4
5bdspzKhB+VhIb6e3jTK6AUNhPOo3VyK5aqmzP3ke46Igbw27iZ27l0qU08k4HZG
mJEL6vpUOOkOBGWN1YLwTN5Lbi789xGBB4ElveN6YSE+Gx04pTdi1ZEV8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIW5vKb6Eb6M6EAEQ4oDQBsTR/nVMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvaGJtOHB2b1J2b3pvUUFSRGlnTkFHeE5ILWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAQIknAwQA
QIlMAwQAQIlmMA0GCSqGSIb3DQEBCwUAA4IBAQB1joZ2jNNIe/ZMeBDqasWHF9Sn
pHQUirP7DmQ+td6Em32snCobmqs+5/80yL/gnZavcwX0wIuvTbqvMoaqmW6U6kMR
W7tvO3IC+qhF2pDRMJMaSAb9sQpQ+mYdzljOFJhR1XNI2TKP7tiWxztt4zjMAfdn
K6gQbx3MEWFwQKZM726+830jUnOScqMhzIrCjnJfNv5QFUihAU2XW5qj5guWHBOU
Vgs8ADUPbeQx9+4nNQt0MoofvJO2lQ2bIO/zDS+jZ2Qo8aqXO0OdrhmkB4nUmggM
bslM37Ea9OlX+/8H8wrqE1m9WO6Xs3VMJ8od97hzRi96pocnmB66i0eUaYsu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org