Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/i_CZ9mkufh8fCQnLCxFpkV5ITrg.roa
File: i_CZ9mkufh8fCQnLCxFpkV5ITrg.roa (raw, json)
Hash identifier: K/At9JPwGzLuN+EnFS90jcVckCtHPgZ5Y3haigBL1cA=
Subject key identifier: 8B:F0:99:F6:69:2E:7E:1F:1F:09:09:CB:0B:11:69:91:5E:48:4E:B8
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185725EBD30271371A298DB211FB68DE6FD
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/i_CZ9mkufh8fCQnLCxFpkV5ITrg.roa
Signing time: Mon 02 Jan 2023 12:04:49 +0000
ROA not before: Mon 02 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202044
IP address blocks: 104.167.10.0/24 maxlen: 24
104.222.184.0/22 maxlen: 22
104.239.40.0/22 maxlen: 22
64.137.96.0/22 maxlen: 22
64.137.92.0/23 maxlen: 23
104.233.16.0/22 maxlen: 22
216.173.72.0/22 maxlen: 22
104.143.224.0/22 maxlen: 22
104.143.244.0/23 maxlen: 23
64.137.56.0/23 maxlen: 23
104.143.246.0/24 maxlen: 24
104.238.8.0/23 maxlen: 23
138.128.148.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5e:bd:30:27:13:71:a2:98:db:21:1f:b6:8d:e6:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bf099f6692e7e1f1f0909cb0b1169915e484eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dd:d6:49:24:4c:c3:ee:8e:a2:f0:c2:4f:fd:
72:74:3d:78:40:14:9d:bb:26:c7:52:7c:a6:d0:c1:
76:dc:83:85:02:41:6e:27:84:a7:98:0c:9d:12:95:
51:2f:8a:d7:1b:b6:c7:e5:f7:7f:fb:84:18:32:73:
2e:2e:c1:d1:cc:bc:d6:20:e6:ec:a6:1a:eb:c9:1c:
75:bd:8e:6b:1a:f8:16:06:58:8a:88:52:57:c0:36:
fb:7e:85:5b:b0:8f:6b:69:11:51:76:2c:b4:90:32:
be:95:64:61:19:2b:0d:ab:a2:a9:f1:d2:5b:27:ec:
33:2a:09:d2:2e:73:31:27:f1:02:df:6a:ca:9e:df:
30:36:41:81:8d:cc:0e:d7:ec:9d:20:0d:5c:d5:c4:
df:3e:bb:be:bb:66:7b:c1:64:30:6f:be:1f:f9:3f:
50:c9:23:82:e0:90:b1:6d:74:1b:61:d2:8f:bc:11:
84:1f:57:2a:2e:6d:4e:92:7e:59:c0:32:55:71:4d:
c8:16:3c:65:d4:86:64:29:ce:a1:0d:4b:35:32:1e:
0d:79:bf:f0:e8:33:f8:a8:4c:30:f6:87:cd:c2:b4:
1c:2a:a7:ca:d9:5e:70:ab:9b:0d:96:c7:2a:e8:6f:
a7:c4:f6:ca:62:20:07:50:86:69:0a:9d:83:fb:95:
8a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F0:99:F6:69:2E:7E:1F:1F:09:09:CB:0B:11:69:91:5E:48:4E:B8
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/i_CZ9mkufh8fCQnLCxFpkV5ITrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.56.0/23
64.137.92.0/23
64.137.96.0/22
104.143.224.0/22
104.143.244.0-104.143.246.255
104.167.10.0/24
104.222.184.0/22
104.233.16.0/22
104.238.8.0/23
104.239.40.0/22
138.128.148.0/24
216.173.72.0/22
Signature Algorithm: sha256WithRSAEncryption
69:4c:d2:64:ea:50:ad:a5:d5:a3:40:ac:53:a9:db:70:2d:71:
26:f4:f6:1b:9e:c6:aa:e5:5a:49:43:d0:6b:3b:cc:31:ac:92:
47:77:7a:e0:97:27:ef:93:d9:99:4b:6b:a6:fb:61:58:86:ec:
56:00:b2:87:2f:94:51:ef:1a:25:ff:d7:07:68:aa:a4:c2:81:
0d:11:9a:0f:ce:91:ab:8f:37:11:a4:9a:5a:ad:c8:54:89:48:
54:76:3c:d4:82:7b:33:7d:08:78:1f:9b:c6:71:c1:2f:75:17:
4e:29:8b:00:ff:32:52:b8:91:40:16:9b:c4:c7:a6:e8:9b:46:
68:2a:41:04:b3:7f:c2:76:fc:9d:f9:f9:df:6e:b4:71:02:5f:
6e:7f:49:f5:e5:33:24:13:4a:b0:9d:3e:5c:12:f0:0a:bd:78:
92:3a:ec:de:9b:3f:3b:3f:a1:f8:43:0f:2a:af:29:86:79:e2:
76:32:fc:e9:f5:8a:0c:0a:ac:4c:2f:3b:0a:b8:dc:a8:37:84:
6a:7f:3a:f4:4d:dc:fc:60:eb:b6:f4:8f:45:18:b6:e0:ef:54:
83:9b:df:67:47:51:91:17:5a:16:05:de:8b:29:87:96:fb:c4:
2f:25:d2:9b:75:b2:44:8d:5b:ea:b5:6e:82:75:f8:a8:8a:32:
2e:94:fb:22
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYVyXr0wJxNxopjbIR+2jeb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmYwOTlmNjY5MmU3ZTFmMWYwOTA5Y2IwYjExNjk5MTVlNDg0ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd3WSSRMw+6OovDCT/1ydD14QBSd
uybHUnym0MF23IOFAkFuJ4SnmAydEpVRL4rXG7bH5fd/+4QYMnMuLsHRzLzWIObs
phrryRx1vY5rGvgWBliKiFJXwDb7foVbsI9raRFRdiy0kDK+lWRhGSsNq6Kp8dJb
J+wzKgnSLnMxJ/EC32rKnt8wNkGBjcwO1+ydIA1c1cTfPru+u2Z7wWQwb74f+T9Q
ySOC4JCxbXQbYdKPvBGEH1cqLm1Okn5ZwDJVcU3IFjxl1IZkKc6hDUs1Mh4Neb/w
6DP4qEww9ofNwrQcKqfK2V5wq5sNlscq6G+nxPbKYiAHUIZpCp2D+5WKzQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFIvwmfZpLn4fHwkJywsRaZFeSE64MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvaV9DWjlta3VmaDhmQ1FuTEN4RnBrVjVJVHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBQIk4AwQB
QIlcAwQCQIlgAwQCaI/gMAwDBAJoj/QDBABoj/YDBABopwoDBAJo3rgDBAJo6RAD
BAFo7ggDBAJo7ygDBACKgJQDBALYrUgwDQYJKoZIhvcNAQELBQADggEBAGlM0mTq
UK2l1aNArFOp23AtcSb09huexqrlWklD0Gs7zDGskkd3euCXJ++T2ZlLa6b7YViG
7FYAsocvlFHvGiX/1wdoqqTCgQ0Rmg/OkauPNxGkmlqtyFSJSFR2PNSCezN9CHgf
m8ZxwS91F04piwD/MlK4kUAWm8THpuibRmgqQQSzf8J2/J35+d9utHECX25/SfXl
MyQTSrCdPlwS8Aq9eJI67N6bPzs/ofhDDyqvKYZ54nYy/On1igwKrEwvOwq43Kg3
hGp/OvRN3Pxg67b0j0UYtuDvVIOb32dHUZEXWhYF3osph5b7xC8l0pt1skSNW+q1
boJ1+KiKMi6U+yI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:40 2024 by rpki-client on console-fra.rpki-client.org