Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ixnMJh5QrhiEEbClgZ3MFILXndE.roa
File: ixnMJh5QrhiEEbClgZ3MFILXndE.roa (raw, json)
Hash identifier: gv8gxzDOx11jO0vs6TmyZ1cmQ9vnZuuhAObrBWlya60=
Subject key identifier: 8B:19:CC:26:1E:50:AE:18:84:11:B0:A5:81:9D:CC:14:82:D7:9D:D1
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0187371A2B953C0BB137091217058D268813
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ixnMJh5QrhiEEbClgZ3MFILXndE.roa
Signing time: Fri 31 Mar 2023 09:57:54 +0000
ROA not before: Fri 31 Mar 2023 09:57:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 64.137.68.0/24 maxlen: 24
64.137.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 May 2023 09:18:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:37:1a:2b:95:3c:0b:b1:37:09:12:17:05:8d:26:88:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 31 09:57:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b19cc261e50ae188411b0a5819dcc1482d79dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a8:9b:35:fe:6a:f4:16:f4:d5:a3:2f:63:9f:
3b:93:31:69:7d:3c:39:99:4c:b5:8f:58:e9:b4:5b:
1c:61:f7:f0:9a:a8:a4:56:68:62:88:67:05:7e:35:
80:13:84:22:23:f5:fc:1f:d6:d5:b1:ef:16:4b:a0:
d3:31:65:2b:49:26:54:43:50:a4:c0:98:38:27:50:
be:e5:dc:4e:d8:86:4c:e1:40:bf:e9:8b:9b:ea:c1:
81:48:05:ee:66:7a:31:7b:b8:04:69:07:39:11:2b:
74:98:26:ff:ba:68:17:ff:22:50:c8:1d:b0:5e:60:
c4:44:20:c5:a4:2e:3c:7e:cc:3d:97:26:d8:39:e5:
96:f5:e3:8d:70:7a:55:35:e1:c9:fb:9c:e6:da:b4:
ed:f8:76:6b:a2:1c:0f:c9:46:c3:ee:a6:f8:10:df:
ce:6f:f9:7b:52:35:57:d5:fa:01:1a:b0:12:03:0d:
bb:c4:85:b8:5b:86:62:75:89:af:88:95:e5:4f:02:
20:ae:e4:de:7c:d9:94:4e:37:be:96:51:5a:62:d3:
ed:4e:35:b2:c8:b0:8c:c1:42:eb:9f:85:41:58:99:
79:45:87:2a:20:6e:f1:bd:e4:3a:1b:d7:a5:bd:73:
da:26:38:5c:d2:68:47:08:7b:fa:a4:9c:bd:78:3b:
6f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:19:CC:26:1E:50:AE:18:84:11:B0:A5:81:9D:CC:14:82:D7:9D:D1
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ixnMJh5QrhiEEbClgZ3MFILXndE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.68.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:b0:49:5c:e2:2f:cd:2a:4c:1b:e7:f0:64:40:7e:a3:10:45:
f1:e3:b9:c1:99:c7:8c:37:8a:e1:14:24:d1:86:0f:8a:c0:51:
de:75:35:ba:4d:7a:cb:ea:af:2d:82:f6:ad:d0:97:51:05:77:
f0:27:1b:0b:ae:aa:aa:68:cf:c4:d6:b0:12:3e:0e:0a:3d:4a:
b3:df:0a:9f:6f:b5:b6:be:9a:fe:eb:27:3b:6f:c3:a4:77:7b:
f5:23:1f:16:4d:22:d8:30:64:52:17:76:8a:6c:cb:91:7d:18:
b8:16:c9:30:81:7e:52:d2:c9:35:dc:60:c8:9b:98:b8:7e:60:
70:70:bf:84:35:40:ed:73:a8:9a:2c:d2:b1:01:71:35:fa:ad:
a1:ba:b8:4a:16:f1:f8:95:a4:ef:ca:93:e6:25:a8:35:bb:0b:
33:1d:81:b6:5b:66:33:78:73:a7:2d:24:ce:5b:77:bf:c8:56:
9b:1e:40:d3:e2:be:0e:c6:56:ea:07:6d:66:7d:e7:eb:7b:87:
65:a3:aa:24:08:68:ce:9b:78:3f:34:e4:5b:20:ff:3b:04:40:
32:c2:18:b4:df:3d:f5:97:70:5e:45:2e:29:ca:90:17:b7:9d:
3d:7e:69:93:41:49:39:3f:b4:7b:47:4c:88:34:6f:9b:c9:59:
af:ec:78:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc3GiuVPAuxNwkSFwWNJogTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMzMxMDk1NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjE5Y2MyNjFlNTBhZTE4ODQxMWIwYTU4MTlkY2MxNDgyZDc5ZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKibNf5q9Bb01aMvY587kzFpfTw5
mUy1j1jptFscYffwmqikVmhiiGcFfjWAE4QiI/X8H9bVse8WS6DTMWUrSSZUQ1Ck
wJg4J1C+5dxO2IZM4UC/6Yub6sGBSAXuZnoxe7gEaQc5ESt0mCb/umgX/yJQyB2w
XmDERCDFpC48fsw9lybYOeWW9eONcHpVNeHJ+5zm2rTt+HZrohwPyUbD7qb4EN/O
b/l7UjVX1foBGrASAw27xIW4W4ZidYmviJXlTwIgruTefNmUTje+llFaYtPtTjWy
yLCMwULrn4VBWJl5RYcqIG7xveQ6G9elvXPaJjhc0mhHCHv6pJy9eDtv2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsZzCYeUK4YhBGwpYGdzBSC153RMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvaXhuTUpoNVFyaGlFRWJDbGdaM01GSUxYbmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBQIlEMA0G
CSqGSIb3DQEBCwUAA4IBAQAssElc4i/NKkwb5/BkQH6jEEXx47nBmceMN4rhFCTR
hg+KwFHedTW6TXrL6q8tgvat0JdRBXfwJxsLrqqqaM/E1rASPg4KPUqz3wqfb7W2
vpr+6yc7b8Okd3v1Ix8WTSLYMGRSF3aKbMuRfRi4FskwgX5S0sk13GDIm5i4fmBw
cL+ENUDtc6iaLNKxAXE1+q2hurhKFvH4laTvypPmJag1uwszHYG2W2YzeHOnLSTO
W3e/yFabHkDT4r4OxlbqB21mfefre4dlo6okCGjOm3g/NORbIP87BEAywhi03z31
l3BeRS4pypAXt509fmmTQUk5P7R7R0yING+byVmv7HiZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org