Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/lTjKMvf91pQyK1pfZ-UlGeTiJEM.roa
File: lTjKMvf91pQyK1pfZ-UlGeTiJEM.roa (raw, json)
Hash identifier: pbLM05lANwJFX+toyCngXsxIrCD6JjLUH2hvZ7itrko=
Subject key identifier: 95:38:CA:32:F7:FD:D6:94:32:2B:5A:5F:67:E5:25:19:E4:E2:24:43
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794CBBBEA016F38B9C6AA8E37951438
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/lTjKMvf91pQyK1pfZ-UlGeTiJEM.roa
Signing time: Tue 02 Jan 2024 00:31:06 +0000
ROA not before: Tue 02 Jan 2024 00:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11426
IP address blocks: 104.249.32.0/22 maxlen: 22
104.249.56.0/22 maxlen: 22
45.43.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 14 Mar 2024 21:55:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:cb:bb:ea:01:6f:38:b9:c6:aa:8e:37:95:14:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9538ca32f7fdd694322b5a5f67e52519e4e22443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:00:23:88:62:d5:5e:1d:e5:bf:1b:b5:4c:93:
c3:0a:65:d6:b9:62:8a:d5:ca:2a:3e:ca:d7:43:88:
73:a5:73:41:bf:28:57:bd:03:6c:5d:30:e8:10:66:
69:ca:05:6e:4c:7b:5a:d3:d2:7a:6d:25:90:30:76:
42:54:de:32:d4:d6:8e:1e:f6:b0:6a:f4:b3:63:99:
90:0a:47:e6:32:04:17:a1:4a:ea:b8:97:06:c8:74:
4b:e1:c4:6c:60:be:6b:c0:98:26:16:ba:e7:fa:55:
02:c9:26:6d:2a:93:e5:90:7f:e5:2c:22:24:b2:a0:
03:4c:54:41:ff:ab:a6:4a:49:5b:27:b9:47:24:2a:
8e:b9:ad:71:36:d3:3b:1e:66:d9:f0:c9:6a:33:97:
72:05:58:1b:34:f8:42:23:da:46:eb:78:8c:58:ba:
9d:53:78:06:c5:a6:55:08:84:cf:e0:7c:f1:56:96:
34:fe:3b:f2:3b:42:f2:f0:a4:41:3e:63:e4:ff:9f:
84:bc:e3:c1:da:f6:25:e2:3a:89:83:eb:8c:e9:64:
af:6e:28:bf:2c:f8:c2:7a:1d:62:74:3f:2a:4c:ab:
4d:0b:5c:9b:98:52:03:2d:37:49:be:14:23:eb:7e:
98:fd:0c:17:23:17:a4:0e:cd:08:f0:88:79:dd:8f:
c1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:38:CA:32:F7:FD:D6:94:32:2B:5A:5F:67:E5:25:19:E4:E2:24:43
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/lTjKMvf91pQyK1pfZ-UlGeTiJEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.132.0/22
104.249.32.0/22
104.249.56.0/22
Signature Algorithm: sha256WithRSAEncryption
84:70:f4:d1:3a:ba:f0:50:32:28:da:95:ed:62:d4:81:76:12:
af:6f:42:9d:d6:ab:59:f4:d8:f3:b4:e9:3e:0f:97:e8:42:09:
5a:04:16:4f:46:ab:81:e5:6e:73:f4:28:1c:d2:65:04:48:9d:
00:eb:ab:28:47:bb:4e:4b:e6:e9:b7:4c:89:29:19:dd:73:52:
9f:ab:82:21:35:31:f7:e8:16:2d:e7:28:5c:6a:b6:d2:5b:23:
c1:e9:96:cf:81:29:f1:9e:eb:6f:d7:b9:0b:de:04:03:6e:22:
ec:36:19:e6:66:40:6e:72:d6:72:d1:79:b7:ec:0f:0d:91:f8:
db:6c:60:e5:ed:a9:0a:c6:64:12:69:c3:73:a3:34:c7:ac:56:
8c:2b:2c:47:a9:0d:4f:59:94:95:be:2d:6c:2a:f3:06:11:0c:
12:09:dc:87:ec:aa:7a:79:a8:13:7c:1d:68:44:ca:8f:9d:73:
48:4e:3b:1a:93:5f:d9:68:a7:2a:22:68:0f:cc:58:96:ba:bb:
a8:4c:19:4a:ed:fd:4e:da:d8:f4:4a:8b:65:10:30:1a:63:6c:
b1:5c:de:0e:01:29:b9:ef:09:b7:ba:d4:8f:c9:76:05:b6:dc:
62:61:20:e6:a4:46:10:13:b0:2e:e6:b8:de:9f:a5:21:eb:56:
1c:84:9a:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlMu76gFvOLnGqo43lRQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTM4Y2EzMmY3ZmRkNjk0MzIyYjVhNWY2N2U1MjUxOWU0ZTIyNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAAjiGLVXh3lvxu1TJPDCmXWuWKK
1coqPsrXQ4hzpXNBvyhXvQNsXTDoEGZpygVuTHta09J6bSWQMHZCVN4y1NaOHvaw
avSzY5mQCkfmMgQXoUrquJcGyHRL4cRsYL5rwJgmFrrn+lUCySZtKpPlkH/lLCIk
sqADTFRB/6umSklbJ7lHJCqOua1xNtM7HmbZ8MlqM5dyBVgbNPhCI9pG63iMWLqd
U3gGxaZVCITP4HzxVpY0/jvyO0Ly8KRBPmPk/5+EvOPB2vYl4jqJg+uM6WSvbii/
LPjCeh1idD8qTKtNC1ybmFIDLTdJvhQj636Y/QwXIxekDs0I8Ih53Y/B0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJU4yjL3/daUMitaX2flJRnk4iRDMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvbFRqS012ZjkxcFF5SzFwZlotVWxHZVRpSkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLSuEAwQC
aPkgAwQCaPk4MA0GCSqGSIb3DQEBCwUAA4IBAQCEcPTROrrwUDIo2pXtYtSBdhKv
b0Kd1qtZ9NjztOk+D5foQglaBBZPRquB5W5z9Cgc0mUESJ0A66soR7tOS+bpt0yJ
KRndc1Kfq4IhNTH36BYt5yhcarbSWyPB6ZbPgSnxnutv17kL3gQDbiLsNhnmZkBu
ctZy0Xm37A8NkfjbbGDl7akKxmQSacNzozTHrFaMKyxHqQ1PWZSVvi1sKvMGEQwS
CdyH7Kp6eagTfB1oRMqPnXNITjsak1/ZaKcqImgPzFiWuruoTBlK7f1O2tj0Sotl
EDAaY2yxXN4OASm57wm3utSPyXYFttxiYSDmpEYQE7Au5rjen6Uh61YchJq2
-----END CERTIFICATE-----
Generated at Thu Mar 14 23:34:41 2024 by rpki-client on console-fra.rpki-client.org