Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/mA27PY5xdXNYP5Dqthu0tETTPcM.roa
File: mA27PY5xdXNYP5Dqthu0tETTPcM.roa (raw, json)
Hash identifier: AYWAOQIvHUM0wFmIsxTO5RmDtEGXV+kmFFHwsvmdAQ0=
Subject key identifier: 98:0D:BB:3D:8E:71:75:73:58:3F:90:EA:B6:1B:B4:B4:44:D3:3D:C3
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018872CF5B3D1405A9F1E2D2E8BB729E71A9
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/mA27PY5xdXNYP5Dqthu0tETTPcM.roa
Signing time: Wed 31 May 2023 17:16:11 +0000
ROA not before: Wed 31 May 2023 17:16:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13886
IP address blocks: 104.238.26.0/24 maxlen: 24
45.150.32.0/22 maxlen: 22
45.43.165.0/24 maxlen: 24
64.137.33.0/24 maxlen: 24
64.137.47.0/24 maxlen: 24
64.137.55.0/24 maxlen: 24
64.137.69.0/24 maxlen: 24
64.137.76.0/24 maxlen: 24
206.124.104.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:cf:5b:3d:14:05:a9:f1:e2:d2:e8:bb:72:9e:71:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 31 17:16:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=980dbb3d8e717573583f90eab61bb4b444d33dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bb:5c:a1:5b:ec:81:a1:94:c9:56:92:9a:e2:
c3:b1:35:7e:9d:8f:78:b2:44:32:b8:82:3e:09:28:
59:a5:5d:9c:79:48:ba:b3:08:ad:ff:a8:b9:01:09:
62:9e:fd:a3:5b:43:8a:7c:26:c0:86:3f:c4:74:62:
b9:aa:3a:fd:be:ab:b2:cc:a8:33:28:ed:58:8e:39:
cd:81:a1:0e:a0:9a:5b:18:1d:1a:83:35:1c:e6:8a:
ca:61:86:2f:7e:d4:95:50:60:59:5d:fe:07:71:a7:
e7:2b:ef:16:cc:e0:82:63:5e:d4:82:d3:5c:32:34:
76:94:a0:e4:23:7e:03:4a:21:19:46:7a:27:3f:f8:
cd:5f:a3:b5:65:29:e6:a8:d3:f6:b4:8b:3a:0b:6c:
61:c0:26:45:d8:53:ea:37:82:11:3a:13:8e:00:c1:
47:71:64:94:ba:33:47:93:29:39:e3:c0:66:74:d7:
42:1b:a8:ba:93:65:b2:ce:c8:ab:99:a7:5f:0f:ed:
b9:e6:08:42:2a:e5:f6:e8:8b:15:d5:dc:72:ff:e9:
e5:95:b7:ca:f5:61:b5:5f:f6:9f:7c:e7:89:f7:d3:
b0:0a:7e:ba:02:24:fb:4d:90:b4:f9:eb:9b:3e:7b:
3f:9b:3f:d6:08:7d:ab:ac:d3:ee:69:b2:1a:53:1b:
cc:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0D:BB:3D:8E:71:75:73:58:3F:90:EA:B6:1B:B4:B4:44:D3:3D:C3
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/mA27PY5xdXNYP5Dqthu0tETTPcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.165.0/24
45.150.32.0/22
64.137.33.0/24
64.137.47.0/24
64.137.55.0/24
64.137.69.0/24
64.137.76.0/24
104.238.26.0/24
206.124.104.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:3f:65:7d:24:94:b3:f9:f1:39:00:81:5d:64:0a:cc:be:66:
72:eb:b2:4d:46:fa:ea:b7:bb:40:0a:0e:f7:10:81:3c:84:a1:
a4:fc:4a:69:f1:ad:80:15:78:cd:91:e4:19:a2:c1:e9:1f:31:
ab:43:1f:a1:78:80:96:58:d4:57:4c:3f:fd:48:68:72:ba:33:
5a:6c:0e:13:ae:65:74:e8:9a:b7:31:f2:f1:62:a3:7a:16:46:
53:40:f9:55:3d:b7:10:69:08:56:64:fc:de:85:1c:2f:dc:93:
ec:1a:a0:dd:f0:0c:52:65:7e:35:97:45:27:d6:0b:20:dc:42:
e3:1b:6f:11:8d:f8:44:c5:a8:e2:29:51:f1:f4:c9:42:66:ad:
e3:18:19:ca:1b:d2:f6:1c:5f:ce:80:9c:2f:2b:86:a8:17:2d:
7f:f9:d5:7a:3b:62:c0:db:fc:0c:21:45:5e:26:6d:ab:eb:5c:
2d:fd:4a:c7:f0:d2:c1:56:19:ab:05:bd:e2:dd:ec:2c:29:a2:
ae:2e:d6:ca:b4:d7:b6:03:be:d0:b1:ec:68:b9:70:ce:f0:12:
05:14:f8:1e:79:5a:d0:ad:d1:89:f5:ee:90:93:fa:db:b9:54:
70:2c:34:76:c6:50:76:2d:34:dd:5f:ce:ff:fb:9d:22:02:8c:
18:4c:08:1a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYhyz1s9FAWp8eLS6LtynnGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNTMxMTcxNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBkYmIzZDhlNzE3NTczNTgzZjkwZWFiNjFiYjRiNDQ0ZDMzZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbtcoVvsgaGUyVaSmuLDsTV+nY94
skQyuII+CShZpV2ceUi6swit/6i5AQlinv2jW0OKfCbAhj/EdGK5qjr9vquyzKgz
KO1YjjnNgaEOoJpbGB0agzUc5orKYYYvftSVUGBZXf4HcafnK+8WzOCCY17UgtNc
MjR2lKDkI34DSiEZRnonP/jNX6O1ZSnmqNP2tIs6C2xhwCZF2FPqN4IROhOOAMFH
cWSUujNHkyk548BmdNdCG6i6k2WyzsirmadfD+255ghCKuX26IsV1dxy/+nllbfK
9WG1X/affOeJ99OwCn66AiT7TZC0+eubPns/mz/WCH2rrNPuabIaUxvM4wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJgNuz2OcXVzWD+Q6rYbtLRE0z3DMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvbUEyN1BZNXhkWE5ZUDVEcXRodTB0RVRUUGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALSulAwQC
LZYgAwQAQIkhAwQAQIkvAwQAQIk3AwQAQIlFAwQAQIlMAwQAaO4aAwQDznxoMA0G
CSqGSIb3DQEBCwUAA4IBAQA+P2V9JJSz+fE5AIFdZArMvmZy67JNRvrqt7tACg73
EIE8hKGk/Epp8a2AFXjNkeQZosHpHzGrQx+heICWWNRXTD/9SGhyujNabA4TrmV0
6Jq3MfLxYqN6FkZTQPlVPbcQaQhWZPzehRwv3JPsGqDd8AxSZX41l0Un1gsg3ELj
G28RjfhExajiKVHx9MlCZq3jGBnKG9L2HF/OgJwvK4aoFy1/+dV6O2LA2/wMIUVe
Jm2r61wt/UrH8NLBVhmrBb3i3ewsKaKuLtbKtNe2A77QsexouXDO8BIFFPgeeVrQ
rdGJ9e6Qk/rbuVRwLDR2xlB2LTTdX87/+50iAowYTAga
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org