Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/qTgcpKssHCZ3SZmoIhzzX3qwTtQ.roa
File: qTgcpKssHCZ3SZmoIhzzX3qwTtQ.roa (raw, json)
Hash identifier: fP56GIC1k2Z+bbIO3gGaO/3nwiPuXfmdvrpm13TKiqU=
Subject key identifier: A9:38:1C:A4:AB:2C:1C:26:77:49:99:A8:22:1C:F3:5F:7A:B0:4E:D4
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CFD7965D8CBCC7122542F8EFE7FB5913F
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/qTgcpKssHCZ3SZmoIhzzX3qwTtQ.roa
Signing time: Fri 12 Jan 2024 11:40:40 +0000
ROA not before: Fri 12 Jan 2024 11:40:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 104.238.26.0/24 maxlen: 24
104.238.29.0/24 maxlen: 24
104.233.63.0/24 maxlen: 24
104.233.60.0/24 maxlen: 24
104.233.61.0/24 maxlen: 24
104.233.62.0/24 maxlen: 24
104.239.49.0/24 maxlen: 24
104.239.50.0/24 maxlen: 24
104.239.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 22:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:79:65:d8:cb:cc:71:22:54:2f:8e:fe:7f:b5:91:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 12 11:40:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9381ca4ab2c1c26774999a8221cf35f7ab04ed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4b:84:46:ca:39:2f:0c:7f:cd:9e:4d:28:23:
f3:f4:2e:31:0f:c3:d3:63:dd:a4:2c:7c:a2:09:12:
8d:45:7d:eb:cc:ff:47:66:88:cf:53:33:cb:55:be:
4c:42:ef:27:da:9a:03:62:34:ad:e0:75:da:ef:99:
8c:33:8b:4f:b1:1d:3b:b6:d6:85:f6:37:74:a7:ab:
3b:af:0a:d5:d0:51:df:04:36:9c:ba:77:0c:7b:f6:
4f:6a:4d:be:e7:90:df:37:32:8a:1e:f3:15:ed:b8:
88:36:0f:05:0a:00:9c:e2:d4:91:cf:94:bb:d8:c0:
40:51:02:10:7f:85:bb:79:bb:b0:18:c9:1e:72:aa:
1c:0f:cf:e4:a7:09:c7:f3:3c:94:5c:ee:ec:79:56:
8a:9e:a2:e9:75:02:9e:e7:e4:9b:3f:58:a1:50:31:
21:c6:e3:ea:80:8a:e1:ab:8c:d4:ed:e5:44:0b:ea:
52:19:b1:46:16:17:93:a6:fb:a1:f1:9a:87:1c:51:
dc:f2:16:90:a9:d0:16:e8:4b:9b:e8:d1:32:ba:bc:
2a:50:4a:67:6b:82:a1:f4:92:3b:67:cc:b3:f6:66:
36:8a:f9:d4:9a:0a:5d:f0:8d:c9:40:ce:8b:56:6f:
c2:37:ad:7e:35:6e:cd:1e:08:b1:b4:c2:3d:e0:5c:
2d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:38:1C:A4:AB:2C:1C:26:77:49:99:A8:22:1C:F3:5F:7A:B0:4E:D4
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/qTgcpKssHCZ3SZmoIhzzX3qwTtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.60.0/22
104.238.26.0/24
104.238.29.0/24
104.239.49.0-104.239.51.255
Signature Algorithm: sha256WithRSAEncryption
48:15:f1:da:d9:8a:15:30:dc:54:30:68:fc:e9:de:48:7e:c1:
98:d3:d6:ef:9b:fd:c9:ad:14:93:ad:8e:31:71:0a:f7:df:70:
3e:75:d9:65:d2:7a:ba:0e:a1:fe:b7:bb:66:3a:c3:13:f1:90:
bb:1a:1a:71:b2:37:aa:87:19:c6:f2:43:e7:e1:72:1e:89:ef:
5c:2d:cf:38:8d:6c:a5:10:6b:50:81:52:d5:94:55:2a:af:6b:
80:00:ba:ba:2e:72:86:61:32:38:65:32:cd:b4:4c:90:d8:02:
85:fb:31:53:12:03:e1:c6:c8:be:41:42:71:ac:3d:e2:3d:99:
b9:25:96:50:a1:6e:6a:9f:38:1a:22:fb:84:29:74:a2:96:22:
6b:85:71:4d:84:57:91:9f:5d:fb:3b:f1:c3:68:29:8f:05:03:
e7:ea:fa:43:31:c9:59:a9:ce:62:2a:1c:60:c4:53:54:1e:a1:
b4:43:e7:08:91:11:cb:66:11:8f:86:be:65:e0:e0:17:24:8d:
f4:64:37:28:ac:fb:60:9f:83:4e:a2:ef:08:30:10:45:de:6a:
69:69:e0:48:61:98:4b:84:e5:d0:ff:34:2e:63:d8:0d:0a:cd:
03:86:11:d5:4b:90:4f:66:88:7d:d8:36:4d:ae:aa:7b:1c:4a:
27:a0:30:42
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYz9eWXYy8xxIlQvjv5/tZE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTEyMTE0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTM4MWNhNGFiMmMxYzI2Nzc0OTk5YTgyMjFjZjM1ZjdhYjA0ZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikuERso5Lwx/zZ5NKCPz9C4xD8PT
Y92kLHyiCRKNRX3rzP9HZojPUzPLVb5MQu8n2poDYjSt4HXa75mMM4tPsR07ttaF
9jd0p6s7rwrV0FHfBDacuncMe/ZPak2+55DfNzKKHvMV7biINg8FCgCc4tSRz5S7
2MBAUQIQf4W7ebuwGMkecqocD8/kpwnH8zyUXO7seVaKnqLpdQKe5+SbP1ihUDEh
xuPqgIrhq4zU7eVEC+pSGbFGFheTpvuh8ZqHHFHc8haQqdAW6Eub6NEyurwqUEpn
a4Kh9JI7Z8yz9mY2ivnUmgpd8I3JQM6LVm/CN61+NW7NHgixtMI94FwtsQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKk4HKSrLBwmd0mZqCIc8196sE7UMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvcVRnY3BLc3NIQ1ozU1ptb0loenpYM3F3VHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCaOk8AwQA
aO4aAwQAaO4dMAwDBABo7zEDBAJo7zAwDQYJKoZIhvcNAQELBQADggEBAEgV8drZ
ihUw3FQwaPzp3kh+wZjT1u+b/cmtFJOtjjFxCvffcD512WXSeroOof63u2Y6wxPx
kLsaGnGyN6qHGcbyQ+fhch6J71wtzziNbKUQa1CBUtWUVSqva4AAuroucoZhMjhl
Ms20TJDYAoX7MVMSA+HGyL5BQnGsPeI9mbklllChbmqfOBoi+4QpdKKWImuFcU2E
V5GfXfs78cNoKY8FA+fq+kMxyVmpzmIqHGDEU1QeobRD5wiREctmEY+GvmXg4Bck
jfRkNyis+2Cfg06i7wgwEEXeamlp4EhhmEuE5dD/NC5j2A0KzQOGEdVLkE9miH3Y
Nk2uqnscSiegMEI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org