Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/udJzrocrm7ddT9bcHSmh6K7QpKY.roa
File: udJzrocrm7ddT9bcHSmh6K7QpKY.roa (raw, json)
Hash identifier: 7N1cd3bC5H6xBPdjjRsw+uqjTc8nA2xWUr8nJszEuOc=
Subject key identifier: B9:D2:73:AE:87:2B:9B:B7:5D:4F:D6:DC:1D:29:A1:E8:AE:D0:A4:A6
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01867AE166132C758CEB1B7EC12823F72DB6
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/udJzrocrm7ddT9bcHSmh6K7QpKY.roa
Signing time: Wed 22 Feb 2023 20:47:17 +0000
ROA not before: Wed 22 Feb 2023 20:47:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 64.137.122.0/23 maxlen: 23
64.137.125.0/24 maxlen: 24
64.137.120.0/24 maxlen: 24
64.137.119.0/24 maxlen: 24
64.137.127.0/24 maxlen: 24
64.137.23.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
64.137.109.0/24 maxlen: 24
64.137.110.0/23 maxlen: 23
64.137.113.0/24 maxlen: 24
64.137.115.0/24 maxlen: 24
64.137.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Mar 2023 17:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:e1:66:13:2c:75:8c:eb:1b:7e:c1:28:23:f7:2d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Feb 22 20:47:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9d273ae872b9bb75d4fd6dc1d29a1e8aed0a4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:96:34:fa:cf:6c:4c:fb:cb:f9:60:07:4e:ac:
7e:a4:11:b3:89:c9:eb:7d:52:98:1f:1c:7c:1c:5b:
c3:ab:e6:f2:28:58:a3:c7:9e:a8:d0:18:a0:06:e3:
96:df:f5:ce:5f:9c:b7:b0:70:1f:7c:76:48:2e:49:
a5:c3:78:27:d5:13:4f:5f:77:84:c3:ad:88:33:0c:
7f:a7:65:5f:e6:7f:80:4a:9d:40:f5:49:7b:20:09:
99:cb:3a:e6:4a:f4:0f:6b:8e:0e:39:19:e2:60:24:
bd:b4:d4:6e:c4:80:6d:71:90:1b:d1:b8:91:ed:75:
da:aa:93:82:69:7e:61:fa:a3:af:79:22:b4:4b:18:
14:be:31:f4:2f:f5:ed:46:32:e1:3d:9b:8f:4c:87:
a8:ba:65:eb:28:8c:80:97:59:9f:81:fb:eb:08:0b:
9b:4a:c9:d6:4b:85:76:89:79:25:a3:cf:94:aa:01:
b7:ec:a2:81:23:4a:c2:b4:e3:33:45:bc:2e:7b:3d:
19:aa:cd:5c:0e:dd:be:82:20:12:1b:70:a2:b5:8c:
7b:dc:46:b7:df:38:72:1a:72:46:96:b3:d5:42:ec:
ea:ec:fe:f6:ff:a2:c4:1a:73:d0:9c:3e:3e:20:8f:
32:e4:f7:6c:ca:5b:9e:6d:20:9c:36:20:38:de:5a:
4f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D2:73:AE:87:2B:9B:B7:5D:4F:D6:DC:1D:29:A1:E8:AE:D0:A4:A6
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/udJzrocrm7ddT9bcHSmh6K7QpKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.23.0/24
64.137.54.0/24
64.137.109.0-64.137.111.255
64.137.113.0/24
64.137.115.0/24
64.137.117.0/24
64.137.119.0-64.137.120.255
64.137.122.0/23
64.137.125.0/24
64.137.127.0/24
Signature Algorithm: sha256WithRSAEncryption
05:7b:8d:33:d2:fe:ab:76:48:84:9a:32:29:04:3d:1b:5b:32:
87:43:ca:96:3a:4e:0a:6b:b6:de:99:35:b0:22:93:5b:bf:fb:
3c:1c:66:85:39:8b:f4:3d:22:0d:96:b3:5d:9e:22:de:f6:b2:
c8:f7:3a:eb:ce:cb:a4:18:f6:2e:46:db:e1:12:e7:51:95:b3:
da:01:c5:89:5d:89:ca:8b:d3:d1:18:ea:2e:d1:3a:13:3a:76:
c9:d1:6c:aa:71:09:d9:f0:90:59:6d:2a:22:54:dc:79:d2:14:
d2:8c:73:3e:8b:cd:d6:f9:b3:94:07:3f:43:76:b6:5b:12:b5:
6d:19:29:d5:09:69:1f:c9:94:a9:27:74:6a:a2:50:73:01:bc:
f1:a1:61:57:4f:b2:d0:4d:cd:ba:4a:50:20:62:cd:87:5b:d9:
90:6f:41:92:ec:ad:1c:06:6c:a1:ca:fb:c0:97:7e:80:67:d9:
90:ee:ce:e4:0e:98:e1:66:65:ea:89:dd:08:b9:11:26:bc:02:
e1:62:15:d0:be:e9:8f:9b:ec:74:58:cc:04:a4:70:df:4d:99:
d6:85:a6:03:21:09:82:c4:78:5e:78:ab:8b:49:d8:b4:27:41:
f0:41:9a:3e:5d:37:56:7d:c2:9a:bf:2f:df:6a:3a:8f:c5:ee:
58:44:4c:ee
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYZ64WYTLHWM6xt+wSgj9y22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMjIyMjA0NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQyNzNhZTg3MmI5YmI3NWQ0ZmQ2ZGMxZDI5YTFlOGFlZDBhNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5Y0+s9sTPvL+WAHTqx+pBGzicnr
fVKYHxx8HFvDq+byKFijx56o0BigBuOW3/XOX5y3sHAffHZILkmlw3gn1RNPX3eE
w62IMwx/p2Vf5n+ASp1A9Ul7IAmZyzrmSvQPa44OORniYCS9tNRuxIBtcZAb0biR
7XXaqpOCaX5h+qOveSK0SxgUvjH0L/XtRjLhPZuPTIeoumXrKIyAl1mfgfvrCAub
SsnWS4V2iXklo8+UqgG37KKBI0rCtOMzRbwuez0Zqs1cDt2+giASG3CitYx73Ea3
3zhyGnJGlrPVQuzq7P72/6LEGnPQnD4+II8y5PdsyluebSCcNiA43lpPSQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFLnSc66HK5u3XU/W3B0poeiu0KSmMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvdWRKenJvY3JtN2RkVDliY0hTbWg2SzdRcEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAQIkXAwQA
QIk2MAwDBABAiW0DBARAiWADBABAiXEDBABAiXMDBABAiXUwDAMEAECJdwMEAECJ
eAMEAUCJegMEAECJfQMEAECJfzANBgkqhkiG9w0BAQsFAAOCAQEABXuNM9L+q3ZI
hJoyKQQ9G1syh0PKljpOCmu23pk1sCKTW7/7PBxmhTmL9D0iDZazXZ4i3vayyPc6
687LpBj2Lkbb4RLnUZWz2gHFiV2JyovT0RjqLtE6Ezp2ydFsqnEJ2fCQWW0qIlTc
edIU0oxzPovN1vmzlAc/Q3a2WxK1bRkp1QlpH8mUqSd0aqJQcwG88aFhV0+y0E3N
ukpQIGLNh1vZkG9BkuytHAZsocr7wJd+gGfZkO7O5A6Y4WZl6ondCLkRJrwC4WIV
0L7pj5vsdFjMBKRw302Z1oWmAyEJgsR4Xniri0nYtCdB8EGaPl03Vn3Cmr8v32o6
j8XuWERM7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org