Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/wdTLS7k7rj9HEdeiLXSa9ledzV8.roa
File: wdTLS7k7rj9HEdeiLXSa9ledzV8.roa (raw, json)
Hash identifier: 9ZCnlRRXRmJGWR4g9RasZP4wK6NfVSdvtrpPs/C/qhI=
Subject key identifier: C1:D4:CB:4B:B9:3B:AE:3F:47:11:D7:A2:2D:74:9A:F6:57:9D:CD:5F
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01864AE5FC1584D54A6D529B77A68A5759B0
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/wdTLS7k7rj9HEdeiLXSa9ledzV8.roa
Signing time: Mon 13 Feb 2023 13:10:31 +0000
ROA not before: Mon 13 Feb 2023 13:10:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 104.239.94.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:e5:fc:15:84:d5:4a:6d:52:9b:77:a6:8a:57:59:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Feb 13 13:10:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1d4cb4bb93bae3f4711d7a22d749af6579dcd5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0e:3b:a6:3d:2d:05:31:a1:d9:e2:51:2c:70:
24:b0:c3:40:43:d5:c6:07:6a:44:02:af:98:66:46:
66:10:d6:ac:66:46:bb:08:2c:f1:55:ac:1b:e3:d4:
a4:d3:3a:3e:6d:d9:74:3a:27:d4:09:e4:64:2c:e1:
ec:e3:cb:0e:36:35:00:5d:6b:f5:7c:76:02:16:84:
58:65:92:87:79:2a:56:f2:ca:65:a3:8a:86:92:aa:
9c:81:16:e5:1e:e3:20:57:f0:ac:eb:72:06:c5:6a:
f2:f8:df:61:18:cf:a9:ab:37:2d:d9:59:ac:69:91:
c1:33:8c:28:57:ce:f2:69:fd:a8:98:d0:c4:19:af:
ac:5d:2c:65:e4:45:af:1b:d1:66:ca:fb:18:76:ab:
91:f8:c7:96:a9:26:83:07:85:c8:17:b5:f7:83:6b:
ab:7c:33:f7:0b:73:7b:18:b4:12:4a:8d:f5:98:d6:
28:b7:11:a0:13:fe:83:da:e6:a7:e5:f4:22:36:da:
f3:d3:8b:ac:0d:56:76:d2:bd:c8:61:33:57:06:c3:
1c:86:4c:0f:24:39:0f:a6:5a:ab:03:eb:31:3a:f5:
b3:bc:fa:ed:d4:28:dc:d6:87:35:fb:7c:52:a4:30:
e3:59:89:60:95:e2:5a:de:f4:ac:57:a8:0d:c8:56:
58:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:D4:CB:4B:B9:3B:AE:3F:47:11:D7:A2:2D:74:9A:F6:57:9D:CD:5F
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/wdTLS7k7rj9HEdeiLXSa9ledzV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.238.4.0/23
104.238.8.0/23
104.239.30.0/23
104.239.94.0/24
138.128.157.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:ac:53:72:48:aa:52:7e:6f:92:48:b8:fc:90:c2:8f:fe:fc:
c6:f4:9d:26:aa:ca:4e:59:47:5f:a3:a2:ac:07:ec:37:04:54:
7d:d8:31:79:72:e7:1c:d8:5a:ff:36:dd:de:32:65:4f:83:e0:
ff:09:5f:7b:41:fb:af:be:11:49:48:90:f5:99:4f:fb:b4:ff:
b8:0e:2e:d8:f7:74:97:f6:fb:b1:04:32:5e:e9:98:77:25:af:
7a:de:0d:6e:69:39:d4:e1:bf:cd:81:e2:a4:8b:4d:e7:9a:ff:
e0:f1:53:17:d1:d9:93:e9:1f:84:95:4c:92:75:54:3f:22:2b:
2f:ce:18:5d:a2:50:85:0d:e2:7d:a0:54:6c:a2:b8:4b:bf:e2:
7c:1c:b4:02:e6:ce:9e:5e:ea:5a:50:b8:99:4b:36:da:bd:6e:
dc:86:35:a1:5e:5e:b8:ed:be:ac:f2:a2:81:b8:9d:5f:b8:bc:
95:56:74:3c:6c:af:a2:42:e0:4a:f8:45:e6:b0:81:3e:1d:a0:
d5:0d:ff:4f:59:66:55:13:02:36:c5:bb:94:8a:cf:59:8c:d5:
5c:e2:fa:81:5a:89:00:a4:a2:30:f4:ff:27:e6:0a:f2:8d:b3:
f9:d7:c3:46:1c:70:7a:e4:a7:0a:41:af:f8:11:e7:06:aa:76:
af:69:9f:da
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYZK5fwVhNVKbVKbd6aKV1mwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMjEzMTMxMDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWQ0Y2I0YmI5M2JhZTNmNDcxMWQ3YTIyZDc0OWFmNjU3OWRjZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw47pj0tBTGh2eJRLHAksMNAQ9XG
B2pEAq+YZkZmENasZka7CCzxVawb49Sk0zo+bdl0OifUCeRkLOHs48sONjUAXWv1
fHYCFoRYZZKHeSpW8splo4qGkqqcgRblHuMgV/Cs63IGxWry+N9hGM+pqzct2Vms
aZHBM4woV87yaf2omNDEGa+sXSxl5EWvG9FmyvsYdquR+MeWqSaDB4XIF7X3g2ur
fDP3C3N7GLQSSo31mNYotxGgE/6D2uan5fQiNtrz04usDVZ20r3IYTNXBsMchkwP
JDkPplqrA+sxOvWzvPrt1Cjc1oc1+3xSpDDjWYlgleJa3vSsV6gNyFZYAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMHUy0u5O64/RxHXoi10mvZXnc1fMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvd2RUTFM3azdyajlIRWRlaUxYU2E5bGVkelY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBaO4EAwQB
aO4IAwQBaO8eAwQAaO9eAwQAioCdMA0GCSqGSIb3DQEBCwUAA4IBAQB/rFNySKpS
fm+SSLj8kMKP/vzG9J0mqspOWUdfo6KsB+w3BFR92DF5cucc2Fr/Nt3eMmVPg+D/
CV97QfuvvhFJSJD1mU/7tP+4Di7Y93SX9vuxBDJe6Zh3Ja963g1uaTnU4b/NgeKk
i03nmv/g8VMX0dmT6R+ElUySdVQ/IisvzhhdolCFDeJ9oFRsorhLv+J8HLQC5s6e
XupaULiZSzbavW7chjWhXl647b6s8qKBuJ1fuLyVVnQ8bK+iQuBK+EXmsIE+HaDV
Df9PWWZVEwI2xbuUis9ZjNVc4vqBWokApKIw9P8n5gryjbP518NGHHB65KcKQa/4
EecGqnavaZ/a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org