Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/xJ_ujdLQoQcBB4k3NiaQ717pLu0.roa
File: xJ_ujdLQoQcBB4k3NiaQ717pLu0.roa (raw, json)
Hash identifier: COxHgi0/VpIKzFu2w2OnqfCjGmz8Q4rjkJnh5gToBbk=
Subject key identifier: C4:9F:EE:8D:D2:D0:A1:07:01:07:89:37:36:26:90:EF:5E:E9:2E:ED
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018EBD988379DC8E6CF6138FDCCA9424D38A
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/xJ_ujdLQoQcBB4k3NiaQ717pLu0.roa
Signing time: Mon 08 Apr 2024 12:04:32 +0000
ROA not before: Mon 08 Apr 2024 12:04:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56443
IP address blocks: 104.233.11.0/24 maxlen: 24
104.233.22.0/24 maxlen: 24
104.233.23.0/24 maxlen: 24
104.233.27.0/24 maxlen: 24
104.233.29.0/24 maxlen: 24
104.233.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 09:55:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:98:83:79:dc:8e:6c:f6:13:8f:dc:ca:94:24:d3:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 8 12:04:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c49fee8dd2d0a10701078937362690ef5ee92eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:53:fc:13:f6:d5:29:e9:bc:49:18:a9:d1:11:
fb:f2:a0:6f:da:92:ab:4a:9f:38:b7:c9:e4:73:85:
c7:6f:f5:f4:42:0d:f2:e7:87:8d:63:a9:33:25:f2:
c2:77:07:96:aa:35:74:61:fa:d3:06:8a:32:e6:75:
70:c7:78:7e:5f:02:ed:d2:54:7e:f9:6b:d4:ca:e1:
9f:c0:44:4e:3a:48:d5:0e:c8:13:e0:3e:18:ef:c6:
f3:41:f8:b8:9f:e3:7f:98:cf:9b:44:04:ad:8b:2e:
dc:16:2e:bb:b5:e7:2a:7a:45:04:72:4c:ed:8f:95:
f3:60:fe:bc:14:a9:40:0d:ab:dd:dc:78:ce:4d:73:
bd:b4:d2:f7:a4:7f:b6:94:35:3d:e6:d9:cb:f3:08:
d0:69:81:31:78:8a:6b:97:3a:3c:35:80:a4:30:2a:
67:86:dd:21:30:aa:5e:0a:c1:ca:43:d1:b1:c6:ec:
43:c4:8b:bb:a6:01:b3:f5:f7:04:6b:75:e4:36:b8:
f2:a6:94:04:80:67:b6:52:a3:50:82:23:72:7c:3f:
03:26:4f:c9:ce:2f:cb:6f:59:39:61:c6:24:3d:d5:
3d:b0:b9:ce:ab:5d:3e:93:d1:fb:fb:3d:d7:e1:41:
54:d2:a0:4d:13:f5:7b:df:a6:86:63:c9:e6:72:3d:
e5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9F:EE:8D:D2:D0:A1:07:01:07:89:37:36:26:90:EF:5E:E9:2E:ED
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/xJ_ujdLQoQcBB4k3NiaQ717pLu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.11.0/24
104.233.22.0/23
104.233.27.0/24
104.233.29.0-104.233.30.255
Signature Algorithm: sha256WithRSAEncryption
30:76:84:ee:d2:91:26:ac:bd:56:48:a1:1c:c3:66:28:cd:b9:
db:da:28:7f:2f:9e:bc:bb:b9:89:25:de:b8:61:ac:75:70:f9:
27:41:e0:ca:60:e3:8e:36:99:cd:85:fd:3d:4e:bf:a0:59:71:
2c:9d:c2:20:f3:e8:f5:20:2d:63:bc:bb:40:fa:2c:c3:5e:e0:
a9:76:c4:92:af:0e:23:d5:68:6a:8d:76:c3:f1:a6:d5:0f:ac:
9f:f7:df:7b:66:8b:72:1f:97:f2:38:f5:96:ea:b1:f4:8e:ab:
54:58:96:f8:74:2f:05:b8:fd:a3:a9:b2:82:8e:33:db:4c:f3:
57:b8:85:7f:80:99:a0:bc:7f:65:73:9d:4b:a3:0d:48:3a:fc:
a3:c6:24:b7:2d:ff:41:76:37:1d:f2:88:4a:19:1e:47:17:37:
03:0b:4d:27:6d:05:ab:ee:31:f2:b3:02:06:1b:41:0f:9a:b0:
27:a6:6a:0d:28:2a:99:1d:0c:c9:c1:43:ca:6b:9d:0d:09:39:
c0:32:f0:c5:7c:3b:1e:60:f0:e0:97:b9:50:c0:76:fc:32:6f:
cb:a8:12:1e:85:d0:b6:49:8c:11:60:60:58:db:e0:ed:20:72:
3d:fb:a5:7b:24:04:6c:b2:61:64:78:7b:d6:84:1b:15:d7:78:
32:39:53:94
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY69mIN53I5s9hOP3MqUJNOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNDA4MTIwNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDlmZWU4ZGQyZDBhMTA3MDEwNzg5MzczNjI2OTBlZjVlZTkyZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1P8E/bVKem8SRip0RH78qBv2pKr
Sp84t8nkc4XHb/X0Qg3y54eNY6kzJfLCdweWqjV0YfrTBooy5nVwx3h+XwLt0lR+
+WvUyuGfwEROOkjVDsgT4D4Y78bzQfi4n+N/mM+bRAStiy7cFi67tecqekUEckzt
j5XzYP68FKlADavd3HjOTXO9tNL3pH+2lDU95tnL8wjQaYExeIprlzo8NYCkMCpn
ht0hMKpeCsHKQ9GxxuxDxIu7pgGz9fcEa3XkNrjyppQEgGe2UqNQgiNyfD8DJk/J
zi/Lb1k5YcYkPdU9sLnOq10+k9H7+z3X4UFU0qBNE/V736aGY8nmcj3lAQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMSf7o3S0KEHAQeJNzYmkO9e6S7tMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEveEpfdWpkTFFvUWNCQjRrM05pYVE3MTdwTHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAaOkLAwQB
aOkWAwQAaOkbMAwDBABo6R0DBABo6R4wDQYJKoZIhvcNAQELBQADggEBADB2hO7S
kSasvVZIoRzDZijNudvaKH8vnry7uYkl3rhhrHVw+SdB4Mpg4442mc2F/T1Ov6BZ
cSydwiDz6PUgLWO8u0D6LMNe4Kl2xJKvDiPVaGqNdsPxptUPrJ/333tmi3Ifl/I4
9ZbqsfSOq1RYlvh0LwW4/aOpsoKOM9tM81e4hX+AmaC8f2VznUujDUg6/KPGJLct
/0F2Nx3yiEoZHkcXNwMLTSdtBavuMfKzAgYbQQ+asCemag0oKpkdDMnBQ8prnQ0J
OcAy8MV8Ox5g8OCXuVDAdvwyb8uoEh6F0LZJjBFgYFjb4O0gcj37pXskBGyyYWR4
e9aEGxXXeDI5U5Q=
-----END CERTIFICATE-----
Generated at Tue Apr 9 14:36:29 2024 by rpki-client on console-fra.rpki-client.org