Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yayN72yk6fZ6r7pnKRqJII0RFmA.roa
File: yayN72yk6fZ6r7pnKRqJII0RFmA.roa (raw, json)
Hash identifier: cqMPHHD6vJ3LqIq7rumLnML8KU0I2t6FOce0OKgdMx0=
Subject key identifier: C9:AC:8D:EF:6C:A4:E9:F6:7A:AF:BA:67:29:1A:89:20:8D:11:16:60
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0186CB5C5DA54400AD387FCD62655ECBC651
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yayN72yk6fZ6r7pnKRqJII0RFmA.roa
Signing time: Fri 10 Mar 2023 11:51:13 +0000
ROA not before: Fri 10 Mar 2023 11:51:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 64.137.122.0/23 maxlen: 23
64.137.125.0/24 maxlen: 24
64.137.120.0/24 maxlen: 24
64.137.119.0/24 maxlen: 24
64.137.127.0/24 maxlen: 24
64.137.109.0/24 maxlen: 24
64.137.110.0/23 maxlen: 23
64.137.113.0/24 maxlen: 24
64.137.115.0/24 maxlen: 24
64.137.117.0/24 maxlen: 24
64.137.16.0/24 maxlen: 24
64.137.23.0/24 maxlen: 24
104.249.39.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
104.222.190.0/24 maxlen: 24
64.137.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Apr 2023 09:56:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cb:5c:5d:a5:44:00:ad:38:7f:cd:62:65:5e:cb:c6:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 10 11:51:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9ac8def6ca4e9f67aafba67291a89208d111660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:be:03:ea:0e:d5:7d:73:db:68:fd:84:c2:
1e:6c:65:0d:ef:e9:f8:73:ed:c2:2a:c2:a9:4f:f2:
4c:d2:47:2f:5c:57:6d:43:96:ed:b6:d8:3e:7d:b5:
b4:97:26:0d:7d:79:91:97:cf:4e:8f:86:98:ef:f0:
f3:c7:52:cd:63:a6:e4:2e:b8:0f:b0:70:58:a2:0d:
2f:46:72:ff:2d:cc:f5:1e:88:04:16:32:70:bb:31:
80:c8:bb:9e:5b:11:45:b1:8a:2a:76:10:3f:29:a2:
9d:fa:41:c7:7f:5c:ca:0e:07:ee:69:47:39:6a:20:
41:99:46:24:95:38:06:2d:3c:c6:57:d0:bf:5a:4f:
11:c0:ad:f0:15:6d:46:6f:fe:af:84:f6:46:02:c6:
a9:91:5b:5a:ef:08:ce:13:48:55:71:21:07:0b:5d:
7e:c5:7a:42:97:d1:1d:e1:5e:a2:f6:3c:79:29:bb:
09:71:d5:8c:d1:22:e4:33:ab:b3:4b:ba:8a:dc:4e:
f6:db:bb:5a:14:be:26:93:20:ba:85:c6:9a:27:f3:
d2:ae:3d:98:68:3a:f7:bb:08:4c:dd:fc:4f:f7:41:
dd:9f:52:fd:14:6f:e2:f8:b9:c1:6a:08:47:1a:56:
16:44:73:7f:e5:fa:ae:05:07:73:ac:8c:3d:c3:ed:
93:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AC:8D:EF:6C:A4:E9:F6:7A:AF:BA:67:29:1A:89:20:8D:11:16:60
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yayN72yk6fZ6r7pnKRqJII0RFmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.9.0/24
64.137.16.0/24
64.137.23.0/24
64.137.54.0/24
64.137.109.0-64.137.111.255
64.137.113.0/24
64.137.115.0/24
64.137.117.0/24
64.137.119.0-64.137.120.255
64.137.122.0/23
64.137.125.0/24
64.137.127.0/24
104.222.190.0/24
104.249.39.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:4b:1e:07:03:12:be:a6:c3:15:89:e1:76:e6:d0:62:b6:19:
30:ac:72:87:05:0f:8c:6c:c6:e1:8c:3b:37:97:8a:9e:5d:72:
54:7a:81:99:f3:fd:dd:32:cf:2a:20:11:1f:69:6d:e4:4a:48:
7e:2b:48:a2:39:d1:73:27:45:ee:c5:3f:93:26:b2:e3:f4:69:
68:c3:ff:00:d3:27:88:9f:e5:bc:36:d6:e4:21:3e:99:d3:26:
68:12:87:1d:5d:c6:7f:1a:15:4e:b1:f6:db:8a:48:ab:b7:9c:
df:72:fc:fc:39:9e:cb:d3:c3:d5:48:ba:84:74:e8:b8:fc:cc:
e7:c3:be:4e:0b:41:e0:e7:4c:3b:06:5b:d0:b8:a6:0e:33:04:
80:0c:2a:63:fe:03:54:2a:3a:62:e2:ab:50:33:76:be:83:44:
00:64:cf:b8:8e:28:1c:99:d7:6e:57:67:b8:d4:dd:d0:14:ce:
38:da:11:2e:95:08:fd:72:94:fa:72:f4:93:75:8d:81:e2:94:
3d:97:e0:b0:6f:06:a9:48:c7:1a:3c:ac:dd:d9:d0:28:31:9a:
ed:0b:5a:fa:47:6e:c7:e4:f9:44:0f:57:ad:0a:6e:a3:06:c5:
c9:98:65:34:b5:6e:92:8c:5a:30:64:c0:fa:76:34:a7:81:ed:
2e:3b:91:33
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYbLXF2lRACtOH/NYmVey8ZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMzEwMTE1MTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFjOGRlZjZjYTRlOWY2N2FhZmJhNjcyOTFhODkyMDhkMTExNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE2+A+oO1X1z22j9hMIebGUN7+n4
c+3CKsKpT/JM0kcvXFdtQ5btttg+fbW0lyYNfXmRl89Oj4aY7/Dzx1LNY6bkLrgP
sHBYog0vRnL/Lcz1HogEFjJwuzGAyLueWxFFsYoqdhA/KaKd+kHHf1zKDgfuaUc5
aiBBmUYklTgGLTzGV9C/Wk8RwK3wFW1Gb/6vhPZGAsapkVta7wjOE0hVcSEHC11+
xXpCl9Ed4V6i9jx5KbsJcdWM0SLkM6uzS7qK3E7227taFL4mkyC6hcaaJ/PSrj2Y
aDr3uwhM3fxP90Hdn1L9FG/i+LnBaghHGlYWRHN/5fquBQdzrIw9w+2TcwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFMmsje9spOn2eq+6ZykaiSCNERZgMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEveWF5TjcyeWs2Zlo2cjdwbktScUpJSTBSRm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAQIkJAwQA
QIkQAwQAQIkXAwQAQIk2MAwDBABAiW0DBARAiWADBABAiXEDBABAiXMDBABAiXUw
DAMEAECJdwMEAECJeAMEAUCJegMEAECJfQMEAECJfwMEAGjevgMEAGj5JzANBgkq
hkiG9w0BAQsFAAOCAQEAP0seBwMSvqbDFYnhdubQYrYZMKxyhwUPjGzG4Yw7N5eK
nl1yVHqBmfP93TLPKiARH2lt5EpIfitIojnRcydF7sU/kyay4/RpaMP/ANMniJ/l
vDbW5CE+mdMmaBKHHV3GfxoVTrH224pIq7ec33L8/Dmey9PD1Ui6hHTouPzM58O+
TgtB4OdMOwZb0LimDjMEgAwqY/4DVCo6YuKrUDN2voNEAGTPuI4oHJnXbldnuNTd
0BTOONoRLpUI/XKU+nL0k3WNgeKUPZfgsG8GqUjHGjys3dnQKDGa7Qta+kdux+T5
RA9XrQpuowbFyZhlNLVukoxaMGTA+nY0p4HtLjuRMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org