Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/c16HNYQZptZ5qNjrC6stQcCRW8g.roa
File: c16HNYQZptZ5qNjrC6stQcCRW8g.roa (raw, json)
Hash identifier: uC0Jq11wn70GumBj/YMrl/mu1N9/5y8979MovEGqaQ4=
Subject key identifier: 73:5E:87:35:84:19:A6:D6:79:A8:D8:EB:0B:AB:2D:41:C0:91:5B:C8
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019417A821AF5609AE1DF3D3D627F250D040
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/c16HNYQZptZ5qNjrC6stQcCRW8g.roa
Signing time: Mon 30 Dec 2024 13:01:22 +0000
ROA not before: Mon 30 Dec 2024 13:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 45.43.147.0/24 maxlen: 24
45.43.152.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
64.137.110.0/23 maxlen: 23
104.222.191.0/24 maxlen: 24
104.233.56.0/24 maxlen: 24
104.233.58.0/24 maxlen: 24
104.238.21.0/24 maxlen: 24
104.238.24.0/24 maxlen: 24
104.238.28.0/24 maxlen: 24
104.238.30.0/24 maxlen: 24
104.239.15.0/24 maxlen: 24
104.239.47.0/24 maxlen: 24
104.239.66.0/24 maxlen: 24
104.239.74.0/24 maxlen: 24
104.239.79.0/24 maxlen: 24
104.239.83.0/24 maxlen: 24
104.239.89.0/24 maxlen: 24
104.239.100.0/24 maxlen: 24
104.239.102.0/24 maxlen: 24
104.239.109.0/24 maxlen: 24
104.239.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:17:a8:21:af:56:09:ae:1d:f3:d3:d6:27:f2:50:d0:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Dec 30 13:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=735e87358419a6d679a8d8eb0bab2d41c0915bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:97:35:78:42:7e:fb:29:e4:b0:93:48:f8:c0:
45:8f:f2:b9:dd:57:38:c0:a0:1f:70:83:09:12:fd:
fd:cb:8a:50:11:b6:98:4c:fc:15:95:99:82:f7:b1:
84:52:93:f8:50:0d:df:e7:ac:9d:04:da:0c:7e:b0:
18:b3:95:4b:1e:67:de:ca:3a:70:fd:f5:03:10:e8:
16:15:0c:e4:04:94:8e:03:d4:00:00:e7:de:7b:a5:
2b:ec:87:01:49:d9:66:24:ea:e3:cd:ed:75:55:28:
44:fa:a7:d5:28:15:3f:51:ea:37:ea:dd:2a:b0:fb:
ed:a6:da:d1:49:8d:45:fb:4d:93:c4:75:c3:69:ee:
23:34:3b:6d:30:20:51:de:93:81:a5:f7:8e:4c:01:
12:f1:b2:97:bc:4d:dd:71:86:66:33:d6:40:63:e0:
d0:c9:83:b7:ef:d0:b4:97:16:bc:00:e2:99:6e:a5:
bb:75:fa:72:be:e0:18:39:9f:44:02:1b:06:00:12:
ce:d5:e4:a0:6d:d7:c0:75:5c:14:f8:84:24:34:0f:
7f:8f:e0:ef:b3:b3:9b:d9:e9:11:cb:80:d5:2a:ae:
93:5a:3e:ea:87:70:bc:22:99:12:37:9a:45:00:7d:
32:a0:f4:16:61:7f:1a:f2:57:cf:15:ec:d5:16:c4:
0b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:5E:87:35:84:19:A6:D6:79:A8:D8:EB:0B:AB:2D:41:C0:91:5B:C8
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/c16HNYQZptZ5qNjrC6stQcCRW8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.147.0/24
45.43.152.0/24
64.137.54.0/24
64.137.110.0/23
104.222.191.0/24
104.233.56.0/24
104.233.58.0/24
104.238.21.0/24
104.238.24.0/24
104.238.28.0/24
104.238.30.0/24
104.239.15.0/24
104.239.47.0/24
104.239.66.0/24
104.239.74.0/24
104.239.79.0/24
104.239.83.0/24
104.239.89.0/24
104.239.100.0/24
104.239.102.0/24
104.239.109.0/24
104.239.127.0/24
Signature Algorithm: sha256WithRSAEncryption
52:79:d4:15:0c:62:fa:65:d2:3b:74:04:9f:9a:d6:4f:6c:9c:
15:aa:4d:43:b5:5e:b4:62:a9:ea:54:e6:57:35:c0:fa:78:7f:
c7:35:ba:cd:c5:e2:5c:62:a4:19:ba:21:df:60:39:f8:26:80:
7a:75:44:0c:b9:48:70:8b:5f:88:d1:7a:d4:19:69:cc:ec:65:
d8:71:13:fa:48:b4:42:48:41:ba:b3:b3:4b:20:36:7c:a2:70:
eb:84:39:4e:a0:4f:8c:84:b7:66:e6:d1:78:ec:38:0a:3f:31:
6d:87:f9:b1:34:5b:4e:7e:b0:81:fa:e0:67:d0:8a:5a:e7:37:
1a:03:80:7c:78:5a:fe:21:c4:44:31:d2:bc:7b:ce:a0:1d:40:
5f:c2:f9:22:9f:e7:58:93:3c:76:d1:65:99:56:13:1b:e0:88:
21:36:ae:da:a3:1a:6e:e0:25:d5:10:9d:c4:a4:56:a7:98:90:
ec:cd:d0:f6:06:72:bf:03:b5:8c:c5:e6:0c:30:f8:6d:c9:7a:
52:5d:72:59:63:ac:62:9e:39:23:02:e3:d4:98:4c:9b:6e:c5:
92:08:2f:44:8e:ed:b4:fa:43:5c:ea:46:ab:d9:ab:99:f6:95:
b4:cb:37:76:b7:10:55:bb:23:85:0b:6e:07:46:c3:4e:fe:73:
0f:bf:2b:21
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZQXqCGvVgmuHfPT1ifyUNBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQxMjMwMTMwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzVlODczNTg0MTlhNmQ2NzlhOGQ4ZWIwYmFiMmQ0MWMwOTE1YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05c1eEJ++ynksJNI+MBFj/K53Vc4
wKAfcIMJEv39y4pQEbaYTPwVlZmC97GEUpP4UA3f56ydBNoMfrAYs5VLHmfeyjpw
/fUDEOgWFQzkBJSOA9QAAOfee6Ur7IcBSdlmJOrjze11VShE+qfVKBU/Ueo36t0q
sPvtptrRSY1F+02TxHXDae4jNDttMCBR3pOBpfeOTAES8bKXvE3dcYZmM9ZAY+DQ
yYO379C0lxa8AOKZbqW7dfpyvuAYOZ9EAhsGABLO1eSgbdfAdVwU+IQkNA9/j+Dv
s7Ob2ekRy4DVKq6TWj7qh3C8IpkSN5pFAH0yoPQWYX8a8lfPFezVFsQL6wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFHNehzWEGabWeajY6wurLUHAkVvIMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvYzE2SE5ZUVpwdFo1cU5qckM2c3RRY0NSVzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAt
K5MDBAAtK5gDBABAiTYDBAFAiW4DBABo3r8DBABo6TgDBABo6ToDBABo7hUDBABo
7hgDBABo7hwDBABo7h4DBABo7w8DBABo7y8DBABo70IDBABo70oDBABo708DBABo
71MDBABo71kDBABo72QDBABo72YDBABo720DBABo738wDQYJKoZIhvcNAQELBQAD
ggEBAFJ51BUMYvpl0jt0BJ+a1k9snBWqTUO1XrRiqepU5lc1wPp4f8c1us3F4lxi
pBm6Id9gOfgmgHp1RAy5SHCLX4jRetQZaczsZdhxE/pItEJIQbqzs0sgNnyicOuE
OU6gT4yEt2bm0XjsOAo/MW2H+bE0W05+sIH64GfQilrnNxoDgHx4Wv4hxEQx0rx7
zqAdQF/C+SKf51iTPHbRZZlWExvgiCE2rtqjGm7gJdUQncSkVqeYkOzN0PYGcr8D
tYzF5gww+G3JelJdclljrGKeOSMC49SYTJtuxZIIL0SO7bT6Q1zqRqvZq5n2lbTL
N3a3EFW7I4ULbgdGw07+cw+/KyE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 15:55:45 2025 by rpki-client