Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/2TWMdkHHu9ZFeKTvCzhHq6WmRs4.roa
File: 2TWMdkHHu9ZFeKTvCzhHq6WmRs4.roa (raw, json)
Hash identifier: llgYOFebCKeZ/tPJ3ArdPN8YZ6FuglAFWssbZ4I6IAI=
Subject key identifier: D9:35:8C:76:41:C7:BB:D6:45:78:A4:EF:0B:38:47:AB:A5:A6:46:CE
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018B40E4EC630A05A80BE90B153C70983BD8
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/2TWMdkHHu9ZFeKTvCzhHq6WmRs4.roa
Signing time: Wed 18 Oct 2023 03:47:06 +0000
ROA not before: Wed 18 Oct 2023 03:47:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54994
IP address blocks: 163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 27 Oct 2023 07:24:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:40:e4:ec:63:0a:05:a8:0b:e9:0b:15:3c:70:98:3b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Oct 18 03:47:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9358c7641c7bbd64578a4ef0b3847aba5a646ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:db:f4:7a:50:cc:03:cd:a4:3f:37:69:85:df:
24:61:dd:fe:5b:79:ba:08:c8:92:dd:3f:d0:75:2a:
13:af:74:9b:da:0f:76:f2:d2:3f:0c:a6:a3:18:4c:
7f:ec:fb:fd:32:93:3e:cd:dd:c4:15:64:e7:72:8c:
bd:4a:dd:be:ba:79:ad:79:1f:ef:04:ea:8e:1a:c6:
66:0f:db:02:02:a7:89:d1:a8:38:9e:7e:c5:0e:61:
d1:ef:04:16:36:2a:ee:90:14:ae:36:74:39:d7:70:
a2:86:ea:c0:c7:04:da:3c:33:1a:c7:7c:6a:22:a1:
0e:3b:64:b6:49:9f:1e:af:7a:d7:cd:81:17:c4:66:
51:e0:db:c0:f1:27:dc:d8:9b:7c:45:b1:d6:da:8a:
28:f9:46:6c:8c:b4:8c:ae:62:8c:53:12:fc:2b:8e:
84:07:38:dd:6b:5b:b5:b3:1c:2e:67:bd:40:4d:bf:
40:aa:10:d9:9f:e9:96:06:32:35:19:f8:eb:96:7f:
e9:40:a6:e9:5d:62:6c:82:6a:c7:0f:ad:4d:9c:71:
dd:29:0c:58:9d:72:68:64:d7:54:e9:35:5e:f9:f3:
11:59:99:7c:e8:88:c6:8d:db:30:28:01:c4:2a:f3:
c2:a2:7a:ae:25:57:3c:fb:50:36:9d:85:6d:59:b8:
1e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:35:8C:76:41:C7:BB:D6:45:78:A4:EF:0B:38:47:AB:A5:A6:46:CE
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/2TWMdkHHu9ZFeKTvCzhHq6WmRs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.135.0/24
148.253.34.0/24
148.253.228.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.97.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
7c:7f:16:69:a0:da:26:a9:7e:1c:1d:42:63:da:a5:ae:44:cc:
e6:cc:51:9b:da:96:ab:9c:8c:48:6f:0c:71:6c:41:ef:b2:dd:
f9:58:77:98:34:44:32:64:f1:82:1b:e0:e7:89:3a:eb:a5:55:
dd:10:58:93:6d:e9:ed:63:2f:3d:ec:12:54:90:27:ee:c5:6b:
fb:67:e3:8b:21:6e:80:6d:e5:2f:c6:65:c4:dc:6d:b6:5c:bc:
f0:dd:b8:6d:67:1e:b9:54:48:f3:fa:18:1d:ca:77:e9:ba:35:
8f:3a:b7:4f:7b:6c:45:52:61:62:6e:27:05:89:52:e0:fc:6f:
5f:58:6c:10:a0:e8:e4:f3:ed:60:2c:79:3c:31:1e:2a:e2:14:
66:f2:46:a7:ae:a2:90:d2:9d:eb:58:fb:77:10:ed:53:9b:47:
7c:ac:30:37:01:5c:90:0f:a8:87:e6:48:9f:2d:83:08:6c:59:
af:6f:bb:ee:cc:28:93:24:fa:56:cd:ef:92:16:d2:86:ca:b7:
bb:1d:39:b7:36:17:81:4d:d4:4b:41:39:ee:bb:d2:53:81:6e:
ae:b8:99:40:9d:39:4e:d0:2b:a9:eb:eb:d4:b6:f0:01:ca:1d:
91:a1:bd:d9:74:4a:18:24:56:4c:15:f8:2a:86:22:f9:3f:27:
96:35:f5:dd
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYtA5OxjCgWoC+kLFTxwmDvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMxMDE4MDM0NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTM1OGM3NjQxYzdiYmQ2NDU3OGE0ZWYwYjM4NDdhYmE1YTY0NmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9v0elDMA82kPzdphd8kYd3+W3m6
CMiS3T/QdSoTr3Sb2g928tI/DKajGEx/7Pv9MpM+zd3EFWTncoy9St2+unmteR/v
BOqOGsZmD9sCAqeJ0ag4nn7FDmHR7wQWNirukBSuNnQ513CihurAxwTaPDMax3xq
IqEOO2S2SZ8er3rXzYEXxGZR4NvA8Sfc2Jt8RbHW2ooo+UZsjLSMrmKMUxL8K46E
Bzjda1u1sxwuZ71ATb9AqhDZn+mWBjI1Gfjrln/pQKbpXWJsgmrHD61NnHHdKQxY
nXJoZNdU6TVe+fMRWZl86IjGjdswKAHEKvPConquJVc8+1A2nYVtWbgeHQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFNk1jHZBx7vWRXik7ws4R6ulpkbOMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvMlRXTWRrSEh1OVpGZUtUdkN6aEhxNldtUnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBwQQCAAEwgboDBABd
vIcDBACU/SIDBACU/eQwDAMEAJT95wMEApT96AMEAJT97QMEAJT97wMEAJT99gME
AJT9+AMEAKOrQAMEAKOrQwMEAaOrRgMEAaOrVAMEAKOrVwMEAKOrXjAMAwQAo6th
AwQAo6tiMAwDBACjq2UDBACjq2gDBACjq6YDBACjq7EDBACjq7YDBACjq7wDBACj
q88DBACjq94DBAGjq+ADBACjq+cDBACjq/kDBACjq/wDBADCaxMwDwQCAAIwCQMH
ACoBU8D/xjANBgkqhkiG9w0BAQsFAAOCAQEAfH8WaaDaJql+HB1CY9qlrkTM5sxR
m9qWq5yMSG8McWxB77Ld+Vh3mDREMmTxghvg54k666VV3RBYk23p7WMvPewSVJAn
7sVr+2fjiyFugG3lL8ZlxNxttly88N24bWceuVRI8/oYHcp36bo1jzq3T3tsRVJh
Ym4nBYlS4PxvX1hsEKDo5PPtYCx5PDEeKuIUZvJGp66ikNKd61j7dxDtU5tHfKww
NwFckA+oh+ZIny2DCGxZr2+77swokyT6Vs3vkhbShsq3ux05tzYXgU3US0E57rvS
U4FurriZQJ05TtArqevr1LbwAcodkaG92XRKGCRWTBX4KoYi+T8nljX13Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org