Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/5G1H1IejT-f9b4gyX-gsGMsXAY4.roa
File: 5G1H1IejT-f9b4gyX-gsGMsXAY4.roa (raw, json)
Hash identifier: CDRuoBurky0zELtx6zcmKKPDKGVexUVxTUgb46iKaAc=
Subject key identifier: E4:6D:47:D4:87:A3:4F:E7:FD:6F:88:32:5F:E8:2C:18:CB:17:01:8E
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018E3BC625DEC6C32D64418BE60B276C36BE
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/5G1H1IejT-f9b4gyX-gsGMsXAY4.roa
Signing time: Thu 14 Mar 2024 07:03:45 +0000
ROA not before: Thu 14 Mar 2024 07:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Apr 2024 09:11:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3b:c6:25:de:c6:c3:2d:64:41:8b:e6:0b:27:6c:36:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 14 07:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e46d47d487a34fe7fd6f88325fe82c18cb17018e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ef:41:63:1c:3f:18:83:87:fd:e2:95:bd:fb:
fe:98:b3:4a:b1:15:43:54:cc:3a:df:bf:55:c8:57:
a3:b5:2d:a7:4b:e8:ea:bf:50:ea:7e:2e:fa:04:66:
f3:cb:bb:30:c0:08:17:06:78:cb:a4:9b:44:ed:c5:
16:3c:c3:13:06:eb:c0:16:43:fa:e7:6e:d9:b9:a3:
aa:99:75:3e:fd:6f:94:40:88:8f:87:d7:2d:40:a8:
9b:b6:15:05:41:9f:57:3c:55:1a:28:fd:8f:93:24:
57:b0:95:e1:a8:b2:13:d4:a2:6a:78:96:7b:91:da:
8f:88:2a:b7:cc:8f:09:bb:39:ba:40:9e:b6:81:32:
81:99:ae:b0:27:75:2f:6c:e4:c3:1a:38:71:bd:d6:
ca:ce:58:fa:5c:a7:54:49:a7:68:84:bc:08:e2:26:
e9:e3:60:9b:41:a7:d0:24:32:f4:18:62:81:d8:4a:
58:ca:fe:55:f7:8b:7f:36:29:5e:34:40:84:52:73:
e0:06:1b:af:d5:94:d3:23:5a:72:45:95:15:24:2f:
97:40:d1:f1:9d:21:7e:79:02:96:98:34:ab:a9:8d:
7a:b0:23:d5:32:2c:08:e7:71:a7:64:a3:d5:12:ab:
c0:24:f0:3d:ff:4a:77:2b:c3:46:da:fb:cb:06:97:
8b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:6D:47:D4:87:A3:4F:E7:FD:6F:88:32:5F:E8:2C:18:CB:17:01:8E
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/5G1H1IejT-f9b4gyX-gsGMsXAY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
aa:a3:a8:bb:52:47:6d:bd:eb:43:db:d8:bd:60:33:e0:0a:40:
0a:17:fe:e0:57:e3:db:38:c0:9a:05:d1:b5:88:fe:0f:8f:41:
dd:2d:71:85:33:82:08:c1:d5:b9:4c:45:e6:ea:ab:3f:f7:69:
92:e9:ab:fb:8f:4d:83:21:c1:3a:fe:4c:3b:41:2c:9a:f4:5a:
55:b6:3b:5d:9d:c9:7b:be:03:1e:bd:0e:68:3f:5f:e1:96:ed:
1e:07:dd:44:a4:e2:b2:65:b3:a3:25:1e:6c:16:26:12:07:9a:
e1:e3:1c:7f:83:77:7d:bf:f3:62:19:2d:34:5b:ac:e7:4f:16:
27:7a:5a:03:5d:5e:ae:70:84:bf:65:83:85:66:70:a5:05:64:
84:75:78:00:a7:20:b3:e6:7e:86:39:fd:0c:27:83:93:d1:e5:
17:e6:12:a6:29:70:fc:41:5d:22:4a:31:56:a7:9f:61:ba:d1:
bc:b9:e1:3d:23:40:22:0e:04:40:6e:70:ef:b6:a8:34:a3:18:
24:db:c9:85:ff:a4:4d:64:42:94:20:23:81:f0:65:d9:3c:c1:
25:68:36:7b:7e:ea:94:4a:de:4d:35:92:f8:7e:3b:43:e5:11:
55:58:6a:43:ba:02:65:06:3d:61:fa:38:ae:45:15:cb:de:1e:
fd:a2:dd:c9
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAY47xiXexsMtZEGL5gsnbDa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMzE0MDcwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDZkNDdkNDg3YTM0ZmU3ZmQ2Zjg4MzI1ZmU4MmMxOGNiMTcwMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu9BYxw/GIOH/eKVvfv+mLNKsRVD
VMw6379VyFejtS2nS+jqv1Dqfi76BGbzy7swwAgXBnjLpJtE7cUWPMMTBuvAFkP6
527ZuaOqmXU+/W+UQIiPh9ctQKibthUFQZ9XPFUaKP2PkyRXsJXhqLIT1KJqeJZ7
kdqPiCq3zI8Juzm6QJ62gTKBma6wJ3UvbOTDGjhxvdbKzlj6XKdUSadohLwI4ibp
42CbQafQJDL0GGKB2EpYyv5V94t/NileNECEUnPgBhuv1ZTTI1pyRZUVJC+XQNHx
nSF+eQKWmDSrqY16sCPVMiwI53GnZKPVEqvAJPA9/0p3K8NG2vvLBpeLlQIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFORtR9SHo0/n/W+IMl/oLBjLFwGOMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvNUcxSDFJZWpULWY5YjRneVgtZ3NHTXNYQVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwgeEEAgABMIHaAwQA
W8LNAwQAW8rIAwQAXbyHAwQAlP0iAwQAlP0kAwQBlP3kMAwDBACU/ecDBAKU/egD
BACU/e0DBACU/e8DBACU/fYDBACU/fgwDAMEApf5XAMEAJf5XgMEAKOrQAMEAKOr
QwMEAaOrRgMEAaOrVAMEAKOrVwMEAKOrXjAMAwQFo6tgAwQAo6tiMAwDBACjq2UD
BACjq2gDBACjq6YDBACjq7EDBACjq7YDBACjq7wDBACjq88DBACjq94DBAGjq+AD
BACjq+cDBACjq/kDBACjq/wDBADCaxMwDwQCAAIwCQMHACoBU8D/xjANBgkqhkiG
9w0BAQsFAAOCAQEAqqOou1JHbb3rQ9vYvWAz4ApAChf+4Ffj2zjAmgXRtYj+D49B
3S1xhTOCCMHVuUxF5uqrP/dpkumr+49NgyHBOv5MO0EsmvRaVbY7XZ3Je74DHr0O
aD9f4ZbtHgfdRKTismWzoyUebBYmEgea4eMcf4N3fb/zYhktNFus508WJ3paA11e
rnCEv2WDhWZwpQVkhHV4AKcgs+Z+hjn9DCeDk9HlF+YSpilw/EFdIkoxVqefYbrR
vLnhPSNAIg4EQG5w77aoNKMYJNvJhf+kTWRClCAjgfBl2TzBJWg2e37qlEreTTWS
+H47Q+URVVhqQ7oCZQY9Yfo4rkUVy94e/aLdyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-fra.rpki-client.org