Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/6Dw9UFAdcDh3QodTcWhJoQC8MFA.roa
File: 6Dw9UFAdcDh3QodTcWhJoQC8MFA.roa (raw, json)
Hash identifier: ltsvR3CFhOyRrO7LOShiAdpx++a3N8BQsD3asNllL1o=
Subject key identifier: E8:3C:3D:50:50:1D:70:38:77:42:87:53:71:68:49:A1:00:BC:30:50
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018E26D8DC9E93D8C4B17743D5D27A1BE408
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/6Dw9UFAdcDh3QodTcWhJoQC8MFA.roa
Signing time: Sun 10 Mar 2024 05:32:10 +0000
ROA not before: Sun 10 Mar 2024 05:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Mar 2024 07:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:26:d8:dc:9e:93:d8:c4:b1:77:43:d5:d2:7a:1b:e4:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 10 05:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e83c3d50501d703877428753716849a100bc3050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f8:b6:76:4b:74:18:f3:d8:b2:c3:c4:93:d1:
f8:a7:44:ca:25:2c:41:67:61:8d:98:19:e0:fe:c9:
2a:f6:73:16:d1:18:13:ee:25:9e:b6:34:44:e0:f9:
3e:b1:4e:1f:4b:4e:ed:b7:5d:65:59:db:11:c3:7c:
0d:29:63:66:27:71:f0:3c:4b:cd:a7:a5:3c:77:c1:
8b:77:1c:1d:c3:0d:dc:e4:df:6d:cb:39:f9:1e:2f:
82:4c:77:aa:41:a2:96:96:f2:e9:b7:e8:46:54:48:
1c:ab:18:33:a6:05:37:6e:16:fc:4c:a7:4e:8c:ba:
57:cf:3e:d2:e2:21:71:cb:4c:d3:96:85:ee:28:2d:
5a:d8:0d:2a:98:4b:0d:1c:a1:09:a9:3b:98:4c:0b:
ff:a8:5f:52:ba:8f:33:10:10:65:14:13:2d:f2:82:
85:82:4e:6e:ce:c9:8d:c2:1c:a2:05:c4:e8:61:7c:
a6:9f:08:ce:65:fa:28:73:d4:b5:48:39:8b:e8:a1:
bc:0a:18:5c:1e:83:ee:0f:ff:3f:6f:b9:53:cd:2d:
af:c6:a0:49:d9:d6:ae:d3:52:6e:3d:55:2e:ba:74:
70:42:a0:09:1f:12:a5:bd:81:d1:36:ad:87:ff:19:
d5:37:0c:32:33:0d:fd:ae:be:90:21:ad:13:d9:50:
19:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:3C:3D:50:50:1D:70:38:77:42:87:53:71:68:49:A1:00:BC:30:50
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/6Dw9UFAdcDh3QodTcWhJoQC8MFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.228.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
41:e1:94:92:15:46:e3:d4:e9:b4:01:55:ee:11:0d:aa:e4:70:
45:f5:b9:80:e8:0d:9d:ae:e6:fd:5f:cb:d0:03:48:79:31:94:
ea:09:9d:fc:2d:a3:0a:3d:57:db:dd:f3:dc:5a:cc:af:0c:dc:
b9:0a:7e:c1:6f:9d:0f:9e:ff:9a:84:22:18:3f:b8:4a:11:b4:
5b:44:c2:43:f6:59:12:60:d8:f0:22:5e:9d:e8:b4:44:d0:dc:
05:26:8f:b9:a8:ff:fe:64:24:c0:bb:21:7b:73:ce:d8:ba:7c:
be:5b:11:ae:df:43:d3:70:91:b1:ba:d6:6e:c9:31:f2:8b:33:
db:f5:e4:4b:59:af:ef:44:8b:6d:b1:20:e7:dc:6a:5f:8d:3e:
14:5d:05:6b:45:8c:fb:d4:62:b9:b0:34:24:66:62:24:81:e3:
1f:5c:59:43:9c:79:d2:44:06:4e:0e:d0:5b:c2:58:cb:47:61:
4e:ce:d4:d5:fc:33:48:7c:ec:31:01:16:c9:a0:81:a3:c1:d4:
93:4e:8c:3b:8a:a9:89:e9:5f:43:28:9e:79:89:39:17:6f:26:
d7:06:70:33:90:3b:41:87:55:1f:53:6f:30:24:2d:2f:ae:fb:
0d:18:92:1d:b8:31:3a:78:90:1d:b7:14:e5:25:e8:a1:0d:c4:
53:1e:37:06
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAY4m2Nyek9jEsXdD1dJ6G+QIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMzEwMDUzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODNjM2Q1MDUwMWQ3MDM4Nzc0Mjg3NTM3MTY4NDlhMTAwYmMzMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivi2dkt0GPPYssPEk9H4p0TKJSxB
Z2GNmBng/skq9nMW0RgT7iWetjRE4Pk+sU4fS07tt11lWdsRw3wNKWNmJ3HwPEvN
p6U8d8GLdxwdww3c5N9tyzn5Hi+CTHeqQaKWlvLpt+hGVEgcqxgzpgU3bhb8TKdO
jLpXzz7S4iFxy0zTloXuKC1a2A0qmEsNHKEJqTuYTAv/qF9Suo8zEBBlFBMt8oKF
gk5uzsmNwhyiBcToYXymnwjOZfooc9S1SDmL6KG8ChhcHoPuD/8/b7lTzS2vxqBJ
2dau01JuPVUuunRwQqAJHxKlvYHRNq2H/xnVNwwyMw39rr6QIa0T2VAZQwIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFOg8PVBQHXA4d0KHU3FoSaEAvDBQMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvNkR3OVVGQWRjRGgzUW9kVGNXaEpvUUM4TUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwgeEEAgABMIHaAwQA
W8LNAwQAW8rIAwQAXbyHAwQAlP0iAwQAlP0kAwQAlP3kMAwDBACU/ecDBAKU/egD
BACU/e0DBACU/e8DBACU/fYDBACU/fgwDAMEApf5XAMEAJf5XgMEAKOrQAMEAKOr
QwMEAaOrRgMEAaOrVAMEAKOrVwMEAKOrXjAMAwQFo6tgAwQAo6tiMAwDBACjq2UD
BACjq2gDBACjq6YDBACjq7EDBACjq7YDBACjq7wDBACjq88DBACjq94DBAGjq+AD
BACjq+cDBACjq/kDBACjq/wDBADCaxMwDwQCAAIwCQMHACoBU8D/xjANBgkqhkiG
9w0BAQsFAAOCAQEAQeGUkhVG49TptAFV7hENquRwRfW5gOgNna7m/V/L0ANIeTGU
6gmd/C2jCj1X293z3FrMrwzcuQp+wW+dD57/moQiGD+4ShG0W0TCQ/ZZEmDY8CJe
nei0RNDcBSaPuaj//mQkwLshe3PO2Lp8vlsRrt9D03CRsbrWbskx8osz2/XkS1mv
70SLbbEg59xqX40+FF0Fa0WM+9RiubA0JGZiJIHjH1xZQ5x50kQGTg7QW8JYy0dh
Ts7U1fwzSHzsMQEWyaCBo8HUk06MO4qpielfQyieeYk5F28m1wZwM5A7QYdVH1Nv
MCQtL677DRiSHbgxOniQHbcU5SXooQ3EUx43Bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-fra.rpki-client.org