Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/C2IEcBryPW1OCTRqBF7p_U0EYBk.roa
File: C2IEcBryPW1OCTRqBF7p_U0EYBk.roa (raw, json)
Hash identifier: hdF3CuyRwJplZz0KDagQD8y1UYrDkBBJ9hC0Z4A7glY=
Subject key identifier: 0B:62:04:70:1A:F2:3D:6D:4E:09:34:6A:04:5E:E9:FD:4D:04:60:19
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018BD1EFD39470458E2D8DBDA4B9025A9691
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/C2IEcBryPW1OCTRqBF7p_U0EYBk.roa
Signing time: Wed 15 Nov 2023 07:43:57 +0000
ROA not before: Wed 15 Nov 2023 07:43:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.254.0/24 maxlen: 24
91.194.205.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.90.0/24 maxlen: 24
163.171.91.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
163.171.246.0/24 maxlen: 24
163.171.253.0/24 maxlen: 24
163.171.251.0/24 maxlen: 24
163.171.247.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.242.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
148.253.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 03:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:ef:d3:94:70:45:8e:2d:8d:bd:a4:b9:02:5a:96:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Nov 15 07:43:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b6204701af23d6d4e09346a045ee9fd4d046019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:19:b3:57:dd:bf:11:2e:36:dd:d5:20:b0:18:
51:96:e0:30:f6:68:2e:62:d6:90:0c:db:3d:ea:10:
38:46:79:16:42:05:da:e7:50:88:7f:4e:e7:c9:54:
23:48:3b:ed:bf:3b:9c:28:e2:db:9f:7c:1e:96:5f:
27:02:7f:53:e5:e2:59:a3:0d:b5:8c:a1:4c:da:7f:
5e:7c:78:a6:15:f2:51:60:2c:3d:25:fc:b0:34:fd:
f9:99:bd:21:4e:08:04:17:2b:c1:e8:03:e5:47:f6:
96:b8:ae:08:94:2b:42:05:78:37:49:20:5f:b1:1e:
b1:66:a1:35:01:1d:13:fb:13:e4:be:1a:01:28:d5:
85:f3:23:01:4c:35:8f:a5:91:5b:cd:02:4c:c2:e1:
0a:d8:c7:62:fc:96:71:fc:fa:d7:c0:5c:14:d3:d1:
cf:22:c5:a3:bd:65:cf:af:0b:d4:f0:89:21:ef:7e:
fe:cd:be:2f:ec:67:b8:a8:10:e6:89:c0:e3:a9:3e:
a3:8f:36:43:da:80:ba:b3:04:50:0f:51:ca:7d:8c:
df:c6:0f:0e:b9:99:c2:d8:be:20:87:d1:42:07:78:
9e:9e:b0:45:d2:33:59:68:57:29:54:51:b7:7f:de:
49:1a:c0:5c:b8:d8:28:7e:0a:83:9c:6d:68:d4:db:
c6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:62:04:70:1A:F2:3D:6D:4E:09:34:6A:04:5E:E9:FD:4D:04:60:19
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/C2IEcBryPW1OCTRqBF7p_U0EYBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
148.253.239.0-148.253.243.255
148.253.249.0-148.253.250.255
163.171.77.0/24
163.171.90.0/23
163.171.246.0/23
163.171.251.0/24
163.171.253.0-163.171.254.255
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:d6:06:98:15:10:a9:d2:57:4f:1a:89:ed:8c:e3:ef:73:65:
36:70:15:3b:40:be:7e:f0:1d:44:6a:02:69:8d:18:46:56:14:
5a:24:4d:e0:6f:ca:53:97:29:9a:dd:22:b6:a9:35:b7:f5:14:
dd:ea:85:e1:b2:07:22:4c:b3:8b:a1:aa:68:b6:5e:18:bf:55:
ad:bf:f3:4d:28:a9:57:45:74:79:3c:31:89:0f:cc:5b:3d:3d:
53:d7:47:c2:d3:29:1e:bc:89:df:13:67:9a:f2:7d:8f:22:c9:
37:06:21:84:1d:c4:23:d9:36:55:82:7d:d7:fc:67:80:fb:0c:
f3:c5:ec:00:05:dc:56:b0:8c:53:8f:3a:c7:00:00:ce:13:55:
2b:36:84:d1:5e:4f:3e:a3:9b:50:6c:e8:13:77:38:f7:12:b6:
7c:5d:b6:73:ad:de:4c:80:8f:b4:fe:23:10:53:65:2c:ab:98:
57:1e:6b:22:4e:9c:4d:b9:56:7c:77:c9:0b:6d:32:88:f4:7c:
11:68:9f:97:a6:39:58:b7:9d:2a:9f:0e:93:6a:ff:63:91:b7:
5f:4e:4f:ef:b0:92:ad:7a:da:79:90:25:ad:01:6d:5d:03:08:
a7:db:a5:21:0e:97:28:0e:4b:e0:bc:26:24:62:44:0b:e5:48:
a3:cc:88:21
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYvR79OUcEWOLY29pLkCWpaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMxMTE1MDc0MzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjYyMDQ3MDFhZjIzZDZkNGUwOTM0NmEwNDVlZTlmZDRkMDQ2MDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixmzV92/ES423dUgsBhRluAw9mgu
YtaQDNs96hA4RnkWQgXa51CIf07nyVQjSDvtvzucKOLbn3well8nAn9T5eJZow21
jKFM2n9efHimFfJRYCw9JfywNP35mb0hTggEFyvB6APlR/aWuK4IlCtCBXg3SSBf
sR6xZqE1AR0T+xPkvhoBKNWF8yMBTDWPpZFbzQJMwuEK2Mdi/JZx/PrXwFwU09HP
IsWjvWXPrwvU8Ikh737+zb4v7Ge4qBDmicDjqT6jjzZD2oC6swRQD1HKfYzfxg8O
uZnC2L4gh9FCB3ienrBF0jNZaFcpVFG3f95JGsBcuNgofgqDnG1o1NvGIQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFAtiBHAa8j1tTgk0agRe6f1NBGAZMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvQzJJRWNCcnlQVzFPQ1RScUJGN3BfVTBFWUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAW8LNAwQA
W8rIMAwDBACU/e8DBAKU/fAwDAMEAJT9+QMEAJT9+gMEAKOrTQMEAaOrWgMEAaOr
9gMEAKOr+zAMAwQAo6v9AwQAo6v+AwQAuRvkMA0GCSqGSIb3DQEBCwUAA4IBAQCK
1gaYFRCp0ldPGontjOPvc2U2cBU7QL5+8B1EagJpjRhGVhRaJE3gb8pTlyma3SK2
qTW39RTd6oXhsgciTLOLoapotl4Yv1Wtv/NNKKlXRXR5PDGJD8xbPT1T10fC0yke
vInfE2ea8n2PIsk3BiGEHcQj2TZVgn3X/GeA+wzzxewABdxWsIxTjzrHAADOE1Ur
NoTRXk8+o5tQbOgTdzj3ErZ8XbZzrd5MgI+0/iMQU2Usq5hXHmsiTpxNuVZ8d8kL
bTKI9HwRaJ+XpjlYt50qnw6Tav9jkbdfTk/vsJKtetp5kCWtAW1dAwin26UhDpco
DkvgvCYkYkQL5UijzIgh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-fra.rpki-client.org