Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/J_UFoy3b_wDH3VvHzv-r5uNEmnc.roa
File: J_UFoy3b_wDH3VvHzv-r5uNEmnc.roa (raw, json)
Hash identifier: OFexIAa1yQLZZX60sXKsd46rbuTwJb0HNyPtt4dP51c=
Subject key identifier: 27:F5:05:A3:2D:DB:FF:00:C7:DD:5B:C7:CE:FF:AB:E6:E3:44:9A:77
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018CC5DC5C1CA723E2D2DB3FA64606DF3A08
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/J_UFoy3b_wDH3VvHzv-r5uNEmnc.roa
Signing time: Mon 01 Jan 2024 16:30:02 +0000
ROA not before: Mon 01 Jan 2024 16:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204720
IP address blocks: 163.171.153.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 07:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5c:1c:a7:23:e2:d2:db:3f:a6:46:06:df:3a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 1 16:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27f505a32ddbff00c7dd5bc7ceffabe6e3449a77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1f:0d:cb:9e:cf:62:f3:bc:ef:bd:6f:0f:c4:
0f:49:12:1a:6f:c5:08:61:ef:88:20:19:eb:ba:ed:
a7:d4:38:77:c1:f4:77:72:a0:c9:bc:9d:5e:54:8f:
e2:5a:25:dc:19:8d:09:c9:4b:e6:6d:b0:cf:cb:09:
1d:5e:8a:cf:b7:e7:e4:f9:0b:31:44:5b:36:bc:84:
b7:9d:97:33:5b:b0:f5:04:4e:23:b2:4e:03:5c:6b:
38:93:e8:0c:8c:4b:80:6e:4e:dc:fa:69:f8:1c:ef:
73:9d:70:10:70:e1:33:9d:7e:2c:8d:f5:b4:11:b9:
a4:9f:d0:b1:11:57:5e:9d:0e:bb:b4:82:18:ca:5d:
b2:bb:34:13:a1:cb:22:7e:87:57:f7:18:de:91:c1:
db:4a:12:2a:cc:e0:f1:6f:02:40:88:37:f8:90:b6:
f1:f6:14:76:f3:98:d6:3f:4a:ec:45:aa:5d:e4:a4:
57:7a:81:bf:e2:b3:18:23:53:53:e4:57:87:7d:aa:
77:1a:ea:29:2e:2b:a0:29:2d:11:01:d7:26:5f:fe:
e2:37:40:89:fa:31:1b:20:23:a8:12:cb:2a:ee:18:
10:a8:29:43:28:43:4f:e7:05:eb:0e:61:bf:24:87:
77:bb:c8:26:a9:42:e2:9a:ce:39:cf:92:96:6a:61:
09:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F5:05:A3:2D:DB:FF:00:C7:DD:5B:C7:CE:FF:AB:E6:E3:44:9A:77
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/J_UFoy3b_wDH3VvHzv-r5uNEmnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.60.0/22
163.171.153.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:22:29:4d:4a:56:2c:3d:c4:eb:e6:be:b8:4b:b5:07:49:e6:
ca:01:76:61:1e:a3:ae:67:00:6c:6a:61:73:5b:81:be:58:f2:
99:45:b0:f7:54:cb:08:3d:70:b2:fd:34:d4:29:77:b2:0c:e8:
99:16:52:bf:71:f2:9a:e8:ce:04:63:ed:52:d1:ee:64:52:92:
f2:1d:4f:e3:27:28:8e:70:57:82:26:65:16:9b:af:d8:32:3c:
ce:17:02:78:7d:c5:66:16:97:08:a4:b4:dc:6d:2e:47:d2:de:
b2:da:d1:fc:15:a9:0f:a5:84:b8:03:14:b9:8a:40:86:5c:22:
92:14:2e:aa:6d:c9:da:db:5c:cb:c2:0e:e8:42:1c:7a:47:80:
86:75:ad:b7:e3:fc:6f:38:25:40:e2:60:03:83:ff:e9:c4:a2:
34:55:bd:19:5b:8c:e2:25:60:a5:18:39:04:b2:05:9b:99:0c:
3b:d3:c2:ef:bb:eb:89:9f:d2:66:3b:f0:aa:70:2d:e7:e2:b9:
09:ff:70:dc:1b:1c:71:ab:ce:53:7b:a8:a0:f9:1f:c7:97:be:
67:e1:6a:26:fa:bf:3d:dc:65:4c:2a:ef:3c:76:db:54:36:86:
26:f1:03:0f:f5:18:99:2e:97:06:de:97:42:b5:14:81:3f:85:
51:5b:8d:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3FwcpyPi0ts/pkYG3zoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMTAxMTYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2Y1MDVhMzJkZGJmZjAwYzdkZDViYzdjZWZmYWJlNmUzNDQ5YTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB8Ny57PYvO8771vD8QPSRIab8UI
Ye+IIBnruu2n1Dh3wfR3cqDJvJ1eVI/iWiXcGY0JyUvmbbDPywkdXorPt+fk+Qsx
RFs2vIS3nZczW7D1BE4jsk4DXGs4k+gMjEuAbk7c+mn4HO9znXAQcOEznX4sjfW0
Ebmkn9CxEVdenQ67tIIYyl2yuzQTocsifodX9xjekcHbShIqzODxbwJAiDf4kLbx
9hR285jWP0rsRapd5KRXeoG/4rMYI1NT5FeHfap3GuopLiugKS0RAdcmX/7iN0CJ
+jEbICOoEssq7hgQqClDKENP5wXrDmG/JId3u8gmqULims45z5KWamEJywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCf1BaMt2/8Ax91bx87/q+bjRJp3MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvSl9VRm95M2Jfd0RIM1Z2SHp2LXI1dU5FbW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQClP08AwQA
o6uZMA0GCSqGSIb3DQEBCwUAA4IBAQB+IilNSlYsPcTr5r64S7UHSebKAXZhHqOu
ZwBsamFzW4G+WPKZRbD3VMsIPXCy/TTUKXeyDOiZFlK/cfKa6M4EY+1S0e5kUpLy
HU/jJyiOcFeCJmUWm6/YMjzOFwJ4fcVmFpcIpLTcbS5H0t6y2tH8FakPpYS4AxS5
ikCGXCKSFC6qbcna21zLwg7oQhx6R4CGda234/xvOCVA4mADg//pxKI0Vb0ZW4zi
JWClGDkEsgWbmQw708Lvu+uJn9JmO/CqcC3n4rkJ/3DcGxxxq85Te6ig+R/Hl75n
4Wom+r893GVMKu88dttUNoYm8QMP9RiZLpcG3pdCtRSBP4VRW40o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org