Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/MrIPV7I2HWCvNqN_eUKRD0qVhr0.roa
File: MrIPV7I2HWCvNqN_eUKRD0qVhr0.roa (raw, json)
Hash identifier: OKF8v8HqT+8QYk8f40WNugh+etpsTpDAKfcEqQBp/2E=
Subject key identifier: 32:B2:0F:57:B2:36:1D:60:AF:36:A3:7F:79:42:91:0F:4A:95:86:BD
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 01872BF06CCAF1EDAA9086C50D200EA3DF25
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/MrIPV7I2HWCvNqN_eUKRD0qVhr0.roa
Signing time: Wed 29 Mar 2023 05:56:29 +0000
ROA not before: Wed 29 Mar 2023 05:56:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.77.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Mar 2023 07:44:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2b:f0:6c:ca:f1:ed:aa:90:86:c5:0d:20:0e:a3:df:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 29 05:56:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32b20f57b2361d60af36a37f7942910f4a9586bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b2:20:9f:e0:9b:c5:14:a3:dd:48:45:f7:d8:
ec:76:88:2e:9c:f1:ef:d6:24:13:2b:45:d6:a5:9b:
6a:97:aa:28:18:a6:18:72:ea:eb:e0:b4:0d:7e:bd:
62:cf:22:bc:64:3b:48:b7:4f:5c:13:b3:4b:f8:0d:
f7:8e:af:78:31:73:71:48:39:3d:4b:23:f1:8c:fd:
94:71:d9:a9:7f:72:93:86:39:b0:e3:ee:4d:70:20:
c3:99:17:51:5b:e1:da:e4:75:b8:f3:80:7b:1e:0b:
d1:27:48:8f:40:a2:57:e4:9a:81:d0:ce:c3:dc:9b:
41:dd:82:01:a8:a3:4b:26:54:c1:4f:a5:5a:bf:74:
1c:d0:78:7c:d3:a0:8c:77:29:cf:d3:9c:a5:e1:0d:
f8:7e:b2:25:0e:56:d4:9b:72:8c:30:ab:61:12:03:
4e:59:2e:e1:96:62:8e:d5:59:7c:9f:65:09:f6:80:
36:d9:3a:ed:8d:a0:30:8a:21:16:ae:85:5d:c7:c6:
1f:35:dd:10:75:16:de:55:c6:1d:15:78:ae:17:ac:
15:b3:14:85:d0:bc:37:fe:02:8a:92:bc:ff:22:61:
9d:7f:b1:c9:c7:ac:b9:66:17:58:56:60:48:f3:5e:
39:a6:3b:98:3d:43:37:08:eb:01:94:d8:76:ba:96:
82:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B2:0F:57:B2:36:1D:60:AF:36:A3:7F:79:42:91:0F:4A:95:86:BD
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/MrIPV7I2HWCvNqN_eUKRD0qVhr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.239.0-148.253.241.255
148.253.243.0/24
148.253.249.0/24
163.171.77.0/24
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:33:3f:db:c4:de:c1:21:b4:53:b6:b0:63:2e:a6:15:44:c4:
c2:58:2e:be:46:6f:1c:75:05:8f:d3:50:50:d3:7e:df:43:80:
fa:81:3b:e5:2d:0c:dd:71:ee:08:3e:fd:50:aa:4b:60:ba:91:
52:ad:7e:7e:4a:ab:78:2d:e2:8f:d9:72:3f:b8:c3:c9:db:b1:
ed:24:ee:ad:0d:27:e0:ee:fa:18:e2:70:70:47:09:05:f3:25:
02:f2:21:c4:50:91:4a:9e:11:69:15:56:f5:c3:4e:98:95:51:
c8:51:79:7c:11:e9:7e:0f:95:31:00:68:c0:93:db:58:38:af:
f3:6a:e9:07:6e:14:fe:59:da:2b:9f:c2:04:38:58:38:4e:38:
74:b1:3f:ea:bc:4f:39:be:77:16:87:11:1d:f2:e3:59:1d:2b:
49:09:7f:ed:3b:ff:40:51:7a:2d:92:79:bb:e7:db:cb:21:ea:
7b:6e:8c:fe:4d:f0:7f:c9:27:a5:c3:38:13:cb:1e:b2:3a:23:
0e:d9:26:c9:77:32:66:20:4b:0b:a0:c6:6c:ef:a5:a6:76:20:
e5:51:2e:fa:17:b2:d1:86:28:e7:3c:b7:04:83:0f:d5:b9:4d:
5b:26:32:da:7a:c1:f0:8f:fd:dd:fb:c4:41:c7:d3:31:5d:13:
ba:aa:39:dd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYcr8GzK8e2qkIbFDSAOo98lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwMzI5MDU1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmIyMGY1N2IyMzYxZDYwYWYzNmEzN2Y3OTQyOTEwZjRhOTU4NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibIgn+CbxRSj3UhF99jsdogunPHv
1iQTK0XWpZtql6ooGKYYcurr4LQNfr1izyK8ZDtIt09cE7NL+A33jq94MXNxSDk9
SyPxjP2Ucdmpf3KThjmw4+5NcCDDmRdRW+Ha5HW484B7HgvRJ0iPQKJX5JqB0M7D
3JtB3YIBqKNLJlTBT6Vav3Qc0Hh806CMdynP05yl4Q34frIlDlbUm3KMMKthEgNO
WS7hlmKO1Vl8n2UJ9oA22TrtjaAwiiEWroVdx8YfNd0QdRbeVcYdFXiuF6wVsxSF
0Lw3/gKKkrz/ImGdf7HJx6y5ZhdYVmBI8145pjuYPUM3COsBlNh2upaC2wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDKyD1eyNh1grzajf3lCkQ9KlYa9MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvTXJJUFY3STJIV0N2TnFOX2VVS1JEMHFWaHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBACU/e8D
BAGU/fADBACU/fMDBACU/fkDBACjq00DBAC5G+QwDQYJKoZIhvcNAQELBQADggEB
AMszP9vE3sEhtFO2sGMuphVExMJYLr5Gbxx1BY/TUFDTft9DgPqBO+UtDN1x7gg+
/VCqS2C6kVKtfn5Kq3gt4o/Zcj+4w8nbse0k7q0NJ+Du+hjicHBHCQXzJQLyIcRQ
kUqeEWkVVvXDTpiVUchReXwR6X4PlTEAaMCT21g4r/Nq6QduFP5Z2iufwgQ4WDhO
OHSxP+q8Tzm+dxaHER3y41kdK0kJf+07/0BRei2Sebvn28sh6ntujP5N8H/JJ6XD
OBPLHrI6Iw7ZJsl3MmYgSwugxmzvpaZ2IOVRLvoXstGGKOc8twSDD9W5TVsmMtp6
wfCP/d37xEHH0zFdE7qqOd0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org