Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/QB4py0OBFSg-1c5VJ1cD4OdMDaI.roa
File: QB4py0OBFSg-1c5VJ1cD4OdMDaI.roa (raw, json)
Hash identifier: Pn4th1NY1tn6RgSLkF9rUFIH36QqAdXJbcdmDkWFqzs=
Subject key identifier: 40:1E:29:CB:43:81:15:28:3E:D5:CE:55:27:57:03:E0:E7:4C:0D:A2
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018DF9416380F9350233DA1C497E98F1D58F
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/QB4py0OBFSg-1c5VJ1cD4OdMDaI.roa
Signing time: Fri 01 Mar 2024 09:03:48 +0000
ROA not before: Fri 01 Mar 2024 09:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204720
IP address blocks: 148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 09:03:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:41:63:80:f9:35:02:33:da:1c:49:7e:98:f1:d5:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 1 09:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=401e29cb438115283ed5ce55275703e0e74c0da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e1:d6:d7:aa:f4:c9:ac:18:f0:bd:b5:aa:2b:
2f:56:81:f7:d1:69:cb:86:3d:a6:ad:95:52:f1:47:
48:fc:10:21:f2:89:19:c3:1b:ab:5c:83:be:c7:7f:
d9:a8:9c:be:b9:43:4b:36:0d:d7:22:63:6d:4f:41:
05:d9:fd:99:7f:8d:98:da:29:45:71:ad:e8:3c:f0:
18:e7:08:8c:60:69:41:c3:f5:b8:05:0e:f8:27:a3:
32:fb:31:70:69:0b:65:33:f8:b2:0d:ee:c8:15:0a:
41:2a:70:ca:0f:71:b2:a4:57:e7:20:f7:12:33:f5:
e5:96:39:07:29:26:49:34:ba:19:5e:f1:0f:7d:c3:
16:82:2b:8f:f1:04:2a:26:07:e0:0e:52:34:35:16:
c6:e8:bf:ff:ce:41:ce:5e:14:b4:6a:c2:bf:87:61:
82:3e:8f:77:5e:92:39:ef:d2:d6:ed:5f:54:8c:49:
20:7f:1f:71:2d:3a:d0:cc:73:f8:d5:de:ac:d4:78:
df:c2:4d:80:3e:7a:65:75:98:5f:ea:18:74:10:9d:
51:a4:3e:8f:a0:96:87:cd:8c:c6:1d:f8:4b:47:a0:
2c:d4:fd:85:e1:2c:a8:e5:75:b5:53:a2:cf:26:b1:
b2:c7:64:92:82:e9:3b:aa:39:02:d2:a4:9c:f8:b6:
f2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:1E:29:CB:43:81:15:28:3E:D5:CE:55:27:57:03:E0:E7:4C:0D:A2
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/QB4py0OBFSg-1c5VJ1cD4OdMDaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.60.0/22
163.171.153.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:8b:f6:5f:00:bb:f8:e2:bc:7c:e5:0e:53:73:63:bd:bd:00:
e4:e0:a9:b1:98:33:a2:ce:3a:d3:59:9e:ed:33:7e:bc:1d:97:
b5:8f:5f:75:f9:f8:83:50:30:2a:d1:da:eb:8c:52:55:88:9c:
76:59:ba:fd:e9:f5:03:93:4b:21:7b:c8:32:d0:c0:15:27:60:
6e:a6:b7:4c:b7:4e:25:d8:c7:f3:7b:e9:a5:60:21:09:e4:aa:
4d:d7:86:dc:35:0c:6c:98:fd:9f:b7:ca:ab:fd:8a:dd:36:9a:
49:c2:69:17:dc:91:af:33:02:ca:11:aa:56:03:50:67:c9:ea:
39:86:a9:2c:54:ef:6e:41:79:1f:81:1e:36:0e:d7:c9:43:77:
08:af:f6:f7:23:1c:fc:eb:43:81:83:57:ea:3c:ff:4a:3f:93:
84:38:13:17:fe:0f:83:fb:71:b1:fe:9b:09:9a:38:63:a6:4b:
18:58:d4:66:89:4c:94:6e:74:4f:bd:4d:60:b2:53:89:3f:3f:
c9:26:f6:9c:15:6f:b5:1b:45:98:c1:7f:b5:be:ca:1e:29:1b:
9a:3a:98:e7:fe:69:e4:5f:09:ec:77:1b:22:b7:1e:e7:08:3c:
e2:ad:bf:fe:a2:4c:1f:8a:80:c4:96:b5:9b:5e:a7:95:3f:65:
21:5e:82:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY35QWOA+TUCM9ocSX6Y8dWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMzAxMDkwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDFlMjljYjQzODExNTI4M2VkNWNlNTUyNzU3MDNlMGU3NGMwZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseHW16r0yawY8L21qisvVoH30WnL
hj2mrZVS8UdI/BAh8okZwxurXIO+x3/ZqJy+uUNLNg3XImNtT0EF2f2Zf42Y2ilF
ca3oPPAY5wiMYGlBw/W4BQ74J6My+zFwaQtlM/iyDe7IFQpBKnDKD3GypFfnIPcS
M/XlljkHKSZJNLoZXvEPfcMWgiuP8QQqJgfgDlI0NRbG6L//zkHOXhS0asK/h2GC
Po93XpI579LW7V9UjEkgfx9xLTrQzHP41d6s1Hjfwk2APnpldZhf6hh0EJ1RpD6P
oJaHzYzGHfhLR6As1P2F4Syo5XW1U6LPJrGyx2SSguk7qjkC0qSc+LbybwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEAeKctDgRUoPtXOVSdXA+DnTA2iMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvUUI0cHkwT0JGU2ctMWM1VkoxY0Q0T2RNRGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQClP08AwQA
o6uZMA0GCSqGSIb3DQEBCwUAA4IBAQBdi/ZfALv44rx85Q5Tc2O9vQDk4KmxmDOi
zjrTWZ7tM368HZe1j191+fiDUDAq0drrjFJViJx2Wbr96fUDk0she8gy0MAVJ2Bu
prdMt04l2Mfze+mlYCEJ5KpN14bcNQxsmP2ft8qr/YrdNppJwmkX3JGvMwLKEapW
A1Bnyeo5hqksVO9uQXkfgR42DtfJQ3cIr/b3Ixz860OBg1fqPP9KP5OEOBMX/g+D
+3Gx/psJmjhjpksYWNRmiUyUbnRPvU1gslOJPz/JJvacFW+1G0WYwX+1vsoeKRua
Opjn/mnkXwnsdxsitx7nCDzirb/+okwfioDElrWbXqeVP2UhXoJD
-----END CERTIFICATE-----
Generated at Thu Oct 10 12:45:06 2024 by rpki-client on console-fra.rpki-client.org