Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/QOSezl5Y9UcF8XpNxS1Mk0-re7U.roa
File: QOSezl5Y9UcF8XpNxS1Mk0-re7U.roa (raw, json)
Hash identifier: onyFWlY6jmWYcUo19qcCJi22zCo+7PN1fVu3dPl3adA=
Subject key identifier: 40:E4:9E:CE:5E:58:F5:47:05:F1:7A:4D:C5:2D:4C:93:4F:AB:7B:B5
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018736A00DF764D6C189897A113DAEADD331
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/QOSezl5Y9UcF8XpNxS1Mk0-re7U.roa
Signing time: Fri 31 Mar 2023 07:44:31 +0000
ROA not before: Fri 31 Mar 2023 07:44:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.77.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.242.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Apr 2023 01:43:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:36:a0:0d:f7:64:d6:c1:89:89:7a:11:3d:ae:ad:d3:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 31 07:44:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e49ece5e58f54705f17a4dc52d4c934fab7bb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b0:ea:37:12:1c:69:24:f5:2b:d0:07:1e:8d:
3b:9a:c5:03:80:78:15:f8:d7:88:f4:99:b9:9d:90:
69:85:d1:c4:ac:9e:91:cd:48:51:89:b9:d9:1c:53:
a0:17:0f:fe:3f:ed:72:90:18:7f:70:c8:40:70:9f:
97:34:4b:ef:ac:d5:b7:01:96:7a:10:b4:3b:51:7e:
71:39:04:1e:13:2b:d1:2c:3d:4b:a0:29:61:1e:a2:
aa:78:3c:53:04:e9:fd:63:cd:99:e7:52:46:3a:8a:
30:2f:e0:a8:3c:7a:e3:d0:59:e4:d6:58:ab:6f:c6:
02:55:3e:8e:45:45:8c:a3:46:f8:1e:99:59:5e:79:
f0:f2:30:b7:5b:ee:b4:ee:3b:b1:8a:9d:0d:b3:31:
28:35:45:92:68:1c:4c:90:dc:66:5b:cd:4a:39:c3:
0c:8b:73:d2:07:72:7e:ae:51:90:12:49:92:3b:03:
f4:53:71:1d:0f:9b:cb:80:e6:cf:fb:9a:7b:8d:c0:
70:d2:78:23:66:e3:cc:33:5a:cd:8f:17:d4:45:2f:
b3:46:fc:8f:85:b8:8c:e9:a5:4a:49:da:21:7d:ad:
55:f0:a5:75:6c:da:fa:66:8a:17:73:00:3d:58:55:
22:ae:e9:58:ff:e4:6c:84:15:fe:f8:3f:14:0b:33:
24:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E4:9E:CE:5E:58:F5:47:05:F1:7A:4D:C5:2D:4C:93:4F:AB:7B:B5
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/QOSezl5Y9UcF8XpNxS1Mk0-re7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.239.0-148.253.243.255
148.253.249.0/24
163.171.77.0/24
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
67:f0:f9:11:e6:b1:15:ae:41:79:0f:0e:fb:2a:ed:7c:cf:45:
49:76:fa:7e:bc:14:ba:05:9e:fe:8f:da:3e:4a:7b:fd:5d:d1:
3d:48:3b:56:e4:fe:11:1c:22:87:71:a3:4d:5a:99:87:db:cf:
34:8f:26:31:93:ce:d0:1f:ec:da:ad:7e:ff:c3:07:fb:d0:38:
18:4b:3f:8f:3e:e9:cc:36:de:05:ad:6f:3a:da:c9:87:6b:60:
ac:b3:9f:a7:41:eb:75:4e:07:43:f1:3d:07:d7:51:4d:16:68:
01:47:c6:c6:46:74:24:9d:0e:63:20:b0:03:0f:da:43:14:1e:
ff:9e:86:e2:d3:49:f8:1b:be:f2:ce:00:76:ae:7c:23:33:b6:
d4:37:ce:3a:1f:7c:66:a0:1d:09:40:1f:15:97:52:b8:03:d3:
1d:b0:f2:e2:00:21:ea:1d:75:9e:39:c4:30:50:ca:08:7c:bd:
34:ec:d5:75:f6:6d:a7:84:fd:ea:8b:c7:80:b9:3f:c5:5f:ae:
1d:5a:c1:fc:98:5d:09:6a:f5:0a:d9:e8:1f:11:da:c4:22:27:
69:da:10:d1:06:dd:3a:e6:b4:73:fd:ab:bd:b5:e3:35:3f:36:
e4:b7:3b:fb:87:ae:7e:16:f6:a2:c3:00:7d:1c:7c:5d:8e:dc:
09:a5:1e:fe
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYc2oA33ZNbBiYl6ET2urdMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwMzMxMDc0NDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU0OWVjZTVlNThmNTQ3MDVmMTdhNGRjNTJkNGM5MzRmYWI3YmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7DqNxIcaST1K9AHHo07msUDgHgV
+NeI9Jm5nZBphdHErJ6RzUhRibnZHFOgFw/+P+1ykBh/cMhAcJ+XNEvvrNW3AZZ6
ELQ7UX5xOQQeEyvRLD1LoClhHqKqeDxTBOn9Y82Z51JGOoowL+CoPHrj0Fnk1lir
b8YCVT6ORUWMo0b4HplZXnnw8jC3W+607juxip0NszEoNUWSaBxMkNxmW81KOcMM
i3PSB3J+rlGQEkmSOwP0U3EdD5vLgObP+5p7jcBw0ngjZuPMM1rNjxfURS+zRvyP
hbiM6aVKSdohfa1V8KV1bNr6ZooXcwA9WFUirulY/+RshBX++D8UCzMkmQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEDkns5eWPVHBfF6TcUtTJNPq3u1MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvUU9TZXpsNVk5VWNGOFhwTnhTMU1rMC1yZTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBACU/e8D
BAKU/fADBACU/fkDBACjq00DBAC5G+QwDQYJKoZIhvcNAQELBQADggEBAGfw+RHm
sRWuQXkPDvsq7XzPRUl2+n68FLoFnv6P2j5Ke/1d0T1IO1bk/hEcIodxo01amYfb
zzSPJjGTztAf7Nqtfv/DB/vQOBhLP48+6cw23gWtbzrayYdrYKyzn6dB63VOB0Px
PQfXUU0WaAFHxsZGdCSdDmMgsAMP2kMUHv+ehuLTSfgbvvLOAHaufCMzttQ3zjof
fGagHQlAHxWXUrgD0x2w8uIAIeoddZ45xDBQygh8vTTs1XX2baeE/eqLx4C5P8Vf
rh1awfyYXQlq9QrZ6B8R2sQiJ2naENEG3TrmtHP9q7214zU/NuS3O/uHrn4W9qLD
AH0cfF2O3AmlHv4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org