Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/RvKZnhKZMzJpB7L8vZSYSKChsp8.roa
File: RvKZnhKZMzJpB7L8vZSYSKChsp8.roa (raw, json)
Hash identifier: MizOXRSBNqHrqPy7TUeD7wq1ZptUzFzuXjlSjYi6/Ww=
Subject key identifier: 46:F2:99:9E:12:99:33:32:69:07:B2:FC:BD:94:98:48:A0:A1:B2:9F
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 019006E38DD8AF210AD96CEF6FC5911880B5
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/RvKZnhKZMzJpB7L8vZSYSKChsp8.roa
Signing time: Tue 11 Jun 2024 10:41:34 +0000
ROA not before: Tue 11 Jun 2024 10:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Oct 2024 07:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:e3:8d:d8:af:21:0a:d9:6c:ef:6f:c5:91:18:80:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jun 11 10:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46f2999e129933326907b2fcbd949848a0a1b29f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5c:0e:d6:b2:87:ee:f1:1b:6d:1a:9e:6c:13:
52:ac:c6:6c:fa:43:2b:48:26:f8:79:cc:7b:a6:78:
d5:d4:72:bf:6f:3e:64:af:e5:b5:9d:95:b4:bf:03:
37:e3:b9:c8:d7:aa:e9:fd:44:cd:58:4d:57:7a:74:
f4:bf:95:51:f8:29:1d:93:e7:90:97:d6:26:25:56:
e9:cf:34:12:e1:65:21:bc:e3:b7:66:8c:3e:de:99:
77:b1:e9:dd:40:61:aa:7d:ae:db:d1:e8:8b:de:40:
fc:cc:e9:9a:dd:8e:5e:b4:16:2c:11:72:51:31:5b:
09:de:a2:d3:03:46:f4:4c:f7:fe:8f:51:fd:cc:b2:
b4:dc:42:39:6b:70:c4:62:ee:f8:7f:1b:10:0e:33:
66:6f:40:3f:f2:54:06:1b:b1:93:36:54:29:05:f6:
56:86:10:9b:77:65:37:02:66:49:20:65:49:a1:a5:
77:95:68:57:b0:77:95:c4:92:a4:f6:22:b1:cb:d1:
85:9e:51:b0:e4:fb:50:ec:11:62:9f:ad:3e:ce:b4:
df:26:3b:69:98:6c:45:92:69:33:6f:d2:5c:e1:18:
51:e8:17:92:38:a5:be:e5:28:8b:b8:cc:0b:65:7a:
f9:13:20:80:6e:93:50:3e:d7:a1:1f:65:0e:b3:3a:
e9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F2:99:9E:12:99:33:32:69:07:B2:FC:BD:94:98:48:A0:A1:B2:9F
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/RvKZnhKZMzJpB7L8vZSYSKChsp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.126.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
08:e1:1a:00:70:5f:1d:c1:b8:8b:52:b9:2d:ac:a4:dd:24:97:
23:be:59:45:f6:a8:29:2c:92:78:4f:04:04:0d:71:92:0c:a5:
ec:e7:10:4c:92:55:93:0a:99:c4:a2:8c:3e:1e:f5:eb:f4:8a:
d2:2d:49:0c:c8:c5:90:2f:62:78:63:25:98:97:7d:70:c5:7b:
ff:7a:68:7e:9c:35:c7:5d:bc:78:ec:b7:26:88:b0:4a:0f:00:
62:ca:be:a2:5d:2c:2c:17:04:51:2d:22:95:e4:ad:e3:5f:c5:
88:f6:51:bb:04:be:33:83:6f:04:f4:be:97:c0:a5:e7:0c:77:
4f:b4:ee:df:d0:75:3a:c8:59:6a:81:8b:92:cd:90:6b:db:15:
5e:db:c0:be:94:53:a4:62:d7:24:4f:af:f3:7e:84:50:cc:a5:
56:f9:e8:c1:dd:77:05:69:0d:06:4b:91:76:65:66:ed:5a:10:
1e:07:15:fa:0d:b2:30:7f:6a:0e:24:3d:4e:96:99:9c:52:1c:
20:49:d3:12:28:8e:2a:a5:37:bc:6e:b7:d3:aa:77:73:25:93:
7b:0e:4f:03:21:b3:8e:02:c1:cb:0c:c0:98:02:8a:82:6c:4f:
11:ec:b7:4a:41:97:6b:db:38:f1:aa:10:af:7b:24:64:ac:f7:
0a:d5:a3:cf
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgISAZAG443YryEK2Wzvb8WRGIC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwNjExMTA0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmYyOTk5ZTEyOTkzMzMyNjkwN2IyZmNiZDk0OTg0OGEwYTFiMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVwO1rKH7vEbbRqebBNSrMZs+kMr
SCb4ecx7pnjV1HK/bz5kr+W1nZW0vwM347nI16rp/UTNWE1XenT0v5VR+Ckdk+eQ
l9YmJVbpzzQS4WUhvOO3Zow+3pl3sendQGGqfa7b0eiL3kD8zOma3Y5etBYsEXJR
MVsJ3qLTA0b0TPf+j1H9zLK03EI5a3DEYu74fxsQDjNmb0A/8lQGG7GTNlQpBfZW
hhCbd2U3AmZJIGVJoaV3lWhXsHeVxJKk9iKxy9GFnlGw5PtQ7BFin60+zrTfJjtp
mGxFkmkzb9Jc4RhR6BeSOKW+5SiLuMwLZXr5EyCAbpNQPtehH2UOszrp7QIDAQAB
o4IDAjCCAv4wHQYDVR0OBBYEFEbymZ4SmTMyaQey/L2UmEigobKfMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvUnZLWm5oS1pNekpwQjdMOHZaU1lTS0Noc3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFgYIKwYBBQUHAQcBAf8EggEFMIIBATCB7QQCAAEwgeYD
BABbws0DBABbysgDBABdvIcDBACU/SIDBACU/SQDBAGU/eQwDAMEAJT95wMEApT9
6AMEAJT97QMEAJT97wMEAJT99gMEAJT9+DAMAwQCl/lcAwQAl/leAwQAo6tAAwQA
o6tDAwQBo6tGAwQBo6tUAwQAo6tXAwQAo6teMAwDBAWjq2ADBACjq2IwDAMEAKOr
ZQMEAKOraAMEAKOrfgMEAKOrpgMEAaOrsAMEAKOrtgMEAKOrvAMEAKOrxgMEAKOr
zwMEAKOr3gMEAaOr4AMEAKOr5wMEAKOr+QMEAKOr/AMEAMJrEzAPBAIAAjAJAwcA
KgFTwP/GMA0GCSqGSIb3DQEBCwUAA4IBAQAI4RoAcF8dwbiLUrktrKTdJJcjvllF
9qgpLJJ4TwQEDXGSDKXs5xBMklWTCpnEoow+HvXr9IrSLUkMyMWQL2J4YyWYl31w
xXv/emh+nDXHXbx47LcmiLBKDwBiyr6iXSwsFwRRLSKV5K3jX8WI9lG7BL4zg28E
9L6XwKXnDHdPtO7f0HU6yFlqgYuSzZBr2xVe28C+lFOkYtckT6/zfoRQzKVW+ejB
3XcFaQ0GS5F2ZWbtWhAeBxX6DbIwf2oOJD1OlpmcUhwgSdMSKI4qpTe8brfTqndz
JZN7Dk8DIbOOAsHLDMCYAoqCbE8R7LdKQZdr2zjxqhCveyRkrPcK1aPP
-----END CERTIFICATE-----
Generated at Mon Oct 14 09:30:35 2024 by rpki-client on console-fra.rpki-client.org