Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/SXVNw2tHGp8FFJXszpUMFxTiRgw.roa
File: SXVNw2tHGp8FFJXszpUMFxTiRgw.roa (raw, json)
Hash identifier: VWDoC95qVMp/DJxCt1L6lcEUHifwbwO3T1pS2rFe5FQ=
Subject key identifier: 49:75:4D:C3:6B:47:1A:9F:05:14:95:EC:CE:95:0C:17:14:E2:46:0C
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 01876E5E8A2910F25407D2B5B24F6ADF7B9D
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/SXVNw2tHGp8FFJXszpUMFxTiRgw.roa
Signing time: Tue 11 Apr 2023 03:31:42 +0000
ROA not before: Tue 11 Apr 2023 03:31:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.77.0/24 maxlen: 24
163.171.90.0/24 maxlen: 24
163.171.91.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.242.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
148.253.250.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 07:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6e:5e:8a:29:10:f2:54:07:d2:b5:b2:4f:6a:df:7b:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Apr 11 03:31:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49754dc36b471a9f051495ecce950c1714e2460c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:35:c8:aa:39:31:d0:43:45:b5:0e:53:c9:00:
3c:da:81:10:90:17:b6:60:e4:60:22:a0:3e:0d:99:
97:b5:e9:10:91:87:07:78:3e:ed:23:49:92:3f:c5:
22:96:b5:0a:9f:33:ef:a0:72:90:bf:08:7d:73:c7:
26:9a:9b:70:4f:9b:6b:80:87:a4:50:e4:de:34:44:
e6:ef:4d:0a:4e:1d:7a:2b:8e:c6:5f:8d:2d:78:fc:
c3:73:b1:49:b7:ed:7f:ed:f8:da:5b:24:3b:de:e4:
9c:ff:96:00:2f:f5:e7:75:c7:a0:99:09:4e:66:c5:
10:90:82:16:0a:be:c0:01:87:99:88:9d:40:7f:9b:
4e:f1:51:f6:a9:d1:5b:dd:51:ae:22:06:a8:9c:b2:
5d:7e:95:34:70:07:0a:8e:c3:3c:d9:1c:e6:7f:a0:
10:f5:72:dc:fd:60:87:1f:b1:9b:8a:5e:6b:c9:61:
c2:e8:62:c4:e9:b2:bb:43:18:33:78:eb:df:95:2e:
c9:65:36:61:3b:cd:d9:42:23:55:21:78:ae:9c:05:
cd:a2:7f:06:65:9e:2b:4c:fc:b2:93:c6:4d:0b:6c:
71:ec:f6:b0:74:9e:3d:1a:91:61:57:d4:8d:67:24:
09:06:ec:c8:3c:54:d6:ef:74:ee:f0:59:a9:4b:73:
8c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:75:4D:C3:6B:47:1A:9F:05:14:95:EC:CE:95:0C:17:14:E2:46:0C
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/SXVNw2tHGp8FFJXszpUMFxTiRgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.239.0-148.253.243.255
148.253.249.0-148.253.250.255
163.171.77.0/24
163.171.90.0/23
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:1d:ed:f1:08:04:ad:db:26:d0:13:5e:51:18:69:c1:ee:05:
73:8c:08:f4:37:17:d7:35:35:2c:cb:69:ae:b4:08:19:d3:33:
38:f1:5a:62:6a:e3:1d:37:9c:ba:d0:55:c4:c0:87:f5:ab:71:
24:4e:44:f9:23:03:a2:b0:41:61:e5:1b:33:35:2f:98:d2:3f:
b6:f3:aa:1a:93:a3:cd:03:78:a1:3d:b5:5d:f0:3b:c5:a2:7f:
08:bf:ce:4a:b0:a0:0d:51:a6:51:23:dc:a6:cd:45:fc:e0:57:
8f:88:4f:6f:eb:09:f8:e7:d7:73:7b:5c:0d:e9:cf:dc:93:b3:
f2:71:92:cc:64:8d:84:ce:a2:6e:ec:e2:c2:9d:1b:e6:0c:cf:
24:49:e2:d7:ae:e2:fd:51:65:69:35:4a:2e:e8:a9:21:0b:d3:
50:29:05:12:b2:47:5f:90:0c:75:cc:90:cd:e3:93:17:0d:a5:
e7:f1:0f:21:cb:77:42:42:66:9b:b1:69:4a:60:d2:6c:d4:b6:
7e:02:67:1e:2d:b8:4d:d6:8d:e2:00:24:2c:b9:f1:3e:da:10:
9f:dc:40:26:59:e8:c5:d6:90:9e:7c:f7:02:74:0a:e5:c2:40:
16:c1:4b:87:b6:ce:ea:56:43:db:ca:9a:16:25:4d:53:71:d4:
6f:8c:d1:1c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYduXoopEPJUB9K1sk9q33udMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwNDExMDMzMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTc1NGRjMzZiNDcxYTlmMDUxNDk1ZWNjZTk1MGMxNzE0ZTI0NjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjXIqjkx0ENFtQ5TyQA82oEQkBe2
YORgIqA+DZmXtekQkYcHeD7tI0mSP8UilrUKnzPvoHKQvwh9c8cmmptwT5trgIek
UOTeNETm700KTh16K47GX40tePzDc7FJt+1/7fjaWyQ73uSc/5YAL/XndcegmQlO
ZsUQkIIWCr7AAYeZiJ1Af5tO8VH2qdFb3VGuIgaonLJdfpU0cAcKjsM82Rzmf6AQ
9XLc/WCHH7Gbil5ryWHC6GLE6bK7QxgzeOvflS7JZTZhO83ZQiNVIXiunAXNon8G
ZZ4rTPyyk8ZNC2xx7PawdJ49GpFhV9SNZyQJBuzIPFTW73Tu8FmpS3OM+wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEl1TcNrRxqfBRSV7M6VDBcU4kYMMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvU1hWTncydEhHcDhGRkpYc3pwVU1GeFRpUmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBACU/e8D
BAKU/fAwDAMEAJT9+QMEAJT9+gMEAKOrTQMEAaOrWgMEALkb5DANBgkqhkiG9w0B
AQsFAAOCAQEAbx3t8QgErdsm0BNeURhpwe4Fc4wI9DcX1zU1LMtprrQIGdMzOPFa
YmrjHTecutBVxMCH9atxJE5E+SMDorBBYeUbMzUvmNI/tvOqGpOjzQN4oT21XfA7
xaJ/CL/OSrCgDVGmUSPcps1F/OBXj4hPb+sJ+OfXc3tcDenP3JOz8nGSzGSNhM6i
buziwp0b5gzPJEni167i/VFlaTVKLuipIQvTUCkFErJHX5AMdcyQzeOTFw2l5/EP
Ict3QkJmm7FpSmDSbNS2fgJnHi24TdaN4gAkLLnxPtoQn9xAJlnoxdaQnnz3AnQK
5cJAFsFLh7bO6lZD28qaFiVNU3HUb4zRHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org