Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/WDv6xuVu4f3qvw-g9cq9o-Ns6g4.roa
File: WDv6xuVu4f3qvw-g9cq9o-Ns6g4.roa (raw, json)
Hash identifier: NiAk4O8oD5fZm5XcXnaZ+FdQwVzEBGHrMcDOQWqSMSI=
Subject key identifier: 58:3B:FA:C6:E5:6E:E1:FD:EA:BF:0F:A0:F5:CA:BD:A3:E3:6C:EA:0E
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018C19070C50DACA7C5378D4D6426058C69B
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/WDv6xuVu4f3qvw-g9cq9o-Ns6g4.roa
Signing time: Wed 29 Nov 2023 03:02:21 +0000
ROA not before: Wed 29 Nov 2023 03:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.254.0/24 maxlen: 24
91.194.205.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.90.0/24 maxlen: 24
163.171.91.0/24 maxlen: 24
151.249.91.0/24 maxlen: 24
151.249.90.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
163.171.246.0/24 maxlen: 24
163.171.253.0/24 maxlen: 24
163.171.251.0/24 maxlen: 24
163.171.247.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.242.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
148.253.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Nov 2023 02:59:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:19:07:0c:50:da:ca:7c:53:78:d4:d6:42:60:58:c6:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Nov 29 03:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=583bfac6e56ee1fdeabf0fa0f5cabda3e36cea0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a5:d4:15:5e:91:23:00:49:bb:b0:04:d4:87:
06:ce:34:7e:9e:d2:fb:e9:96:40:05:36:8f:4b:02:
25:c6:b8:55:27:0a:37:b0:f8:34:ee:2c:fa:b5:43:
71:66:4b:45:f5:ec:36:94:23:d0:d8:3d:12:40:cd:
7d:3b:01:58:3d:12:81:65:99:14:e1:93:b4:fb:96:
d8:f5:ca:a8:4b:3f:43:53:16:9d:56:55:00:d1:50:
0d:d0:0d:22:7d:a8:71:6d:aa:7f:7f:32:a2:6f:c2:
45:90:a4:d3:72:b8:c5:dc:54:96:27:6f:1f:2e:99:
d1:7a:e1:14:b4:25:19:d7:aa:0c:f2:39:46:b2:f0:
af:96:a8:f3:1c:13:ee:87:37:70:19:c3:77:7b:05:
68:1f:c9:42:13:31:ec:d6:a8:9d:38:58:9e:50:e2:
4d:be:c1:ad:b3:4f:c2:4d:1d:58:e4:1c:04:97:31:
7f:46:68:a2:68:d0:9b:14:3c:8d:f1:69:3c:65:81:
2e:bc:d9:6f:17:51:a4:d9:2d:2b:57:ab:f3:63:1b:
fa:c4:2f:7f:3a:37:39:0e:e8:45:81:7f:5d:1d:5a:
35:ef:9a:00:fe:2c:8e:b4:21:ce:eb:95:b9:98:34:
f3:8b:6e:34:c6:04:32:e0:13:f2:1d:48:90:6a:64:
ce:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:3B:FA:C6:E5:6E:E1:FD:EA:BF:0F:A0:F5:CA:BD:A3:E3:6C:EA:0E
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/WDv6xuVu4f3qvw-g9cq9o-Ns6g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
148.253.239.0-148.253.243.255
148.253.249.0-148.253.250.255
151.249.90.0-151.249.93.255
163.171.77.0/24
163.171.90.0/23
163.171.246.0/23
163.171.251.0/24
163.171.253.0-163.171.254.255
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:59:70:0a:13:14:1b:1e:f4:4e:5a:73:b1:68:a0:c2:79:8d:
a5:c2:46:3b:73:69:f3:af:72:44:f7:94:e9:e1:06:ab:31:ea:
df:b1:86:5f:b7:7b:8f:eb:40:53:4f:a6:7b:c3:d7:05:4a:02:
c5:f7:71:cc:79:46:86:d9:f5:e0:a6:6f:2a:2a:05:4c:46:9c:
3a:46:2c:93:67:fc:b0:e9:3f:1f:a6:8c:b6:81:49:69:a8:13:
63:dc:d8:41:16:57:35:95:f1:d7:cd:cd:75:57:ab:3b:55:b0:
b4:6b:d5:0a:31:56:d5:36:4b:35:2b:64:69:10:7f:8e:cd:f7:
10:a2:99:9b:11:9b:38:28:40:b9:b6:cc:e0:03:82:d3:9d:71:
47:c8:5d:1f:3e:88:66:bc:80:2d:81:4f:f9:a1:3d:c1:d6:7a:
cd:84:59:1f:4f:c8:27:88:64:8a:59:2d:9d:b6:25:c3:05:36:
14:87:87:56:72:70:5d:2c:94:29:53:7a:15:b1:a3:c6:c9:ec:
b2:64:ff:f5:96:78:f1:16:63:48:c8:76:9f:49:5b:7c:f8:c1:
f7:ed:dd:70:36:c3:73:20:fa:ff:f3:f7:e7:a5:9a:8f:0b:11:
66:2c:5f:10:cf:80:aa:25:07:97:bc:0f:cc:81:45:72:b6:42:
c7:45:52:b3
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYwZBwxQ2sp8U3jU1kJgWMabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMxMTI5MDMwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODNiZmFjNmU1NmVlMWZkZWFiZjBmYTBmNWNhYmRhM2UzNmNlYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaXUFV6RIwBJu7AE1IcGzjR+ntL7
6ZZABTaPSwIlxrhVJwo3sPg07iz6tUNxZktF9ew2lCPQ2D0SQM19OwFYPRKBZZkU
4ZO0+5bY9cqoSz9DUxadVlUA0VAN0A0ifahxbap/fzKib8JFkKTTcrjF3FSWJ28f
LpnReuEUtCUZ16oM8jlGsvCvlqjzHBPuhzdwGcN3ewVoH8lCEzHs1qidOFieUOJN
vsGts0/CTR1Y5BwElzF/RmiiaNCbFDyN8Wk8ZYEuvNlvF1Gk2S0rV6vzYxv6xC9/
Ojc5DuhFgX9dHVo175oA/iyOtCHO65W5mDTzi240xgQy4BPyHUiQamTOJwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFFg7+sblbuH96r8PoPXKvaPjbOoOMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvV0R2Nnh1VnU0ZjNxdnctZzljcTlvLU5zNmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAW8LNAwQA
W8rIMAwDBACU/e8DBAKU/fAwDAMEAJT9+QMEAJT9+jAMAwQBl/laAwQBl/lcAwQA
o6tNAwQBo6taAwQBo6v2AwQAo6v7MAwDBACjq/0DBACjq/4DBAC5G+QwDQYJKoZI
hvcNAQELBQADggEBAAxZcAoTFBse9E5ac7FooMJ5jaXCRjtzafOvckT3lOnhBqsx
6t+xhl+3e4/rQFNPpnvD1wVKAsX3ccx5RobZ9eCmbyoqBUxGnDpGLJNn/LDpPx+m
jLaBSWmoE2Pc2EEWVzWV8dfNzXVXqztVsLRr1QoxVtU2SzUrZGkQf47N9xCimZsR
mzgoQLm2zOADgtOdcUfIXR8+iGa8gC2BT/mhPcHWes2EWR9PyCeIZIpZLZ22JcMF
NhSHh1ZycF0slClTehWxo8bJ7LJk//WWePEWY0jIdp9JW3z4wfft3XA2w3Mg+v/z
9+elmo8LEWYsXxDPgKolB5e8D8yBRXK2QsdFUrM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org