Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/XVj_MIcIvC9vO4xV1Oh6qhNlcwo.roa
File: XVj_MIcIvC9vO4xV1Oh6qhNlcwo.roa (raw, json)
Hash identifier: efH9LzKafq2UYJ2YONNVKhpKKmgcO7f0ptcHdx2M7tI=
Subject key identifier: 5D:58:FF:30:87:08:BC:2F:6F:3B:8C:55:D4:E8:7A:AA:13:65:73:0A
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0186BEE76282E017E5564CAFD4193233FC53
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/XVj_MIcIvC9vO4xV1Oh6qhNlcwo.roa
Signing time: Wed 08 Mar 2023 01:48:00 +0000
ROA not before: Wed 08 Mar 2023 01:48:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.77.0/24 maxlen: 24
163.171.89.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Mar 2023 06:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:be:e7:62:82:e0:17:e5:56:4c:af:d4:19:32:33:fc:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 8 01:48:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d58ff308708bc2f6f3b8c55d4e87aaa1365730a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1a:d3:71:67:d2:c8:1c:1a:74:22:34:38:e6:
37:ec:e1:0f:f4:57:6a:4a:3c:bc:d2:24:d6:b1:9b:
e1:be:43:4b:58:6d:9a:37:6b:25:8d:db:8c:e0:1c:
d6:cc:99:b1:4d:fb:81:9b:c4:b6:c1:b4:7f:9c:ea:
e2:3c:9b:ca:30:ee:b2:90:1f:0c:b3:c0:ff:da:c9:
af:c0:e7:9a:c7:71:0b:e4:49:14:e9:92:f6:0e:4c:
83:54:27:ea:d2:de:7e:b9:26:a0:e0:30:38:20:a9:
49:4f:5a:07:b0:80:f2:51:51:fb:ef:11:fb:47:fa:
b4:63:8d:ef:66:49:c1:7b:23:17:2b:28:3d:44:af:
ab:fa:e1:d7:51:4b:86:e1:9b:6d:07:1e:fd:95:1d:
57:96:a4:de:24:af:f1:6a:f2:f6:c8:76:06:3f:cd:
f3:42:5f:fd:20:19:d0:57:22:05:00:69:dd:9c:68:
30:c7:1b:b5:84:fb:a9:9e:f6:dd:c5:18:80:2c:29:
01:21:3e:9b:18:90:43:4a:9c:a2:e4:bd:8a:16:f7:
27:49:aa:9d:75:8e:94:7e:5d:bc:a0:0e:5f:2c:41:
f1:0d:10:41:be:f6:9b:25:15:70:96:3a:7d:3d:5a:
a2:11:be:f6:36:a8:b6:e4:26:d0:68:8e:9f:70:17:
62:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:58:FF:30:87:08:BC:2F:6F:3B:8C:55:D4:E8:7A:AA:13:65:73:0A
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/XVj_MIcIvC9vO4xV1Oh6qhNlcwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.239.0-148.253.241.255
148.253.243.0/24
163.171.77.0/24
163.171.89.0/24
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
46:78:d6:60:09:8b:ad:f7:13:3f:5a:5a:66:be:e7:a5:20:44:
c5:2d:56:46:4e:f3:85:ed:b7:75:94:3e:1b:9a:1f:de:6b:c7:
8d:9a:3f:06:32:88:32:bc:cf:c8:86:a4:0e:35:97:88:db:d8:
b5:e1:65:6a:72:a6:d1:49:b1:32:dd:7f:ea:9e:57:0a:3d:0b:
0d:9a:e0:d2:3c:ae:2c:29:0a:74:b1:bb:8b:83:d1:aa:2e:c2:
3a:1e:d1:74:66:13:94:b8:fe:db:39:94:39:cf:c7:1d:d7:50:
ac:8a:e9:fe:46:ba:96:8d:5f:4c:ee:a0:ea:ca:cf:3e:b0:b6:
bf:01:76:57:e7:da:70:65:c5:58:a2:99:7e:65:37:53:5f:36:
9e:ea:14:58:8d:cc:05:bc:a1:37:70:90:9f:d0:29:14:e9:80:
ab:a9:0d:1a:3e:4e:e8:19:e7:4d:a9:81:f6:18:79:06:7c:a5:
f0:d9:3f:8c:bb:10:64:91:6b:9c:19:a0:3f:7c:15:e0:e9:7c:
de:68:61:07:6e:3e:38:50:df:07:d6:6c:ec:dd:f5:2c:1b:c4:
71:56:e3:64:94:c2:ff:85:99:f7:b3:9c:89:23:b4:80:d1:92:
a0:c9:a3:37:fa:a2:28:e3:09:a3:57:d2:19:d3:1e:6c:c3:45:
70:ca:a7:2e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYa+52KC4BflVkyv1BkyM/xTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwMzA4MDE0ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU4ZmYzMDg3MDhiYzJmNmYzYjhjNTVkNGU4N2FhYTEzNjU3MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRrTcWfSyBwadCI0OOY37OEP9Fdq
Sjy80iTWsZvhvkNLWG2aN2sljduM4BzWzJmxTfuBm8S2wbR/nOriPJvKMO6ykB8M
s8D/2smvwOeax3EL5EkU6ZL2DkyDVCfq0t5+uSag4DA4IKlJT1oHsIDyUVH77xH7
R/q0Y43vZknBeyMXKyg9RK+r+uHXUUuG4ZttBx79lR1XlqTeJK/xavL2yHYGP83z
Ql/9IBnQVyIFAGndnGgwxxu1hPupnvbdxRiALCkBIT6bGJBDSpyi5L2KFvcnSaqd
dY6Ufl28oA5fLEHxDRBBvvabJRVwljp9PVqiEb72Nqi25CbQaI6fcBdiVwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF1Y/zCHCLwvbzuMVdToeqoTZXMKMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvWFZqX01JY0l2Qzl2TzR4VjFPaDZxaE5sY3dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBACU/e8D
BAGU/fADBACU/fMDBACjq00DBACjq1kDBAC5G+QwDQYJKoZIhvcNAQELBQADggEB
AEZ41mAJi633Ez9aWma+56UgRMUtVkZO84Xtt3WUPhuaH95rx42aPwYyiDK8z8iG
pA41l4jb2LXhZWpyptFJsTLdf+qeVwo9Cw2a4NI8riwpCnSxu4uD0aouwjoe0XRm
E5S4/ts5lDnPxx3XUKyK6f5GupaNX0zuoOrKzz6wtr8Bdlfn2nBlxViimX5lN1Nf
Np7qFFiNzAW8oTdwkJ/QKRTpgKupDRo+TugZ502pgfYYeQZ8pfDZP4y7EGSRa5wZ
oD98FeDpfN5oYQduPjhQ3wfWbOzd9SwbxHFW42SUwv+FmfeznIkjtIDRkqDJozf6
oijjCaNX0hnTHmzDRXDKpy4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org