Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Y8OkODjYeF6EAFxGuLhltAKmOf8.roa
File: Y8OkODjYeF6EAFxGuLhltAKmOf8.roa (raw, json)
Hash identifier: lQ7ka4C+owHXV6DIY3oNmg/IAvTD/s0/TB+nXQ0Nxi0=
Subject key identifier: 63:C3:A4:38:38:D8:78:5E:84:00:5C:46:B8:B8:65:B4:02:A6:39:FF
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018E23E936A53700DE43948ED00E2EBAB657
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Y8OkODjYeF6EAFxGuLhltAKmOf8.roa
Signing time: Sat 09 Mar 2024 15:51:10 +0000
ROA not before: Sat 09 Mar 2024 15:51:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 10 Mar 2024 05:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:23:e9:36:a5:37:00:de:43:94:8e:d0:0e:2e:ba:b6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 9 15:51:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63c3a43838d8785e84005c46b8b865b402a639ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:87:7d:27:16:29:9a:da:57:21:5a:21:08:61:
0f:c2:b8:d1:bc:49:17:b4:ce:3a:2a:62:31:d7:15:
4f:a8:f7:25:42:17:28:ab:17:3e:78:15:b7:4b:1a:
b3:32:73:03:ea:16:29:bf:57:e6:1c:d6:02:f0:6f:
71:c7:9e:1e:08:a6:50:53:be:19:d8:5d:20:f3:cc:
e2:65:62:35:0d:f3:71:2f:33:25:68:5d:91:f8:0e:
fa:05:0f:b1:10:44:11:03:21:e9:cf:28:95:c0:04:
8f:df:97:92:81:14:e8:74:ad:89:66:b1:a8:55:bf:
0f:e8:ed:19:25:dd:5e:8c:ea:84:13:70:bd:b3:b8:
3b:34:c1:44:c5:b1:3c:a9:a9:6a:d6:3f:22:05:77:
31:58:ac:e1:05:07:e1:be:01:45:08:47:4b:38:54:
55:64:15:5a:f6:a3:c3:4e:f2:20:ea:c9:9f:50:6b:
a8:51:a1:d3:bf:2b:73:98:8d:b8:78:84:59:3e:70:
21:ae:7b:8f:ec:9c:71:a9:28:06:62:15:97:64:5a:
f0:5f:28:95:37:da:e7:dd:b7:13:32:f5:7c:e0:4c:
03:c4:8a:71:cc:7c:be:b6:61:d7:ad:45:ae:d5:16:
19:01:8e:71:c3:a0:38:10:b0:c3:31:1f:a9:06:be:
1d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C3:A4:38:38:D8:78:5E:84:00:5C:46:B8:B8:65:B4:02:A6:39:FF
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Y8OkODjYeF6EAFxGuLhltAKmOf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.228.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
b2:b7:67:5c:92:96:0f:e0:c8:d4:d4:18:83:d6:f7:a5:c2:b8:
14:7f:8d:1a:57:38:0c:17:af:39:64:e8:ea:41:a3:b4:8b:ee:
fc:6c:ba:eb:57:4a:c5:95:2c:f7:27:49:a4:1e:bf:3f:8a:bc:
a1:fe:35:ed:1f:76:21:d8:6a:17:18:f5:db:cd:98:ac:4c:be:
f9:c8:58:79:c5:00:d5:e9:30:ab:73:f0:70:29:bf:e6:27:f6:
0c:5d:e2:94:4b:32:ba:33:7e:0d:47:86:56:23:56:54:ec:d5:
66:a9:51:2b:d9:88:bc:ae:bf:d4:10:71:05:3f:3c:a5:e7:4c:
03:8c:43:41:06:cd:8b:b1:9a:d9:6a:5e:f6:bc:77:8d:84:2e:
a6:6d:1c:df:f8:eb:73:26:80:aa:f8:40:e5:3a:12:d7:d3:33:
92:4d:b0:77:32:72:aa:a4:db:95:39:bd:bb:10:28:f5:59:1c:
6f:0b:ed:cb:cc:f2:c3:b2:11:e2:f4:75:17:59:56:37:e2:0f:
c0:0f:9e:fa:83:b4:78:4c:7a:b3:51:d3:f4:14:81:20:a7:a8:
f8:62:e6:f9:55:f4:69:e0:1d:87:bd:13:3e:2a:ca:32:a2:07:
ee:87:37:13:03:16:59:98:0f:22:2d:9c:88:28:11:11:62:b2:
c2:d7:4f:4d
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAY4j6TalNwDeQ5SO0A4uurZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMzA5MTU1MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2MzYTQzODM4ZDg3ODVlODQwMDVjNDZiOGI4NjViNDAyYTYzOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgod9JxYpmtpXIVohCGEPwrjRvEkX
tM46KmIx1xVPqPclQhcoqxc+eBW3SxqzMnMD6hYpv1fmHNYC8G9xx54eCKZQU74Z
2F0g88ziZWI1DfNxLzMlaF2R+A76BQ+xEEQRAyHpzyiVwASP35eSgRTodK2JZrGo
Vb8P6O0ZJd1ejOqEE3C9s7g7NMFExbE8qalq1j8iBXcxWKzhBQfhvgFFCEdLOFRV
ZBVa9qPDTvIg6smfUGuoUaHTvytzmI24eIRZPnAhrnuP7JxxqSgGYhWXZFrwXyiV
N9rn3bcTMvV84EwDxIpxzHy+tmHXrUWu1RYZAY5xw6A4ELDDMR+pBr4ddQIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFGPDpDg42HhehABcRri4ZbQCpjn/MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvWThPa09EalllRjZFQUZ4R3VMaGx0QUttT2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgdsEAgABMIHUAwQA
W8rIAwQAXbyHAwQAlP0iAwQAlP0kAwQAlP3kMAwDBACU/ecDBAKU/egDBACU/e0D
BACU/e8DBACU/fYDBACU/fgwDAMEApf5XAMEAJf5XgMEAKOrQAMEAKOrQwMEAaOr
RgMEAaOrVAMEAKOrVwMEAKOrXjAMAwQFo6tgAwQAo6tiMAwDBACjq2UDBACjq2gD
BACjq6YDBACjq7EDBACjq7YDBACjq7wDBACjq88DBACjq94DBAGjq+ADBACjq+cD
BACjq/kDBACjq/wDBADCaxMwDwQCAAIwCQMHACoBU8D/xjANBgkqhkiG9w0BAQsF
AAOCAQEAsrdnXJKWD+DI1NQYg9b3pcK4FH+NGlc4DBevOWTo6kGjtIvu/Gy661dK
xZUs9ydJpB6/P4q8of417R92IdhqFxj1282YrEy++chYecUA1ekwq3PwcCm/5if2
DF3ilEsyujN+DUeGViNWVOzVZqlRK9mIvK6/1BBxBT88pedMA4xDQQbNi7Ga2Wpe
9rx3jYQupm0c3/jrcyaAqvhA5ToS19Mzkk2wdzJyqqTblTm9uxAo9Vkcbwvty8zy
w7IR4vR1F1lWN+IPwA+e+oO0eEx6s1HT9BSBIKeo+GLm+VX0aeAdh70TPirKMqIH
7oc3EwMWWZgPIi2ciCgREWKywtdPTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org