Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z8rKwhpm1Cya2G7bPPsAGK3IDbw.roa
File: Z8rKwhpm1Cya2G7bPPsAGK3IDbw.roa (raw, json)
Hash identifier: hMyzk4+oWGXcakQGIkJfGUtiw1eqDseqGgl7x9pTcE4=
Subject key identifier: 67:CA:CA:C2:1A:66:D4:2C:9A:D8:6E:DB:3C:FB:00:18:AD:C8:0D:BC
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018B705BF2D5DE14DE74BD5B42E96A0096C6
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z8rKwhpm1Cya2G7bPPsAGK3IDbw.roa
Signing time: Fri 27 Oct 2023 08:59:16 +0000
ROA not before: Fri 27 Oct 2023 08:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54994
IP address blocks: 163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:5b:f2:d5:de:14:de:74:bd:5b:42:e9:6a:00:96:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Oct 27 08:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67cacac21a66d42c9ad86edb3cfb0018adc80dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:63:bd:70:d8:bb:ff:d1:ed:98:2d:09:b4:02:
36:27:8e:cc:91:d7:6d:9e:d4:62:b0:16:0a:89:e3:
c0:19:dc:3c:8c:3d:97:46:e5:a3:da:a2:dc:71:96:
5f:77:38:6c:2c:7e:b8:e7:f7:73:e2:2a:d4:a0:e8:
33:f7:5e:9c:8e:c0:ee:a6:e7:df:5c:4f:d5:b4:38:
a0:50:9f:ae:38:d0:9f:67:1f:dd:b9:87:f4:8f:ed:
54:33:5e:3e:e1:88:b8:c3:29:ed:ea:07:9d:8d:dd:
c9:ec:44:61:f8:b0:f2:5d:4c:91:25:e8:11:44:63:
20:11:5f:12:af:9b:87:95:42:2d:f4:aa:92:41:56:
d2:f3:3d:d7:e5:c4:44:11:1c:34:55:fe:33:bc:88:
a1:8f:52:ac:ae:55:b8:14:5c:94:0a:17:43:38:99:
10:df:a0:ae:60:57:f4:db:5a:b6:ce:86:f2:68:c3:
1a:17:2c:ff:ee:7d:c3:19:49:29:94:ad:7e:e4:6f:
8c:0f:f9:2c:07:26:38:6f:b9:d1:48:23:1c:98:df:
6e:1f:67:60:d0:6e:dd:de:9b:f9:b8:af:37:f1:92:
83:ef:13:da:82:47:e2:a8:de:3f:90:4e:fe:b4:13:
75:9e:eb:fb:ed:99:91:10:d8:ed:e0:93:aa:06:b7:
4e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:CA:CA:C2:1A:66:D4:2C:9A:D8:6E:DB:3C:FB:00:18:AD:C8:0D:BC
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z8rKwhpm1Cya2G7bPPsAGK3IDbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.135.0/24
148.253.34.0/24
148.253.228.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.97.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
32:4c:93:bc:5f:dc:0f:f7:28:74:46:ce:b2:7e:76:2b:ca:37:
4b:2d:29:99:5c:bb:32:19:90:ad:02:53:1e:21:96:43:63:4c:
e9:86:75:dc:af:48:87:19:3c:cd:82:6e:eb:76:b5:23:23:9f:
2b:a1:0e:60:c4:52:26:6c:ec:d4:80:8d:73:31:3d:ae:2b:6f:
da:4c:c6:c0:d1:37:67:7d:ce:bb:f8:5d:d0:47:79:f4:0a:77:
bd:03:78:82:7f:a4:35:05:53:3b:f6:b9:bf:d7:e7:76:09:33:
99:8f:57:42:f2:b4:aa:88:97:3f:6f:83:9f:23:78:38:f9:3f:
ba:db:43:e4:34:65:03:95:6b:33:3e:ff:22:da:24:5d:1e:d6:
48:ca:cf:b3:3b:14:89:56:75:d8:bf:c1:6a:f3:1a:19:61:8d:
d2:82:6d:b9:bc:d7:1f:92:88:86:db:4c:0e:ae:08:97:03:3f:
4a:5e:aa:a9:e9:cd:9c:1e:1a:6b:ec:49:af:15:5d:3e:41:56:
e3:20:13:f3:79:ee:2d:a2:b9:ee:78:ec:82:c9:90:e1:26:85:
c7:7d:1b:0a:30:78:8e:3a:f0:69:ee:d9:2f:1f:2c:48:f4:83:
ae:04:f7:b9:f3:1b:4a:1e:0d:c8:45:7e:cf:18:a6:10:d1:f7:
14:c6:d3:86
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYtwW/LV3hTedL1bQulqAJbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMxMDI3MDg1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2NhY2FjMjFhNjZkNDJjOWFkODZlZGIzY2ZiMDAxOGFkYzgwZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWO9cNi7/9HtmC0JtAI2J47Mkddt
ntRisBYKiePAGdw8jD2XRuWj2qLccZZfdzhsLH645/dz4irUoOgz916cjsDupuff
XE/VtDigUJ+uONCfZx/duYf0j+1UM14+4Yi4wynt6gedjd3J7ERh+LDyXUyRJegR
RGMgEV8Sr5uHlUIt9KqSQVbS8z3X5cREERw0Vf4zvIihj1KsrlW4FFyUChdDOJkQ
36CuYFf021q2zobyaMMaFyz/7n3DGUkplK1+5G+MD/ksByY4b7nRSCMcmN9uH2dg
0G7d3pv5uK838ZKD7xPagkfiqN4/kE7+tBN1nuv77ZmRENjt4JOqBrdOQwIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFGfKysIaZtQsmthu2zz7ABityA28MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvWjhyS3docG0xQ3lhMkc3YlBQc0FHSzNJRGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBwQQCAAEwgboDBABd
vIcDBACU/SIDBACU/eQwDAMEAJT95wMEApT96AMEAJT97QMEAJT97wMEAJT99gME
AJT9+AMEAKOrQAMEAKOrQwMEAaOrRgMEAaOrVAMEAKOrVwMEAKOrXjAMAwQAo6th
AwQAo6tiMAwDBACjq2UDBACjq2gDBACjq6YDBACjq7EDBACjq7YDBACjq7wDBACj
q88DBACjq94DBAGjq+ADBACjq+cDBACjq/kDBACjq/wDBADCaxMwDwQCAAIwCQMH
ACoBU8D/xjANBgkqhkiG9w0BAQsFAAOCAQEAMkyTvF/cD/codEbOsn52K8o3Sy0p
mVy7MhmQrQJTHiGWQ2NM6YZ13K9Ihxk8zYJu63a1IyOfK6EOYMRSJmzs1ICNczE9
ritv2kzGwNE3Z33Ou/hd0Ed59Ap3vQN4gn+kNQVTO/a5v9fndgkzmY9XQvK0qoiX
P2+DnyN4OPk/uttD5DRlA5VrMz7/ItokXR7WSMrPszsUiVZ12L/BavMaGWGN0oJt
ubzXH5KIhttMDq4IlwM/Sl6qqenNnB4aa+xJrxVdPkFW4yAT83nuLaK57njsgsmQ
4SaFx30bCjB4jjrwae7ZLx8sSPSDrgT3ufMbSh4NyEV+zximENH3FMbThg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org