Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/ZlurwJBNLdU1yJbzmXqXaGkZdMs.roa
File: ZlurwJBNLdU1yJbzmXqXaGkZdMs.roa (raw, json)
Hash identifier: a0Y3AyoQerw0Q+uZ7x4GxeezLoHvyHUyxIPhAidqqB4=
Subject key identifier: 66:5B:AB:C0:90:4D:2D:D5:35:C8:96:F3:99:7A:97:68:69:19:74:CB
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018EF5FE478BDA1754BF81221BB6795868E5
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/ZlurwJBNLdU1yJbzmXqXaGkZdMs.roa
Signing time: Fri 19 Apr 2024 10:54:26 +0000
ROA not before: Fri 19 Apr 2024 10:54:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 10:28:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:fe:47:8b:da:17:54:bf:81:22:1b:b6:79:58:68:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Apr 19 10:54:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=665babc0904d2dd535c896f3997a9768691974cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7d:b6:55:02:76:9a:80:05:90:e2:21:2b:10:
6c:b4:42:0f:9a:cf:2e:c2:a9:f1:e6:33:ee:06:a3:
25:38:cf:54:36:bd:3c:c9:79:62:8b:5c:9e:39:de:
18:92:de:28:a9:70:ff:8f:a8:83:ee:26:24:53:d3:
b5:43:ea:b5:d4:43:2d:60:26:b6:88:d4:65:3b:a8:
34:a9:c5:22:69:37:bb:b4:ff:a4:f0:2d:d3:c0:ab:
bb:6a:0c:6f:c7:dd:f1:42:39:e2:e7:ee:68:58:90:
31:61:6e:5b:79:ff:eb:49:ab:5d:4e:9e:5e:62:cf:
93:54:e5:b2:b7:b1:c5:fb:0d:fa:e1:69:fe:e9:fa:
33:15:e6:52:c4:85:77:01:15:17:6b:6f:d4:b3:b5:
71:28:ab:b5:8d:51:67:fe:cf:6d:0c:38:d2:8f:7f:
18:aa:b1:f7:51:57:cb:06:28:b5:01:7a:af:b9:2f:
f5:bf:29:6d:4d:2e:a4:45:a0:2c:4f:06:c8:f8:50:
67:62:98:fa:5b:60:93:55:f5:83:d5:92:24:6b:fb:
e7:72:74:7b:ed:02:80:ad:78:1c:7f:ff:f3:34:c7:
27:1f:0b:d3:10:83:c1:98:55:82:7a:5a:4f:a4:0c:
62:28:66:36:1e:b3:d5:64:09:e9:ec:59:fc:fd:2d:
49:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:5B:AB:C0:90:4D:2D:D5:35:C8:96:F3:99:7A:97:68:69:19:74:CB
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/ZlurwJBNLdU1yJbzmXqXaGkZdMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.126.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
30:d4:01:4e:e9:e9:72:e9:55:74:af:46:56:b9:0e:3c:cb:80:
63:bd:1b:7e:c2:98:df:5d:01:4f:26:38:23:b4:5d:9e:10:36:
fc:6a:df:38:d9:dc:a7:eb:02:89:dc:57:b8:66:33:08:46:6c:
00:a1:50:c5:b4:0d:fd:91:be:ff:55:ac:f6:c1:b9:23:c0:94:
ee:fc:14:2c:95:c5:18:17:d9:87:ff:66:49:a1:2e:83:3f:05:
ae:bf:28:1e:63:ea:71:e7:93:a5:98:7a:41:70:95:be:30:a7:
52:a7:6c:1c:72:70:b6:e9:c0:42:c7:c1:5d:ec:cd:b5:b5:55:
01:48:2d:98:c6:87:ff:14:e8:96:a3:12:0a:17:6b:55:25:4b:
59:ef:83:cd:9c:79:ce:bc:aa:fa:49:9e:9a:7a:1b:d3:ab:9b:
b7:0d:d7:96:68:01:3d:70:ba:e3:d8:27:d1:fd:53:68:45:85:
76:22:c7:ad:1f:7b:67:ca:9b:60:1d:09:87:e0:bd:30:d7:fc:
fe:74:ce:c0:5a:0e:3e:b2:ce:28:11:d4:b1:a0:0d:13:8b:00:
07:d6:20:6d:81:b5:f0:a7:4e:07:d2:ee:fb:06:b7:c3:c9:26:
79:72:bb:bd:92:2d:01:3c:6d:03:21:88:5b:53:50:1d:14:28:
85:0e:9d:4d
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgISAY71/keL2hdUv4EiG7Z5WGjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwNDE5MTA1NDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjViYWJjMDkwNGQyZGQ1MzVjODk2ZjM5OTdhOTc2ODY5MTk3NGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4H22VQJ2moAFkOIhKxBstEIPms8u
wqnx5jPuBqMlOM9UNr08yXlii1yeOd4Ykt4oqXD/j6iD7iYkU9O1Q+q11EMtYCa2
iNRlO6g0qcUiaTe7tP+k8C3TwKu7agxvx93xQjni5+5oWJAxYW5bef/rSatdTp5e
Ys+TVOWyt7HF+w364Wn+6fozFeZSxIV3ARUXa2/Us7VxKKu1jVFn/s9tDDjSj38Y
qrH3UVfLBii1AXqvuS/1vyltTS6kRaAsTwbI+FBnYpj6W2CTVfWD1ZIka/vncnR7
7QKArXgcf//zNMcnHwvTEIPBmFWCelpPpAxiKGY2HrPVZAnp7Fn8/S1J/QIDAQAB
o4IDAjCCAv4wHQYDVR0OBBYEFGZbq8CQTS3VNciW85l6l2hpGXTLMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvWmx1cndKQk5MZFUxeUpiem1YcVhhR2taZE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFgYIKwYBBQUHAQcBAf8EggEFMIIBATCB7QQCAAEwgeYD
BABbws0DBABbysgDBABdvIcDBACU/SIDBACU/SQDBAGU/eQwDAMEAJT95wMEApT9
6AMEAJT97QMEAJT97wMEAJT99gMEAJT9+DAMAwQCl/lcAwQAl/leAwQAo6tAAwQA
o6tDAwQBo6tGAwQBo6tUAwQAo6tXAwQAo6teMAwDBAWjq2ADBACjq2IwDAMEAKOr
ZQMEAKOraAMEAKOrfgMEAKOrpgMEAaOrsAMEAKOrtgMEAKOrvAMEAKOrxgMEAKOr
zwMEAKOr3gMEAaOr4AMEAKOr5wMEAKOr+QMEAKOr/AMEAMJrEzAPBAIAAjAJAwcA
KgFTwP/GMA0GCSqGSIb3DQEBCwUAA4IBAQAw1AFO6ely6VV0r0ZWuQ48y4BjvRt+
wpjfXQFPJjgjtF2eEDb8at842dyn6wKJ3Fe4ZjMIRmwAoVDFtA39kb7/Vaz2wbkj
wJTu/BQslcUYF9mH/2ZJoS6DPwWuvygeY+px55OlmHpBcJW+MKdSp2wccnC26cBC
x8Fd7M21tVUBSC2Yxof/FOiWoxIKF2tVJUtZ74PNnHnOvKr6SZ6aehvTq5u3DdeW
aAE9cLrj2CfR/VNoRYV2IsetH3tnyptgHQmH4L0w1/z+dM7AWg4+ss4oEdSxoA0T
iwAH1iBtgbXwp04H0u77BrfDySZ5cru9ki0BPG0DIYhbU1AdFCiFDp1N
-----END CERTIFICATE-----
Generated at Tue Jun 11 16:28:25 2024 by rpki-client on console-ams.rpki-client.org