Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Zq05Onm0zJG475KnK_KvCTshvMo.roa
File: Zq05Onm0zJG475KnK_KvCTshvMo.roa (raw, json)
Hash identifier: GJp038CwU2RnomBtHoPp1jyEMhCVCB9CUJ7vtQ3lfsQ=
Subject key identifier: 66:AD:39:3A:79:B4:CC:91:B8:EF:92:A7:2B:F2:AF:09:3B:21:BC:CA
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018DF94162DFE0FCE1745CE438375EFD0608
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Zq05Onm0zJG475KnK_KvCTshvMo.roa
Signing time: Fri 01 Mar 2024 09:03:48 +0000
ROA not before: Fri 01 Mar 2024 09:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 09 Mar 2024 15:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:41:62:df:e0:fc:e1:74:5c:e4:38:37:5e:fd:06:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 1 09:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ad393a79b4cc91b8ef92a72bf2af093b21bcca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cf:71:55:03:43:b4:a6:60:cf:10:dc:75:61:
41:bf:f5:a7:af:a5:00:c2:28:30:06:1c:4c:66:ba:
0d:e0:ab:60:aa:0c:b4:f0:85:91:8d:5e:08:ca:9f:
bb:da:fc:26:05:c1:8b:9a:d6:6b:8b:7d:96:b9:c2:
52:8a:14:04:29:39:65:02:81:54:57:86:40:d5:8d:
c1:f1:b9:9d:36:aa:24:97:68:b3:14:df:4e:2a:b3:
6b:b4:cd:e6:87:f5:9a:3d:d1:93:15:1c:dc:13:85:
7e:ba:dd:c8:ba:f7:f1:b8:68:ad:37:2c:c4:89:80:
7a:a3:cb:be:b5:9a:f9:aa:f8:1f:49:dd:a5:a4:10:
60:9b:b6:dd:00:57:5b:41:a6:4a:e7:19:6a:2e:9d:
5d:0b:09:6b:57:75:69:6e:fb:c1:f0:89:a6:95:70:
7a:63:c1:c8:f8:74:56:62:f1:81:a8:a0:98:23:b6:
0d:8e:c6:98:f5:80:17:67:db:46:26:1d:5d:09:3a:
9e:47:96:6d:82:2b:f6:10:e6:76:af:9e:28:37:f8:
2a:9f:6d:42:84:55:b0:1a:ac:2a:3a:c3:d0:97:c7:
c3:44:52:80:2b:84:44:13:33:b7:96:42:b9:6c:39:
36:0c:17:9e:66:9d:09:f4:c5:71:14:12:f3:bc:b4:
74:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AD:39:3A:79:B4:CC:91:B8:EF:92:A7:2B:F2:AF:09:3B:21:BC:CA
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Zq05Onm0zJG475KnK_KvCTshvMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.135.0/24
148.253.34.0/24
148.253.228.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
1e:08:d8:3d:f2:14:95:4b:72:f4:7b:4f:cc:4b:68:db:ee:89:
a3:cf:b9:3a:22:2e:c3:cb:30:cc:d2:3f:d2:cb:1f:fe:97:d8:
8a:30:ec:80:75:56:35:6f:48:c7:a7:18:a4:8b:b3:3c:56:b7:
9d:15:80:2d:a7:77:88:d9:e1:05:4a:c5:29:ca:ea:e4:17:f6:
ef:48:b3:cc:bc:0e:f2:da:00:09:39:70:95:e0:6f:ba:c7:cb:
db:69:bf:b0:0f:76:fb:81:18:04:32:66:de:a9:e1:7b:af:1e:
c2:97:5d:a5:fc:3a:1f:3d:68:91:2b:c7:4d:cb:b1:5a:19:44:
31:2a:ef:68:fc:bf:9d:c0:64:2d:2f:2d:f6:0e:f4:14:b4:63:
fd:04:96:14:ba:4c:f6:24:99:58:24:0f:f9:c1:9b:d0:37:09:
25:95:25:56:d4:cf:3e:d4:b9:a2:23:41:96:fb:fa:8b:31:e0:
68:bf:4b:eb:aa:68:dc:37:2f:7f:9a:a8:7a:94:de:34:6f:3d:
6d:5a:f2:44:ad:3f:03:d7:41:81:bc:99:8d:c7:07:8b:da:64:
58:0b:93:bd:cd:4c:de:26:9e:f3:2b:a1:25:4b:5e:3e:15:fa:
7b:39:2d:bc:38:48:ec:96:12:f8:25:5b:c8:1e:38:91:ed:9a:
58:b3:5d:c5
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAY35QWLf4PzhdFzkODde/QYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMzAxMDkwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmFkMzkzYTc5YjRjYzkxYjhlZjkyYTcyYmYyYWYwOTNiMjFiY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc9xVQNDtKZgzxDcdWFBv/Wnr6UA
wigwBhxMZroN4Ktgqgy08IWRjV4Iyp+72vwmBcGLmtZri32WucJSihQEKTllAoFU
V4ZA1Y3B8bmdNqokl2izFN9OKrNrtM3mh/WaPdGTFRzcE4V+ut3IuvfxuGitNyzE
iYB6o8u+tZr5qvgfSd2lpBBgm7bdAFdbQaZK5xlqLp1dCwlrV3VpbvvB8ImmlXB6
Y8HI+HRWYvGBqKCYI7YNjsaY9YAXZ9tGJh1dCTqeR5Ztgiv2EOZ2r54oN/gqn21C
hFWwGqwqOsPQl8fDRFKAK4REEzO3lkK5bDk2DBeeZp0J9MVxFBLzvLR0EQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFGatOTp5tMyRuO+Spyvyrwk7IbzKMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvWnEwNU9ubTB6Skc0NzVLbktfS3ZDVHNodk1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBwQQCAAEwgboDBABd
vIcDBACU/SIDBACU/eQwDAMEAJT95wMEApT96AMEAJT97QMEAJT97wMEAJT99gME
AJT9+AMEAKOrQAMEAKOrQwMEAaOrRgMEAaOrVAMEAKOrVwMEAKOrXjAMAwQFo6tg
AwQAo6tiMAwDBACjq2UDBACjq2gDBACjq6YDBACjq7EDBACjq7YDBACjq7wDBACj
q88DBACjq94DBAGjq+ADBACjq+cDBACjq/kDBACjq/wDBADCaxMwDwQCAAIwCQMH
ACoBU8D/xjANBgkqhkiG9w0BAQsFAAOCAQEAHgjYPfIUlUty9HtPzEto2+6Jo8+5
OiIuw8swzNI/0ssf/pfYijDsgHVWNW9Ix6cYpIuzPFa3nRWALad3iNnhBUrFKcrq
5Bf270izzLwO8toACTlwleBvusfL22m/sA92+4EYBDJm3qnhe68ewpddpfw6Hz1o
kSvHTcuxWhlEMSrvaPy/ncBkLS8t9g70FLRj/QSWFLpM9iSZWCQP+cGb0DcJJZUl
VtTPPtS5oiNBlvv6izHgaL9L66po3Dcvf5qoepTeNG89bVryRK0/A9dBgbyZjccH
i9pkWAuTvc1M3iae8yuhJUtePhX6ezktvDhI7JYS+CVbyB44ke2aWLNdxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org