Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/_-Usa2Fc1SMhztYBX9X-MMZ4QSs.roa
File: _-Usa2Fc1SMhztYBX9X-MMZ4QSs.roa (raw, json)
Hash identifier: YzFIGyYk8TMQbQgtB/P5FOrIZaMy35p4fcagFeOWCFQ=
Subject key identifier: FF:E5:2C:6B:61:5C:D5:23:21:CE:D6:01:5F:D5:FE:30:C6:78:41:2B
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 01876FC7F84780CE28F1E825EE76C21D818C
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/_-Usa2Fc1SMhztYBX9X-MMZ4QSs.roa
Signing time: Tue 11 Apr 2023 10:06:28 +0000
ROA not before: Tue 11 Apr 2023 10:06:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54994
IP address blocks: 163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Apr 2023 02:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:c7:f8:47:80:ce:28:f1:e8:25:ee:76:c2:1d:81:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Apr 11 10:06:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffe52c6b615cd52321ced6015fd5fe30c678412b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1e:ea:16:8e:16:5f:a7:3d:64:5c:92:2d:4a:
a5:be:7b:ed:08:15:5c:b6:82:e1:a8:11:52:b2:06:
f8:b6:07:18:c0:20:f3:59:80:12:10:bb:d7:66:4f:
10:45:0e:3e:fd:45:9a:46:10:60:7a:2d:14:27:fd:
d1:03:b6:35:75:16:0b:61:d7:73:33:19:85:f2:85:
2c:80:33:aa:53:5e:0e:2b:b8:09:ba:ec:da:a1:dc:
b0:e8:fd:fc:80:96:11:a6:75:df:60:9b:0b:9c:a5:
5a:de:d8:49:33:2b:b3:45:56:bd:2a:e0:a7:95:49:
8f:4f:b9:68:f2:a0:9d:5f:ca:53:9d:b8:6e:ea:d8:
11:89:f6:0e:5b:7d:db:2e:b1:62:a2:86:c6:7f:21:
79:f1:fb:58:7d:0a:db:47:29:97:f7:70:3c:59:82:
af:fa:b9:63:e3:d4:0d:56:a9:6d:30:d2:94:b2:1b:
47:ca:3a:fe:21:c4:fb:81:43:d7:be:dd:d3:5e:e1:
89:01:bc:46:f1:18:dc:d3:eb:d9:9a:09:e0:70:da:
65:69:49:1f:b8:7d:9b:85:e1:80:10:20:e0:8f:6e:
5b:36:8c:23:b7:ff:e0:ae:eb:41:50:cc:29:4e:80:
f3:3b:dc:6d:14:16:3b:c7:26:97:83:ba:40:62:e4:
ac:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E5:2C:6B:61:5C:D5:23:21:CE:D6:01:5F:D5:FE:30:C6:78:41:2B
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/_-Usa2Fc1SMhztYBX9X-MMZ4QSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.135.0/24
148.253.34.0/24
148.253.228.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.246.0/24
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.231.0/24
163.171.252.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
5a:27:ce:6c:ba:9a:4a:2b:83:57:c8:de:8f:0e:e6:fe:22:6c:
ba:77:53:ae:d2:47:e3:da:41:a0:c7:e8:8c:e8:f6:6a:07:f9:
be:cf:b0:ce:2c:c6:da:a3:fe:52:dd:94:c4:76:25:cf:df:84:
69:40:bf:b2:70:72:2d:8f:02:13:77:12:b5:4a:70:93:a0:d0:
47:c6:0b:e7:4b:38:ff:a0:8d:5d:77:79:82:1a:8f:2d:7c:f2:
46:57:e5:8b:2b:94:a0:b6:64:6f:05:21:ef:e5:0d:2d:ba:92:
dd:cd:f3:c9:51:c0:26:76:bf:82:ba:89:86:05:ee:6b:71:b6:
cc:22:d5:cd:df:3d:4f:ba:a0:46:de:1e:88:03:6a:17:5e:5e:
d9:63:3f:2a:0e:fd:c5:a9:d2:f7:13:bd:44:ea:a1:d8:c2:f1:
dd:69:ff:f1:3e:18:6c:fc:aa:61:85:3e:74:25:a2:68:aa:2e:
18:79:42:80:02:a3:c1:88:29:ec:98:24:c8:18:6f:3a:6a:ef:
f9:70:a4:91:5b:62:8b:06:f2:9a:4c:63:bd:5f:c9:83:d0:1b:
39:c6:b8:87:aa:76:02:b5:81:a7:e2:3c:71:7f:f0:72:1d:7c:
0e:85:d6:c4:df:40:7d:b8:2f:13:2b:97:fd:9e:bf:32:6f:59:
ee:c3:4e:1b
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYdvx/hHgM4o8egl7nbCHYGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwNDExMTAwNjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmU1MmM2YjYxNWNkNTIzMjFjZWQ2MDE1ZmQ1ZmUzMGM2Nzg0MTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh7qFo4WX6c9ZFySLUqlvnvtCBVc
toLhqBFSsgb4tgcYwCDzWYASELvXZk8QRQ4+/UWaRhBgei0UJ/3RA7Y1dRYLYddz
MxmF8oUsgDOqU14OK7gJuuzaodyw6P38gJYRpnXfYJsLnKVa3thJMyuzRVa9KuCn
lUmPT7lo8qCdX8pTnbhu6tgRifYOW33bLrFioobGfyF58ftYfQrbRymX93A8WYKv
+rlj49QNVqltMNKUshtHyjr+IcT7gUPXvt3TXuGJAbxG8Rjc0+vZmgngcNplaUkf
uH2bheGAECDgj25bNowjt//grutBUMwpToDzO9xtFBY7xyaXg7pAYuSs0QIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFP/lLGthXNUjIc7WAV/V/jDGeEErMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvXy1Vc2EyRmMxU01oenRZQlg5WC1NTVo0UVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBhwQCAAEwgYADBABd
vIcDBACU/SIDBACU/eQwDAMEAJT95wMEApT96AMEAJT97QMEAJT99gMEAKOrQAME
AKOrQwMEAaOrRgMEAaOrVAMEAKOrVwMEAKOrXgMEAKOrpgMEAKOrsQMEAKOrtgME
AKOrvAMEAKOrzwMEAKOr3gMEAKOr5wMEAKOr/DAPBAIAAjAJAwcAKgFTwP/GMA0G
CSqGSIb3DQEBCwUAA4IBAQBaJ85suppKK4NXyN6PDub+Imy6d1Ou0kfj2kGgx+iM
6PZqB/m+z7DOLMbao/5S3ZTEdiXP34RpQL+ycHItjwITdxK1SnCToNBHxgvnSzj/
oI1dd3mCGo8tfPJGV+WLK5SgtmRvBSHv5Q0tupLdzfPJUcAmdr+CuomGBe5rcbbM
ItXN3z1PuqBG3h6IA2oXXl7ZYz8qDv3FqdL3E71E6qHYwvHdaf/xPhhs/KphhT50
JaJoqi4YeUKAAqPBiCnsmCTIGG86au/5cKSRW2KLBvKaTGO9X8mD0Bs5xriHqnYC
tYGn4jxxf/ByHXwOhdbE30B9uC8TK5f9nr8yb1nuw04b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org