Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/nAK49yp_DpGEke94ckMx8JsDHII.roa
File: nAK49yp_DpGEke94ckMx8JsDHII.roa (raw, json)
Hash identifier: yPy5GqaDqcVSIKRAToDtwjfSeRCPE24mNGVtmnEIt4Y=
Subject key identifier: 9C:02:B8:F7:2A:7F:0E:91:84:91:EF:78:72:43:31:F0:9B:03:1C:82
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018CC5DC59C2E451C519A3B10F56A0861C78
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/nAK49yp_DpGEke94ckMx8JsDHII.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.254.0/24 maxlen: 24
91.194.205.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.90.0/24 maxlen: 24
163.171.91.0/24 maxlen: 24
151.249.91.0/24 maxlen: 24
151.249.90.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
163.171.246.0/24 maxlen: 24
163.171.253.0/24 maxlen: 24
163.171.251.0/24 maxlen: 24
163.171.247.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.242.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
148.253.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 15:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:59:c2:e4:51:c5:19:a3:b1:0f:56:a0:86:1c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c02b8f72a7f0e918491ef78724331f09b031c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6f:d7:8c:bb:1d:e4:d1:30:e2:2d:45:3e:60:
5f:e6:86:59:a5:1a:82:ec:a3:0d:1f:55:e1:26:da:
2a:fa:b0:a2:e8:e6:9f:be:bf:ee:5e:4e:5b:4a:4e:
9e:04:4d:f3:35:c8:0b:95:ee:4e:c5:f0:94:36:78:
a5:d9:b4:fd:71:c0:35:ab:68:c0:9c:77:b1:ba:f1:
86:49:6d:96:33:6d:93:03:56:ec:d9:60:ff:a4:6a:
2b:cc:bc:76:9d:f7:95:dc:59:e8:b3:40:68:0c:8b:
f3:9f:c9:8d:ea:87:7e:99:ec:bb:82:78:0f:b0:14:
f8:cc:8a:5d:b7:4d:bf:be:fd:03:29:51:58:e9:a0:
8f:30:37:f8:4f:eb:c7:22:38:03:72:1e:c5:3d:bb:
54:44:44:af:b0:14:a4:37:ce:0e:e7:b7:ae:ab:04:
09:63:ec:d9:aa:64:0d:d5:1e:4d:78:5a:0e:23:55:
a9:6e:60:49:cf:50:8f:0e:58:2f:7d:c9:1d:3f:c4:
d6:10:af:2a:a7:81:39:fc:70:85:18:e6:2d:2b:f3:
92:99:4f:f7:a0:6c:68:ca:03:7f:f6:a8:da:57:50:
41:40:99:62:96:0c:b0:d9:92:9a:57:9c:5d:cb:f8:
78:72:5b:8d:cc:10:84:a7:5c:7c:50:dd:a2:75:6a:
0e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:02:B8:F7:2A:7F:0E:91:84:91:EF:78:72:43:31:F0:9B:03:1C:82
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/nAK49yp_DpGEke94ckMx8JsDHII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
148.253.239.0-148.253.243.255
148.253.249.0-148.253.250.255
151.249.90.0-151.249.94.255
163.171.77.0/24
163.171.90.0/23
163.171.246.0/23
163.171.251.0/24
163.171.253.0-163.171.254.255
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:2b:35:e8:8b:fc:79:dd:bb:8c:2a:64:0a:c8:00:e2:c8:38:
09:ab:2a:d2:5b:85:a8:10:85:b2:14:40:55:bb:fa:b7:73:ac:
e6:e4:eb:53:e6:19:0f:9c:f0:88:a5:88:32:a9:37:7c:b0:f3:
65:4b:1d:16:cd:dd:8f:d2:1f:40:ec:66:20:7f:9c:25:93:ac:
53:e2:e8:d1:eb:88:67:f3:d4:b6:cd:55:43:d3:0f:93:4d:e1:
77:28:4f:1a:ea:82:27:88:3f:a7:69:e1:30:7d:e1:e6:cd:df:
d8:b2:33:41:6e:3c:4b:01:81:81:92:18:01:17:7b:a0:ae:9d:
23:7c:cb:51:fa:57:39:df:4e:6e:a3:f8:09:99:61:50:cc:53:
f5:c8:ef:df:72:fd:7a:75:de:5a:fa:61:9e:a8:c3:55:2b:1e:
bf:0e:47:73:ae:17:1e:67:f5:7a:9f:5a:e6:56:c9:dc:d8:2c:
09:11:81:ef:df:09:fa:19:52:a4:8e:9c:e0:9c:c0:2d:6c:2e:
a5:ea:c0:1e:8b:1f:58:f4:a4:9f:26:d7:c5:56:dc:d8:ff:6d:
f7:fa:ad:96:ee:29:9e:ff:0c:84:bd:ec:e7:a3:8d:46:8a:47:
ad:ac:84:51:9d:14:4d:0a:e3:95:37:0f:18:17:fd:a2:52:1a:
ec:8c:0a:f8
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYzF3FnC5FHFGaOxD1aghhx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzAyYjhmNzJhN2YwZTkxODQ5MWVmNzg3MjQzMzFmMDliMDMxYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2/XjLsd5NEw4i1FPmBf5oZZpRqC
7KMNH1XhJtoq+rCi6Oafvr/uXk5bSk6eBE3zNcgLle5OxfCUNnil2bT9ccA1q2jA
nHexuvGGSW2WM22TA1bs2WD/pGorzLx2nfeV3Fnos0BoDIvzn8mN6od+mey7gngP
sBT4zIpdt02/vv0DKVFY6aCPMDf4T+vHIjgDch7FPbtURESvsBSkN84O57euqwQJ
Y+zZqmQN1R5NeFoOI1WpbmBJz1CPDlgvfckdP8TWEK8qp4E5/HCFGOYtK/OSmU/3
oGxoygN/9qjaV1BBQJlilgyw2ZKaV5xdy/h4cluNzBCEp1x8UN2idWoOtQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJwCuPcqfw6RhJHveHJDMfCbAxyCMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvbkFLNDl5cF9EcEdFa2U5NGNrTXg4SnNESElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAW8LNAwQA
W8rIMAwDBACU/e8DBAKU/fAwDAMEAJT9+QMEAJT9+jAMAwQBl/laAwQAl/leAwQA
o6tNAwQBo6taAwQBo6v2AwQAo6v7MAwDBACjq/0DBACjq/4DBAC5G+QwDQYJKoZI
hvcNAQELBQADggEBAJorNeiL/Hndu4wqZArIAOLIOAmrKtJbhagQhbIUQFW7+rdz
rObk61PmGQ+c8IiliDKpN3yw82VLHRbN3Y/SH0DsZiB/nCWTrFPi6NHriGfz1LbN
VUPTD5NN4XcoTxrqgieIP6dp4TB94ebN39iyM0FuPEsBgYGSGAEXe6CunSN8y1H6
VznfTm6j+AmZYVDMU/XI799y/Xp13lr6YZ6ow1UrHr8OR3OuFx5n9XqfWuZWydzY
LAkRge/fCfoZUqSOnOCcwC1sLqXqwB6LH1j0pJ8m18VW3Nj/bff6rZbuKZ7/DIS9
7OejjUaKR62shFGdFE0K45U3DxgX/aJSGuyMCvg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org