Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/uQz_CXNBWwfwk-1JN_WKy2QAENg.roa
File: uQz_CXNBWwfwk-1JN_WKy2QAENg.roa (raw, json)
Hash identifier: G+hWtf1gpTqnhTVCy7B/D/Xdno5Y8Im7SGCKiHh+43o=
Subject key identifier: B9:0C:FF:09:73:41:5B:07:F0:93:ED:49:37:F5:8A:CB:64:00:10:D8
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018B705BF3A36032AEC011DFDB97CFB94816
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/uQz_CXNBWwfwk-1JN_WKy2QAENg.roa
Signing time: Fri 27 Oct 2023 08:59:16 +0000
ROA not before: Fri 27 Oct 2023 08:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204720
IP address blocks: 163.171.153.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:5b:f3:a3:60:32:ae:c0:11:df:db:97:cf:b9:48:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Oct 27 08:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b90cff0973415b07f093ed4937f58acb640010d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7c:95:60:3e:6e:ba:74:b3:b1:d4:e7:22:91:
6a:1c:35:c7:a9:8f:1d:b3:41:46:06:af:5a:fc:e0:
26:92:6c:b4:ff:9a:81:a3:ab:3c:0b:43:1d:52:e8:
a8:fd:ac:75:86:fe:18:88:a1:8a:ef:fa:2b:17:11:
58:5b:0a:11:47:9b:84:00:36:24:92:6a:d8:77:a5:
72:8a:fc:02:0a:11:12:3f:c7:5f:1c:f0:b3:94:ee:
7c:61:b8:01:6a:24:94:48:9e:c9:5b:e8:a4:1e:02:
c4:cd:52:22:a3:cc:8f:50:7a:fa:32:bd:e8:1c:30:
85:a1:3a:43:ce:9c:e9:76:b7:08:07:87:8d:a7:45:
76:ff:17:04:5d:c1:97:c0:a7:1b:7d:74:d1:ab:30:
c4:e4:44:97:4c:65:c7:a0:84:bf:56:34:ae:57:4b:
d3:6b:f7:39:d8:ef:e9:89:de:1f:9d:7f:4e:c9:bc:
fd:e8:e8:b4:ee:50:18:de:be:07:c3:e5:e9:57:6d:
4d:8c:05:d3:82:9d:10:7e:eb:34:9a:fd:cb:d6:c1:
c4:6a:ab:56:80:38:00:ce:8c:da:52:75:c5:57:51:
39:d6:bd:91:45:f0:b6:67:e4:e8:2b:1a:4b:ec:bf:
c5:aa:25:14:fd:02:30:f6:4e:f3:89:a9:9b:de:8b:
12:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:0C:FF:09:73:41:5B:07:F0:93:ED:49:37:F5:8A:CB:64:00:10:D8
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/uQz_CXNBWwfwk-1JN_WKy2QAENg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.60.0/22
163.171.153.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:2a:03:90:65:fe:74:80:ec:32:ed:89:16:59:bc:3f:d2:5e:
90:78:c2:d6:b5:ff:70:54:a8:33:45:ae:75:f0:e3:5f:7e:6d:
fe:e4:50:48:61:36:2a:a7:3f:dd:d9:c3:a4:a0:56:e5:04:28:
38:2f:92:dd:3d:96:2a:d8:da:20:28:de:30:04:d6:6b:2c:34:
f4:f4:19:d0:a0:fd:1d:f4:45:5e:12:c6:df:8f:75:7c:d3:bd:
9f:0b:0a:b0:01:63:41:cc:d8:b5:30:4b:23:df:63:80:58:cf:
2c:9b:76:b9:11:ed:0b:7d:ea:54:f1:9d:fe:35:a0:dc:a6:6f:
f2:60:60:0b:25:bc:f6:46:5f:87:cf:74:e0:05:66:b3:15:2e:
17:91:02:51:14:a6:82:37:19:00:f1:d8:72:0b:f2:43:3d:b4:
f5:08:b9:6f:19:99:97:ca:d9:07:27:43:b7:70:c4:c1:33:27:
d2:a2:de:ed:70:19:71:d8:cb:85:44:96:0c:ed:8b:f3:32:fd:
0e:41:a5:cc:d5:cf:90:6a:58:44:1f:f3:44:56:7e:09:7d:18:
9a:63:1c:ea:fa:64:30:b9:6f:6f:5b:d6:23:c2:ff:b6:a7:d7:
36:2a:96:9a:cd:33:1f:42:16:49:76:65:db:a7:55:bc:0e:bc:
5f:ac:4f:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtwW/OjYDKuwBHf25fPuUgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMxMDI3MDg1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTBjZmYwOTczNDE1YjA3ZjA5M2VkNDkzN2Y1OGFjYjY0MDAxMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnyVYD5uunSzsdTnIpFqHDXHqY8d
s0FGBq9a/OAmkmy0/5qBo6s8C0MdUuio/ax1hv4YiKGK7/orFxFYWwoRR5uEADYk
kmrYd6VyivwCChESP8dfHPCzlO58YbgBaiSUSJ7JW+ikHgLEzVIio8yPUHr6Mr3o
HDCFoTpDzpzpdrcIB4eNp0V2/xcEXcGXwKcbfXTRqzDE5ESXTGXHoIS/VjSuV0vT
a/c52O/pid4fnX9Oybz96Oi07lAY3r4Hw+XpV21NjAXTgp0Qfus0mv3L1sHEaqtW
gDgAzozaUnXFV1E51r2RRfC2Z+ToKxpL7L/FqiUU/QIw9k7ziamb3osSLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLkM/wlzQVsH8JPtSTf1istkABDYMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvdVF6X0NYTkJXd2Z3ay0xSk5fV0t5MlFBRU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQClP08AwQA
o6uZMA0GCSqGSIb3DQEBCwUAA4IBAQBfKgOQZf50gOwy7YkWWbw/0l6QeMLWtf9w
VKgzRa518ONffm3+5FBIYTYqpz/d2cOkoFblBCg4L5LdPZYq2NogKN4wBNZrLDT0
9BnQoP0d9EVeEsbfj3V8072fCwqwAWNBzNi1MEsj32OAWM8sm3a5Ee0LfepU8Z3+
NaDcpm/yYGALJbz2Rl+Hz3TgBWazFS4XkQJRFKaCNxkA8dhyC/JDPbT1CLlvGZmX
ytkHJ0O3cMTBMyfSot7tcBlx2MuFRJYM7YvzMv0OQaXM1c+QalhEH/NEVn4JfRia
Yxzq+mQwuW9vW9Yjwv+2p9c2KpaazTMfQhZJdmXbp1W8DrxfrE/e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org