Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/vPlpbyA6Rcw-uCu4JuAg5szNovE.roa
File: vPlpbyA6Rcw-uCu4JuAg5szNovE.roa (raw, json)
Hash identifier: ZqpUB0q199mwv0r3zSDF7VjNRjsD2Mt4mm5O2iTbO+8=
Subject key identifier: BC:F9:69:6F:20:3A:45:CC:3E:B8:2B:B8:26:E0:20:E6:CC:CD:A2:F1
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018CC5DC5B878CB0A8E9DF026A0DFC31008B
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/vPlpbyA6Rcw-uCu4JuAg5szNovE.roa
Signing time: Mon 01 Jan 2024 16:30:02 +0000
ROA not before: Mon 01 Jan 2024 16:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 Jan 2024 02:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5b:87:8c:b0:a8:e9:df:02:6a:0d:fc:31:00:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 1 16:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcf9696f203a45cc3eb82bb826e020e6cccda2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5f:df:d4:47:ca:7b:92:a9:22:b8:b8:c3:96:
98:18:b4:56:7a:be:8e:7c:d8:00:90:e3:8d:db:f0:
54:1b:f4:41:e5:06:32:61:35:a8:7b:97:13:ae:ec:
b0:78:6d:c5:4e:ec:3d:88:bd:80:33:6d:4b:d9:ca:
86:d6:ee:b7:dd:5a:30:d9:a1:15:ce:d8:fc:51:c0:
81:ac:ac:db:6c:ea:1d:25:b6:75:4b:ec:fa:1b:19:
21:65:f1:06:a8:ce:89:98:28:4d:4d:7f:6b:d7:4d:
47:12:57:d4:cc:21:d5:7e:e6:22:e7:8b:b1:a2:43:
21:7f:59:f0:84:a5:3e:05:79:b0:db:3c:6a:7f:96:
3f:2f:39:12:c4:c6:a1:4d:e4:6f:ab:a1:15:9d:30:
72:a9:d9:65:fd:78:80:77:f1:17:8d:a3:e4:18:b4:
99:e3:f0:b4:0e:21:a0:aa:b0:a5:66:07:0b:89:f0:
af:96:0e:83:ce:1a:9d:ed:35:d5:67:78:f9:af:99:
57:53:4c:d7:74:6a:03:2e:61:26:29:f8:0c:45:03:
4a:29:bc:3a:2c:bc:eb:60:e3:f4:c2:31:42:60:c6:
17:a9:4e:69:1b:5a:4f:06:3e:35:4c:f4:37:38:c4:
0c:2a:37:55:f3:1f:0b:38:c7:ce:bc:d2:b2:96:52:
eb:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F9:69:6F:20:3A:45:CC:3E:B8:2B:B8:26:E0:20:E6:CC:CD:A2:F1
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/vPlpbyA6Rcw-uCu4JuAg5szNovE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.135.0/24
148.253.34.0/24
148.253.228.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.97.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
1c:ce:74:b7:72:96:b5:34:95:0f:c4:3a:25:2c:31:6a:db:d4:
cd:68:76:5a:f7:55:0e:ec:9e:9f:8a:c0:36:64:b7:9e:57:64:
71:d5:65:6a:0c:67:9b:86:3e:ab:c2:a9:8e:5c:6e:be:17:ae:
34:45:12:bb:d5:8e:4c:4d:3c:60:fe:17:f9:35:f0:b8:b7:93:
f7:5b:72:61:f8:85:cf:ad:e5:ab:23:7d:16:f8:20:48:46:ae:
59:5e:b9:fe:f7:a4:c5:0e:a1:cf:9c:bb:cb:6e:58:58:1e:a6:
61:e1:19:16:4b:94:52:34:78:a6:89:65:ed:2a:70:b8:c6:10:
70:1b:e9:20:2c:0b:d0:3e:5b:30:f5:1a:05:03:68:de:a6:4e:
83:7a:e7:d4:0f:e4:e7:36:67:b9:23:b8:ed:6f:19:c1:33:0d:
a5:5e:59:b3:12:c5:c4:1b:97:2e:73:a6:6f:c4:3f:4f:23:0a:
32:c3:99:99:c9:e4:e2:5e:b3:0b:02:37:70:7c:71:a4:31:a9:
26:5b:d4:0f:20:ea:29:ce:70:94:08:c1:6a:6a:8c:44:3c:34:
ac:88:81:6a:cc:db:a8:82:66:13:dc:7c:54:db:b3:b5:0f:23:
22:5d:80:c1:5b:cd:45:5c:e6:66:a7:7c:60:a1:6a:86:1e:e4:
5d:4f:23:8f
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYzF3FuHjLCo6d8Cag38MQCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMTAxMTYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2Y5Njk2ZjIwM2E0NWNjM2ViODJiYjgyNmUwMjBlNmNjY2RhMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1/f1EfKe5KpIri4w5aYGLRWer6O
fNgAkOON2/BUG/RB5QYyYTWoe5cTruyweG3FTuw9iL2AM21L2cqG1u633Vow2aEV
ztj8UcCBrKzbbOodJbZ1S+z6GxkhZfEGqM6JmChNTX9r101HElfUzCHVfuYi54ux
okMhf1nwhKU+BXmw2zxqf5Y/LzkSxMahTeRvq6EVnTByqdll/XiAd/EXjaPkGLSZ
4/C0DiGgqrClZgcLifCvlg6Dzhqd7TXVZ3j5r5lXU0zXdGoDLmEmKfgMRQNKKbw6
LLzrYOP0wjFCYMYXqU5pG1pPBj41TPQ3OMQMKjdV8x8LOMfOvNKyllLruwIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFLz5aW8gOkXMPrgruCbgIObMzaLxMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvdlBscGJ5QTZSY3ctdUN1NEp1QWc1c3pOb3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBwQQCAAEwgboDBABd
vIcDBACU/SIDBACU/eQwDAMEAJT95wMEApT96AMEAJT97QMEAJT97wMEAJT99gME
AJT9+AMEAKOrQAMEAKOrQwMEAaOrRgMEAaOrVAMEAKOrVwMEAKOrXjAMAwQAo6th
AwQAo6tiMAwDBACjq2UDBACjq2gDBACjq6YDBACjq7EDBACjq7YDBACjq7wDBACj
q88DBACjq94DBAGjq+ADBACjq+cDBACjq/kDBACjq/wDBADCaxMwDwQCAAIwCQMH
ACoBU8D/xjANBgkqhkiG9w0BAQsFAAOCAQEAHM50t3KWtTSVD8Q6JSwxatvUzWh2
WvdVDuyen4rANmS3nldkcdVlagxnm4Y+q8KpjlxuvheuNEUSu9WOTE08YP4X+TXw
uLeT91tyYfiFz63lqyN9FvggSEauWV65/vekxQ6hz5y7y25YWB6mYeEZFkuUUjR4
poll7SpwuMYQcBvpICwL0D5bMPUaBQNo3qZOg3rn1A/k5zZnuSO47W8ZwTMNpV5Z
sxLFxBuXLnOmb8Q/TyMKMsOZmcnk4l6zCwI3cHxxpDGpJlvUDyDqKc5wlAjBamqM
RDw0rIiBaszbqIJmE9x8VNuztQ8jIl2AwVvNRVzmZqd8YKFqhh7kXU8jjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org