Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/xGy-dQmKtNiXUccoIBAoW0P-F1U.roa
File: xGy-dQmKtNiXUccoIBAoW0P-F1U.roa (raw, json)
Hash identifier: gZuAOUTtOkMXhEfmK0RkQMHtZruZypMOx/eTKzTj6HA=
Subject key identifier: C4:6C:BE:75:09:8A:B4:D8:97:51:C7:28:20:10:28:5B:43:FE:17:55
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018C1E2AA9E6D2EC8DC56C709A0F2FE39AD3
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/xGy-dQmKtNiXUccoIBAoW0P-F1U.roa
Signing time: Thu 30 Nov 2023 02:59:21 +0000
ROA not before: Thu 30 Nov 2023 02:59:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.254.0/24 maxlen: 24
91.194.205.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.90.0/24 maxlen: 24
163.171.91.0/24 maxlen: 24
151.249.91.0/24 maxlen: 24
151.249.90.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
163.171.246.0/24 maxlen: 24
163.171.253.0/24 maxlen: 24
163.171.251.0/24 maxlen: 24
163.171.247.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.242.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
148.253.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1e:2a:a9:e6:d2:ec:8d:c5:6c:70:9a:0f:2f:e3:9a:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Nov 30 02:59:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c46cbe75098ab4d89751c7282010285b43fe1755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:98:c2:13:0a:a3:39:be:ee:fc:09:29:a6:29:
e6:fa:63:21:fc:69:f6:aa:13:d8:91:0e:67:ba:5d:
d2:e4:b7:60:1d:ae:0a:42:5a:59:9f:81:52:3e:dc:
c8:94:38:c3:eb:f0:12:1d:26:b7:0d:04:07:bc:7f:
5d:7d:c0:d6:d5:83:f3:1c:30:20:c3:10:6c:ee:d9:
6c:7a:51:cc:7e:11:62:99:1c:c5:3d:e5:7f:be:23:
4b:7a:da:16:c4:79:d6:e6:55:84:22:ab:3b:fe:77:
f6:23:9e:06:c2:d8:33:e7:50:c1:6e:fd:eb:fb:33:
ed:93:55:17:70:6b:4b:72:01:c4:c4:2d:97:cc:04:
2d:d2:9a:bd:c6:e2:ab:9a:d2:b2:71:ad:6e:a0:62:
cc:48:ca:3b:6f:65:cd:80:c1:10:9f:fd:4f:ba:66:
fb:16:ee:b8:cb:e7:c6:ae:0d:c2:56:ab:02:5d:48:
a7:e7:19:29:84:c2:46:d3:6c:10:16:89:fc:8c:b8:
3e:15:c7:0c:31:09:5b:b2:ba:6e:07:10:ab:56:97:
9e:57:91:1c:2e:f9:ae:89:f5:9c:45:e5:18:92:93:
7f:4d:5a:aa:b2:07:ed:9a:c2:d4:a8:03:e9:6b:56:
dc:68:a4:cb:b6:53:08:0c:d1:65:94:26:2d:b5:79:
08:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:6C:BE:75:09:8A:B4:D8:97:51:C7:28:20:10:28:5B:43:FE:17:55
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/xGy-dQmKtNiXUccoIBAoW0P-F1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
148.253.239.0-148.253.243.255
148.253.249.0-148.253.250.255
151.249.90.0-151.249.94.255
163.171.77.0/24
163.171.90.0/23
163.171.246.0/23
163.171.251.0/24
163.171.253.0-163.171.254.255
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:16:50:60:ab:3e:bc:e8:82:ea:50:9c:da:0b:93:ac:10:cc:
bc:30:f5:59:2f:b4:cf:76:3d:c8:2d:83:98:db:ca:ad:75:5f:
d4:56:98:fe:e6:94:10:a9:6b:d9:73:56:a3:24:02:86:bf:3d:
0e:5b:a5:c4:ed:c8:57:3e:cb:3a:78:67:93:27:d6:89:61:9e:
22:ba:cb:25:e9:30:5c:7c:cc:fa:00:cf:ad:10:aa:95:26:0a:
6d:8f:54:5a:15:9e:75:41:95:0f:b4:9e:c9:23:d7:2a:5e:34:
7d:b8:2a:73:77:92:d5:3b:77:12:da:8c:00:86:88:22:d7:fd:
33:cb:61:88:55:bb:b0:29:52:e7:0b:34:3e:63:a1:97:ab:ef:
5a:b7:f5:47:46:f6:c5:47:17:74:23:0f:b1:91:40:38:c0:e5:
ea:f8:b0:8b:2e:bf:07:ce:18:4b:1c:f8:e4:46:e2:a8:1c:21:
c9:06:33:d6:33:5b:35:6e:b5:e9:03:e5:23:df:ae:18:39:75:
69:e5:09:ce:56:14:6e:3c:ca:62:69:fd:c4:8d:dd:15:af:6b:
d0:2b:4c:37:33:50:84:8b:fe:b2:9c:c0:f6:57:a0:bd:4e:aa:
15:4b:de:dc:a4:02:13:94:3a:e8:53:88:6b:75:c1:1a:c8:a6:
7f:6c:27:56
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYweKqnm0uyNxWxwmg8v45rTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMxMTMwMDI1OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDZjYmU3NTA5OGFiNGQ4OTc1MWM3MjgyMDEwMjg1YjQzZmUxNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZjCEwqjOb7u/Akppinm+mMh/Gn2
qhPYkQ5nul3S5LdgHa4KQlpZn4FSPtzIlDjD6/ASHSa3DQQHvH9dfcDW1YPzHDAg
wxBs7tlselHMfhFimRzFPeV/viNLetoWxHnW5lWEIqs7/nf2I54Gwtgz51DBbv3r
+zPtk1UXcGtLcgHExC2XzAQt0pq9xuKrmtKyca1uoGLMSMo7b2XNgMEQn/1Pumb7
Fu64y+fGrg3CVqsCXUin5xkphMJG02wQFon8jLg+FccMMQlbsrpuBxCrVpeeV5Ec
LvmuifWcReUYkpN/TVqqsgftmsLUqAPpa1bcaKTLtlMIDNFllCYttXkIVQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFMRsvnUJirTYl1HHKCAQKFtD/hdVMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEveEd5LWRRbUt0TmlYVWNjb0lCQW9XMFAtRjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAW8LNAwQA
W8rIMAwDBACU/e8DBAKU/fAwDAMEAJT9+QMEAJT9+jAMAwQBl/laAwQAl/leAwQA
o6tNAwQBo6taAwQBo6v2AwQAo6v7MAwDBACjq/0DBACjq/4DBAC5G+QwDQYJKoZI
hvcNAQELBQADggEBAKoWUGCrPrzogupQnNoLk6wQzLww9VkvtM92Pcgtg5jbyq11
X9RWmP7mlBCpa9lzVqMkAoa/PQ5bpcTtyFc+yzp4Z5Mn1olhniK6yyXpMFx8zPoA
z60QqpUmCm2PVFoVnnVBlQ+0nskj1ypeNH24KnN3ktU7dxLajACGiCLX/TPLYYhV
u7ApUucLND5joZer71q39UdG9sVHF3QjD7GRQDjA5er4sIsuvwfOGEsc+ORG4qgc
IckGM9YzWzVutekD5SPfrhg5dWnlCc5WFG48ymJp/cSN3RWva9ArTDczUISL/rKc
wPZXoL1OqhVL3tykAhOUOuhTiGt1wRrIpn9sJ1Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org