Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/xi8w457E-L4L3k9g3mEgoWQSBpc.roa
File: xi8w457E-L4L3k9g3mEgoWQSBpc.roa (raw, json)
Hash identifier: oJgJRvesinGWQbwT0bcx1n+nZRlNoEOIJXmOeGx1tU8=
Subject key identifier: C6:2F:30:E3:9E:C4:F8:BE:0B:DE:4F:60:DE:61:20:A1:64:12:06:97
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018A34BB38B07B0D9A254D92A6B3F42D6344
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/xi8w457E-L4L3k9g3mEgoWQSBpc.roa
Signing time: Sun 27 Aug 2023 02:03:19 +0000
ROA not before: Sun 27 Aug 2023 02:03:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54994
IP address blocks: 163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 15 Sep 2023 10:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:34:bb:38:b0:7b:0d:9a:25:4d:92:a6:b3:f4:2d:63:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Aug 27 02:03:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c62f30e39ec4f8be0bde4f60de6120a164120697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b1:80:0e:51:f7:8c:89:da:dd:c2:25:41:98:
5d:57:db:64:cd:f1:48:0e:31:c0:b3:15:99:77:31:
63:d4:8b:40:0b:71:d7:dc:f7:02:7c:f5:25:c0:fe:
7a:5f:41:ab:4f:d2:83:9e:b1:b5:77:59:73:63:42:
5e:0e:e2:d2:c7:c4:5c:0e:c8:8c:5f:71:78:87:32:
8e:89:c3:a0:e9:cf:93:72:7c:d9:38:3f:76:01:47:
9d:97:04:df:e0:3c:2f:13:a1:7a:a1:29:26:bc:59:
dc:b6:70:1d:83:b2:b6:87:95:c5:01:58:e5:cd:fb:
f6:ca:1a:a7:59:e2:ae:13:97:d7:88:c1:61:56:7f:
55:51:e4:ed:36:2d:d9:e0:02:0b:b6:1d:fc:9b:08:
2e:5b:06:88:8e:2b:f5:db:d9:57:c5:8c:e7:83:e1:
40:97:dc:84:05:d8:9a:67:1c:75:fe:51:99:6d:14:
f7:1b:a3:72:eb:64:4e:d2:a0:dd:70:fb:47:18:07:
72:8c:0e:f3:45:ca:f6:4d:94:45:42:34:48:95:46:
6d:f5:7c:b5:72:9a:79:68:f3:75:b2:60:a6:e3:63:
30:83:b5:2c:3d:76:33:2e:54:a9:d3:2a:7b:98:3d:
35:ca:76:38:27:4f:39:f0:10:ea:c3:cb:a7:4f:b2:
ee:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:2F:30:E3:9E:C4:F8:BE:0B:DE:4F:60:DE:61:20:A1:64:12:06:97
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/xi8w457E-L4L3k9g3mEgoWQSBpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.135.0/24
148.253.34.0/24
148.253.228.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.246.0/24
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.97.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
0b:5a:56:9c:37:6c:2d:ba:88:cd:79:80:41:23:91:76:71:e1:
4a:5f:c1:ef:d9:8c:3c:ec:43:3f:1f:74:7d:e3:60:ee:4d:0d:
78:a8:77:9a:be:9b:08:25:e5:2a:c9:91:af:81:e0:a1:63:bc:
27:ae:c6:c1:34:1c:34:92:ed:51:5b:92:f5:bd:37:4c:a1:23:
07:fb:e4:48:52:c7:b5:ae:68:06:cf:8e:6b:a3:d2:87:79:d8:
02:d9:3d:d5:58:55:90:22:6d:d3:76:b6:c4:d7:25:72:1b:4f:
f6:3d:9e:34:dc:02:7b:b8:b3:fa:d8:ff:ed:62:03:32:f9:10:
3c:a9:48:93:1b:2f:ec:97:6b:9a:03:53:e8:b1:b0:ec:4a:95:
8f:80:17:08:09:9c:68:2a:ab:25:28:46:2c:d1:c8:43:2a:4b:
7c:34:b0:f1:b8:1e:69:dc:ea:37:e3:74:35:50:42:87:8e:67:
db:c0:f7:55:bf:c6:d5:bb:3f:75:dc:a8:89:32:91:de:cd:5e:
b6:2b:fc:ce:6d:74:84:5a:6b:df:af:b6:26:0b:00:ac:3b:41:
ce:aa:23:89:37:79:5d:29:f4:46:a3:1f:14:c9:c3:ca:57:03:
40:be:1e:82:de:6d:8f:4c:6c:59:b7:29:f2:20:fa:6c:80:0f:
1d:83:9d:ed
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYo0uziwew2aJU2SprP0LWNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwODI3MDIwMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjJmMzBlMzllYzRmOGJlMGJkZTRmNjBkZTYxMjBhMTY0MTIwNjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbGADlH3jIna3cIlQZhdV9tkzfFI
DjHAsxWZdzFj1ItAC3HX3PcCfPUlwP56X0GrT9KDnrG1d1lzY0JeDuLSx8RcDsiM
X3F4hzKOicOg6c+TcnzZOD92AUedlwTf4DwvE6F6oSkmvFnctnAdg7K2h5XFAVjl
zfv2yhqnWeKuE5fXiMFhVn9VUeTtNi3Z4AILth38mwguWwaIjiv129lXxYzng+FA
l9yEBdiaZxx1/lGZbRT3G6Ny62RO0qDdcPtHGAdyjA7zRcr2TZRFQjRIlUZt9Xy1
cpp5aPN1smCm42Mwg7UsPXYzLlSp0yp7mD01ynY4J0858BDqw8unT7LuUQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFMYvMOOexPi+C95PYN5hIKFkEgaXMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEveGk4dzQ1N0UtTDRMM2s5ZzNtRWdvV1FTQnBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBtQQCAAEwga4DBABd
vIcDBACU/SIDBACU/eQwDAMEAJT95wMEApT96AMEAJT97QMEAJT99gMEAKOrQAME
AKOrQwMEAaOrRgMEAaOrVAMEAKOrVwMEAKOrXjAMAwQAo6thAwQAo6tiMAwDBACj
q2UDBACjq2gDBACjq6YDBACjq7EDBACjq7YDBACjq7wDBACjq88DBACjq94DBAGj
q+ADBACjq+cDBACjq/kDBACjq/wDBADCaxMwDwQCAAIwCQMHACoBU8D/xjANBgkq
hkiG9w0BAQsFAAOCAQEAC1pWnDdsLbqIzXmAQSORdnHhSl/B79mMPOxDPx90feNg
7k0NeKh3mr6bCCXlKsmRr4HgoWO8J67GwTQcNJLtUVuS9b03TKEjB/vkSFLHta5o
Bs+Oa6PSh3nYAtk91VhVkCJt03a2xNclchtP9j2eNNwCe7iz+tj/7WIDMvkQPKlI
kxsv7JdrmgNT6LGw7EqVj4AXCAmcaCqrJShGLNHIQypLfDSw8bgeadzqN+N0NVBC
h45n28D3Vb/G1bs/ddyoiTKR3s1etiv8zm10hFpr36+2JgsArDtBzqojiTd5XSn0
RqMfFMnDylcDQL4egt5tj0xsWbcp8iD6bIAPHYOd7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org