Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/xkvyXT_hC7wLcqsvnqLIsbRSKAU.roa
File: xkvyXT_hC7wLcqsvnqLIsbRSKAU.roa (raw, json)
Hash identifier: PoZcpwRPzWpIiL20VM1LvjK0hsrvL8u13FoNSQMMXyg=
Subject key identifier: C6:4B:F2:5D:3F:E1:0B:BC:0B:72:AB:2F:9E:A2:C8:B1:B4:52:28:05
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0186C4983020EC296E551FA93C9D83551580
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/xkvyXT_hC7wLcqsvnqLIsbRSKAU.roa
Signing time: Thu 09 Mar 2023 04:19:13 +0000
ROA not before: Thu 09 Mar 2023 04:19:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.77.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Mar 2023 03:42:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c4:98:30:20:ec:29:6e:55:1f:a9:3c:9d:83:55:15:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 9 04:19:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c64bf25d3fe10bbc0b72ab2f9ea2c8b1b4522805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:57:43:1e:e9:3e:cc:b8:d1:5e:18:39:b2:a1:
4b:79:a9:68:e7:ea:70:df:2e:0d:88:18:18:e2:cd:
c8:52:cf:36:dc:0b:6d:90:a6:f6:3a:d0:00:11:50:
7a:6f:0c:46:bf:29:40:2b:5e:74:07:f6:1e:8b:d5:
b1:95:81:b8:b6:46:fb:94:0c:f0:a5:c5:c8:cc:41:
53:67:34:36:63:e6:99:69:da:bb:cb:26:a3:a3:52:
9e:97:9d:d0:a9:a2:ba:4a:15:f6:97:79:bb:d1:fe:
0d:16:dd:e4:6b:9a:4f:70:fa:87:fc:2d:5a:46:04:
97:b0:5c:d3:fd:70:66:0a:82:29:d7:9b:68:ee:dc:
c4:da:e7:0e:81:e2:de:ee:f5:63:c1:87:8b:7a:52:
76:5e:bc:e0:9b:4a:1f:4e:81:a6:9a:9d:d3:62:b2:
56:90:cd:20:16:83:03:3b:e1:7b:48:40:bb:06:9a:
c5:f5:bf:ed:33:11:23:de:20:cd:3a:dd:56:97:fd:
af:85:7d:ea:a8:a3:0f:bb:a7:22:e7:52:df:32:be:
f7:81:1e:d2:f7:ad:66:0e:08:6c:71:4c:81:f1:26:
3d:21:2a:72:9c:8c:df:7d:46:d0:4d:9e:ad:7b:54:
dd:75:80:77:52:eb:cf:2a:53:66:7c:35:89:81:64:
ef:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4B:F2:5D:3F:E1:0B:BC:0B:72:AB:2F:9E:A2:C8:B1:B4:52:28:05
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/xkvyXT_hC7wLcqsvnqLIsbRSKAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.239.0-148.253.241.255
148.253.243.0/24
163.171.77.0/24
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:2f:c4:b2:61:15:b7:dd:40:ce:b1:95:5d:61:47:98:f3:3f:
54:11:05:8c:83:b5:cd:47:c2:2c:7c:80:d8:4d:e4:2a:01:15:
f4:55:c2:c5:d6:3d:9f:dc:c4:7e:58:5b:c0:c4:4f:68:de:4e:
86:4c:30:02:6c:d3:29:e0:cf:b8:7e:e3:ed:ed:67:ac:dc:23:
fc:da:99:c0:ea:ce:5d:d9:bd:0e:ab:a4:af:28:90:b9:b7:d9:
e5:57:36:b5:2d:7b:5d:bd:40:43:7d:55:3d:fd:29:08:2c:64:
af:a8:f2:cc:d4:b2:e0:cb:ad:67:eb:cd:c8:76:48:17:33:cd:
42:4b:7c:02:81:99:cf:32:71:5e:6c:6e:6a:be:71:a8:cb:1a:
13:b5:15:2a:83:98:67:14:cb:25:5d:6a:45:be:0a:fc:53:08:
2f:7f:d6:fd:e3:0a:a4:40:93:e7:1f:45:2d:98:cf:c3:f9:15:
42:f6:47:8d:9a:31:98:02:b6:d6:b4:0f:20:17:23:8e:f5:51:
e9:5b:c8:bf:0b:21:04:05:dc:c1:70:b2:5b:ff:81:37:86:72:
63:c4:43:6a:a0:82:3b:fe:bc:f8:40:31:95:d4:91:5a:79:7f:
65:8e:32:e8:90:b9:a1:96:43:9e:ad:12:1d:95:c6:e3:a3:49:
9d:8c:f1:9c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYbEmDAg7CluVR+pPJ2DVRWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwMzA5MDQxOTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRiZjI1ZDNmZTEwYmJjMGI3MmFiMmY5ZWEyYzhiMWI0NTIyODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFdDHuk+zLjRXhg5sqFLealo5+pw
3y4NiBgY4s3IUs823AttkKb2OtAAEVB6bwxGvylAK150B/Yei9WxlYG4tkb7lAzw
pcXIzEFTZzQ2Y+aZadq7yyajo1Kel53QqaK6ShX2l3m70f4NFt3ka5pPcPqH/C1a
RgSXsFzT/XBmCoIp15to7tzE2ucOgeLe7vVjwYeLelJ2Xrzgm0ofToGmmp3TYrJW
kM0gFoMDO+F7SEC7BprF9b/tMxEj3iDNOt1Wl/2vhX3qqKMPu6ci51LfMr73gR7S
961mDghscUyB8SY9ISpynIzffUbQTZ6te1TddYB3UuvPKlNmfDWJgWTv2wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMZL8l0/4Qu8C3KrL56iyLG0UigFMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEveGt2eVhUX2hDN3dMY3Fzdm5xTElzYlJTS0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBACU/e8D
BAGU/fADBACU/fMDBACjq00DBAC5G+QwDQYJKoZIhvcNAQELBQADggEBAK4vxLJh
FbfdQM6xlV1hR5jzP1QRBYyDtc1Hwix8gNhN5CoBFfRVwsXWPZ/cxH5YW8DET2je
ToZMMAJs0yngz7h+4+3tZ6zcI/zamcDqzl3ZvQ6rpK8okLm32eVXNrUte129QEN9
VT39KQgsZK+o8szUsuDLrWfrzch2SBczzUJLfAKBmc8ycV5sbmq+cajLGhO1FSqD
mGcUyyVdakW+CvxTCC9/1v3jCqRAk+cfRS2Yz8P5FUL2R42aMZgCtta0DyAXI471
UelbyL8LIQQF3MFwslv/gTeGcmPEQ2qggjv+vPhAMZXUkVp5f2WOMuiQuaGWQ56t
Eh2VxuOjSZ2M8Zw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org