Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/yXnudptmiizwdfeCUKvslTDmHRw.roa
File: yXnudptmiizwdfeCUKvslTDmHRw.roa (raw, json)
Hash identifier: MYBpbcp0r96g4UtE5zVpvYAgDQs1Nczvlvf2GnbwXOs=
Subject key identifier: C9:79:EE:76:9B:66:8A:2C:F0:75:F7:82:50:AB:EC:95:30:E6:1D:1C
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018DF8D90468ACA3BD2FE1B4A347D59B960C
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/yXnudptmiizwdfeCUKvslTDmHRw.roa
Signing time: Fri 01 Mar 2024 07:09:48 +0000
ROA not before: Fri 01 Mar 2024 07:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Mar 2024 09:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f8:d9:04:68:ac:a3:bd:2f:e1:b4:a3:47:d5:9b:96:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 1 07:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c979ee769b668a2cf075f78250abec9530e61d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:85:60:73:09:59:81:58:c0:d1:c7:ee:a4:3b:
ea:39:20:8a:72:dd:bb:b3:dd:bc:c7:a6:52:10:68:
1c:3f:27:7f:4e:9c:17:cc:5a:6a:fd:34:58:c2:b3:
d7:9a:2f:ab:28:87:06:07:5e:c8:98:aa:fd:f9:4b:
51:81:da:60:6a:53:97:a5:08:a8:c9:53:29:4b:2d:
a9:86:b5:0f:5d:eb:0d:c4:7f:60:1b:32:a2:3c:59:
4c:59:06:84:cf:64:92:2c:32:e7:a6:c1:aa:85:92:
b6:43:49:63:88:07:59:48:20:90:34:b0:a7:a9:d6:
6c:e1:32:92:69:5c:e3:38:1a:66:c5:cc:43:fb:b4:
cc:ac:50:ea:80:f6:81:7d:b2:6e:58:da:ea:1f:c3:
94:f9:f5:56:d0:1a:d2:64:ee:d6:48:e8:29:51:27:
22:4e:8e:53:80:f1:4b:55:9f:b8:dc:58:fe:d0:5f:
a7:00:20:87:38:76:fc:4a:5a:df:46:e5:2b:ce:9d:
1f:f2:d0:95:77:af:f5:9a:a6:86:15:36:c1:a5:a4:
fe:75:bb:58:01:71:f0:c9:3a:b6:dc:0c:46:00:a0:
d8:28:80:82:de:52:9c:72:57:48:05:d5:2c:24:21:
13:61:5a:7f:d4:c6:d6:fd:d5:0a:e6:12:2e:b2:9d:
00:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:79:EE:76:9B:66:8A:2C:F0:75:F7:82:50:AB:EC:95:30:E6:1D:1C
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/yXnudptmiizwdfeCUKvslTDmHRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.135.0/24
148.253.34.0/24
148.253.60.0/22
148.253.228.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
79:58:ef:2b:a5:92:06:c8:a2:01:e3:57:83:a1:ba:2c:42:47:
2c:e4:0b:a0:90:28:b6:af:ff:0e:22:a7:9a:37:8e:7e:33:b2:
83:eb:28:9d:71:b5:c4:3e:47:e9:21:4d:0f:a8:d2:8f:62:93:
0b:a3:7c:06:ca:59:f4:d8:aa:45:d2:c8:b7:e2:1a:25:d3:5a:
9e:a0:7b:7b:25:36:99:e8:49:07:9f:d5:22:69:e7:4b:f5:71:
52:03:bb:4d:4d:93:9b:b6:33:71:f5:cf:0a:74:fd:5b:c2:8e:
ef:b3:ca:d8:7e:c9:42:b1:38:ad:31:8e:8d:98:c8:23:d8:a6:
92:93:52:b7:9c:d3:48:86:9d:ec:2f:d5:a0:0e:21:a7:37:14:
c2:e2:e3:c5:c0:21:bf:8a:ec:10:7c:09:ba:88:8b:7e:3b:37:
ff:68:83:ba:dd:eb:f1:cb:15:4c:5f:2b:b3:ba:1c:b1:02:ab:
20:c2:a7:6f:5f:14:e1:ca:7a:cc:69:d9:ff:41:21:1c:78:e1:
b2:ac:e0:87:c6:a4:22:f2:22:35:1e:97:2a:01:53:28:60:d7:
73:b8:fd:37:a9:0e:42:6b:ee:5a:c7:c1:fe:e8:a3:ca:a1:a5:
20:af:22:88:62:b7:81:e5:3e:c8:b2:6b:34:9a:95:a9:a5:30:
4a:f4:82:d8
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAY342QRorKO9L+G0o0fVm5YMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMzAxMDcwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTc5ZWU3NjliNjY4YTJjZjA3NWY3ODI1MGFiZWM5NTMwZTYxZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIVgcwlZgVjA0cfupDvqOSCKct27
s928x6ZSEGgcPyd/TpwXzFpq/TRYwrPXmi+rKIcGB17ImKr9+UtRgdpgalOXpQio
yVMpSy2phrUPXesNxH9gGzKiPFlMWQaEz2SSLDLnpsGqhZK2Q0ljiAdZSCCQNLCn
qdZs4TKSaVzjOBpmxcxD+7TMrFDqgPaBfbJuWNrqH8OU+fVW0BrSZO7WSOgpUSci
To5TgPFLVZ+43Fj+0F+nACCHOHb8SlrfRuUrzp0f8tCVd6/1mqaGFTbBpaT+dbtY
AXHwyTq23AxGAKDYKICC3lKccldIBdUsJCETYVp/1MbW/dUK5hIusp0AIwIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFMl57nabZoos8HX3glCr7JUw5h0cMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEveVhudWRwdG1paXp3ZGZlQ1VLdnNsVERtSFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHuBggrBgEFBQcBBwEB/wSB3jCB2zCBxwQCAAEwgcADBABd
vIcDBACU/SIDBAKU/TwDBACU/eQwDAMEAJT95wMEApT96AMEAJT97QMEAJT97wME
AJT99gMEAJT9+AMEAKOrQAMEAKOrQwMEAaOrRgMEAaOrVAMEAKOrVwMEAKOrXjAM
AwQFo6tgAwQAo6tiMAwDBACjq2UDBACjq2gDBACjq6YDBACjq7EDBACjq7YDBACj
q7wDBACjq88DBACjq94DBAGjq+ADBACjq+cDBACjq/kDBACjq/wDBADCaxMwDwQC
AAIwCQMHACoBU8D/xjANBgkqhkiG9w0BAQsFAAOCAQEAeVjvK6WSBsiiAeNXg6G6
LEJHLOQLoJAotq//DiKnmjeOfjOyg+sonXG1xD5H6SFND6jSj2KTC6N8BspZ9Niq
RdLIt+IaJdNanqB7eyU2mehJB5/VImnnS/VxUgO7TU2Tm7YzcfXPCnT9W8KO77PK
2H7JQrE4rTGOjZjII9imkpNSt5zTSIad7C/VoA4hpzcUwuLjxcAhv4rsEHwJuoiL
fjs3/2iDut3r8csVTF8rs7ocsQKrIMKnb18U4cp6zGnZ/0EhHHjhsqzgh8akIvIi
NR6XKgFTKGDXc7j9N6kOQmvuWsfB/uijyqGlIK8iiGK3geU+yLJrNJqVqaUwSvSC
2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org