Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Bsq2dQYpxd9M-UCnQmi_5rJ3BmI.roa
File: Bsq2dQYpxd9M-UCnQmi_5rJ3BmI.roa (raw, json)
Hash identifier: 8uBnQVV60uYqUKac7WjO/nCvYwNeJrJKZqtt5uUkXbY=
Subject key identifier: 06:CA:B6:75:06:29:C5:DF:4C:F9:40:A7:42:68:BF:E6:B2:77:06:62
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 01856E542CB936E7CA85C6C062998077699F
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Bsq2dQYpxd9M-UCnQmi_5rJ3BmI.roa
Signing time: Sun 01 Jan 2023 17:14:48 +0000
ROA not before: Sun 01 Jan 2023 17:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204720
IP address blocks: 163.171.153.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Oct 2023 07:25:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:2c:b9:36:e7:ca:85:c6:c0:62:99:80:77:69:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 1 17:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06cab6750629c5df4cf940a74268bfe6b2770662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c1:cb:2e:77:3f:b3:6d:81:6c:a5:19:22:e6:
04:f1:2f:f8:38:52:37:6f:c7:46:0e:81:11:9d:2b:
c7:b8:4c:47:b7:51:10:a5:4b:d9:47:e6:c4:85:ef:
b2:92:c4:fc:57:55:9f:20:9c:00:a0:77:2e:d7:9b:
7e:6b:d6:9a:c7:f0:f8:8c:ce:32:ef:26:0e:2a:30:
b2:71:0e:e2:5b:14:00:65:9a:ad:58:a7:d2:62:d3:
96:f9:ca:06:40:65:14:a2:ef:17:7b:bc:92:71:c3:
9e:3c:9e:aa:53:f5:7f:fa:68:82:39:87:c8:a3:bb:
95:f5:db:25:26:34:b0:94:1b:5e:bc:dc:f9:de:c0:
18:21:83:95:ca:c9:6e:2e:86:b0:d0:f7:f4:eb:2e:
89:46:bb:fe:88:6e:d5:d9:3c:93:49:37:08:d2:0b:
bb:90:56:a9:93:2b:c7:83:47:5d:30:e3:a6:77:76:
ee:0e:d9:80:bc:cb:33:58:44:e8:5f:c1:2d:6a:8d:
ac:53:e9:34:04:48:77:20:ae:39:61:de:48:66:a5:
c4:1e:ab:14:91:d2:3d:3a:f8:2c:15:6c:20:48:46:
5e:d5:d6:22:cf:27:a2:96:ab:b6:b2:08:da:76:f7:
cb:91:71:e3:cf:90:a2:88:b9:a3:49:f2:32:f6:19:
08:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CA:B6:75:06:29:C5:DF:4C:F9:40:A7:42:68:BF:E6:B2:77:06:62
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Bsq2dQYpxd9M-UCnQmi_5rJ3BmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.60.0-148.253.62.255
163.171.153.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:24:8d:24:aa:6b:d5:da:0a:53:51:fa:28:9b:32:fd:25:94:
ac:3d:41:46:1b:5d:1d:fd:5e:cf:7e:42:4c:58:04:3b:00:d1:
c1:15:50:c0:b2:59:30:12:44:e5:63:83:b0:e9:39:85:45:05:
e8:af:67:56:2e:8a:98:7e:22:95:d4:ec:8b:8e:d6:69:c6:29:
dc:c9:1a:58:78:b1:2d:16:63:ae:34:b7:fb:6e:c1:3b:ac:df:
56:d7:4d:39:0e:b3:f7:6b:e9:e4:7f:53:25:91:f8:06:aa:18:
e7:ef:fb:3c:ba:8c:7f:2a:8f:86:0f:f3:a8:d4:85:47:f7:c5:
e6:60:4e:0d:bd:90:08:e6:eb:54:f2:1b:b8:1b:e9:83:69:dd:
2e:34:a2:c5:f3:79:0a:cc:6c:bf:43:d1:d6:2e:3c:41:37:be:
21:a1:e6:85:8f:51:98:c9:70:6b:7e:d0:53:7b:bf:3a:60:ae:
6c:da:4c:84:64:3b:8c:52:a0:75:ed:1d:9a:f2:19:45:7d:5c:
fb:cf:b2:9d:bf:9b:6c:1a:15:ed:f9:3d:cf:9c:92:95:0d:d9:
c6:1b:52:28:80:4b:c8:d3:76:62:01:34:4e:00:27:6a:a1:8e:
65:6d:98:83:73:e3:14:b2:3d:4e:2b:a5:73:92:36:48:ba:b4:
fe:7f:c1:84
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVuVCy5NufKhcbAYpmAd2mfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwMTAxMTcxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmNhYjY3NTA2MjljNWRmNGNmOTQwYTc0MjY4YmZlNmIyNzcwNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMHLLnc/s22BbKUZIuYE8S/4OFI3
b8dGDoERnSvHuExHt1EQpUvZR+bEhe+yksT8V1WfIJwAoHcu15t+a9aax/D4jM4y
7yYOKjCycQ7iWxQAZZqtWKfSYtOW+coGQGUUou8Xe7ySccOePJ6qU/V/+miCOYfI
o7uV9dslJjSwlBtevNz53sAYIYOVysluLoaw0Pf06y6JRrv+iG7V2TyTSTcI0gu7
kFapkyvHg0ddMOOmd3buDtmAvMszWEToX8Etao2sU+k0BEh3IK45Yd5IZqXEHqsU
kdI9OvgsFWwgSEZe1dYizyeilqu2sgjadvfLkXHjz5CiiLmjSfIy9hkIFwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAbKtnUGKcXfTPlAp0Jov+aydwZiMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvQnNxMmRRWXB4ZDlNLVVDblFtaV81ckozQm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAKU/TwD
BACU/T4DBACjq5kwDQYJKoZIhvcNAQELBQADggEBALYkjSSqa9XaClNR+iibMv0l
lKw9QUYbXR39Xs9+QkxYBDsA0cEVUMCyWTASROVjg7DpOYVFBeivZ1Yuiph+IpXU
7IuO1mnGKdzJGlh4sS0WY640t/tuwTus31bXTTkOs/dr6eR/UyWR+AaqGOfv+zy6
jH8qj4YP86jUhUf3xeZgTg29kAjm61TyG7gb6YNp3S40osXzeQrMbL9D0dYuPEE3
viGh5oWPUZjJcGt+0FN7vzpgrmzaTIRkO4xSoHXtHZryGUV9XPvPsp2/m2waFe35
Pc+ckpUN2cYbUiiAS8jTdmIBNE4AJ2qhjmVtmINz4xSyPU4rpXOSNki6tP5/wYQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org