Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/bGp1rn9jJHaiz4KDxk38vglcvK0.roa
File: bGp1rn9jJHaiz4KDxk38vglcvK0.roa (raw, json)
Hash identifier: M4io81BWykGgwP20sUNAKCRgVNXW7GwvTbJxhYJMN3g=
Subject key identifier: 6C:6A:75:AE:7F:63:24:76:A2:CF:82:83:C6:4D:FC:BE:09:5C:BC:AD
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0187A24593147CDC895C17DE2C9534E09067
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/bGp1rn9jJHaiz4KDxk38vglcvK0.roa
Signing time: Fri 21 Apr 2023 05:24:41 +0000
ROA not before: Fri 21 Apr 2023 05:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4787
IP address blocks: 163.171.67.0/24 maxlen: 24
148.253.254.0/24 maxlen: 24
148.253.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a2:45:93:14:7c:dc:89:5c:17:de:2c:95:34:e0:90:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Apr 21 05:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c6a75ae7f632476a2cf8283c64dfcbe095cbcad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3a:d7:83:af:25:ad:86:3a:df:e0:4e:de:85:
64:41:eb:3a:81:c9:2d:d2:27:c7:02:36:9b:a6:61:
9a:aa:10:36:04:1f:13:39:68:df:8f:20:ab:06:6d:
20:00:54:74:08:b4:dd:70:8a:53:94:d2:92:32:84:
c5:35:16:e3:96:f3:80:c0:5f:86:d9:e4:f0:d7:4b:
1d:2b:57:94:91:e0:8d:ef:c3:30:44:f8:8a:9d:e4:
a1:bb:9c:69:50:c7:67:1e:5b:44:d5:88:80:85:63:
fa:6b:ef:46:3b:2b:4a:b2:80:3d:a1:8b:c3:d5:34:
61:55:5a:6e:55:b9:2b:f0:80:4b:41:24:2e:38:29:
b6:d8:7a:e5:ac:9f:74:3f:2d:e9:e7:31:47:f3:19:
59:39:75:e7:fd:1b:f0:a4:1e:d6:50:28:83:19:a6:
57:7b:25:9e:4e:6b:58:1b:66:cf:a8:21:e5:8f:08:
d1:a1:12:62:f7:e2:16:db:b2:12:7a:fb:c7:07:1c:
c5:1e:3b:1f:0a:9c:61:47:d4:7a:ca:05:2d:83:8c:
d8:99:5e:09:c9:df:5c:f4:53:c5:b3:f0:f1:00:74:
a1:81:f3:1c:fe:93:b0:c1:1b:15:ed:64:e1:14:38:
65:d8:65:63:96:be:f8:4f:91:1b:3d:db:42:ba:af:
07:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:6A:75:AE:7F:63:24:76:A2:CF:82:83:C6:4D:FC:BE:09:5C:BC:AD
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/bGp1rn9jJHaiz4KDxk38vglcvK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.254.0/23
163.171.67.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:ea:7d:ac:67:2e:b4:d1:07:68:96:2f:8d:3b:46:8e:d3:0a:
92:22:5c:18:25:c3:80:98:6b:ca:a4:4b:15:16:e5:18:89:da:
28:8e:57:1f:7d:ac:4d:97:54:98:45:4f:4f:74:f6:cf:89:e3:
b3:19:26:12:d7:fb:91:79:a0:76:fb:82:11:f3:ff:ad:4b:ca:
1e:1a:e4:2d:f1:11:7e:8a:23:0d:d3:da:74:ce:99:bd:9a:27:
a9:5b:e5:bc:ee:85:ff:30:cc:20:fc:8e:c9:48:1c:69:27:c0:
3e:9e:a3:04:d4:39:cd:a4:51:b0:39:83:88:89:12:fe:b4:fa:
1d:0a:56:ac:92:07:52:6a:06:b1:a5:fd:73:13:a1:3b:92:f2:
a7:3c:e0:7d:76:a0:40:ef:81:e2:fa:ff:b2:aa:0f:42:df:51:
25:00:d5:fb:f0:f0:5b:0e:1d:f1:e7:5d:b9:31:6d:ea:6e:5b:
ce:13:ce:dd:9b:6f:d2:f2:f8:19:d4:63:ef:5a:be:be:48:f3:
ec:b0:c8:8b:73:38:48:83:63:a9:18:d1:de:3f:b8:04:9e:1d:
fc:41:23:2b:fb:fc:6a:4f:7a:29:75:e6:31:39:63:45:93:57:
7e:01:38:69:cf:06:be:4d:dd:ce:d4:06:d8:e8:d2:b6:da:59:
45:41:7f:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeiRZMUfNyJXBfeLJU04JBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwNDIxMDUyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzZhNzVhZTdmNjMyNDc2YTJjZjgyODNjNjRkZmNiZTA5NWNiY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszrXg68lrYY63+BO3oVkQes6gckt
0ifHAjabpmGaqhA2BB8TOWjfjyCrBm0gAFR0CLTdcIpTlNKSMoTFNRbjlvOAwF+G
2eTw10sdK1eUkeCN78MwRPiKneShu5xpUMdnHltE1YiAhWP6a+9GOytKsoA9oYvD
1TRhVVpuVbkr8IBLQSQuOCm22HrlrJ90Py3p5zFH8xlZOXXn/RvwpB7WUCiDGaZX
eyWeTmtYG2bPqCHljwjRoRJi9+IW27ISevvHBxzFHjsfCpxhR9R6ygUtg4zYmV4J
yd9c9FPFs/DxAHShgfMc/pOwwRsV7WThFDhl2GVjlr74T5EbPdtCuq8HzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGxqda5/YyR2os+Cg8ZN/L4JXLytMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvYkdwMXJuOWpKSGFpejRLRHhrMzh2Z2xjdkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBlP3+AwQA
o6tDMA0GCSqGSIb3DQEBCwUAA4IBAQBN6n2sZy600Qdoli+NO0aO0wqSIlwYJcOA
mGvKpEsVFuUYidoojlcffaxNl1SYRU9PdPbPieOzGSYS1/uReaB2+4IR8/+tS8oe
GuQt8RF+iiMN09p0zpm9miepW+W87oX/MMwg/I7JSBxpJ8A+nqME1DnNpFGwOYOI
iRL+tPodClaskgdSagaxpf1zE6E7kvKnPOB9dqBA74Hi+v+yqg9C31ElANX78PBb
Dh3x5125MW3qblvOE87dm2/S8vgZ1GPvWr6+SPPssMiLczhIg2OpGNHeP7gEnh38
QSMr+/xqT3opdeYxOWNFk1d+AThpzwa+Td3O1AbY6NK22llFQX9B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org