Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BFWZWj5hXy-cvK1xmOye3RMj8Gg.roa
File: BFWZWj5hXy-cvK1xmOye3RMj8Gg.roa (raw, json)
Hash identifier: fUG2gwNfppa3fFo7Wv+KkJUUWv5uyygZINWIo0LLJFc=
Subject key identifier: 04:55:99:5A:3E:61:5F:2F:9C:BC:AD:71:98:EC:9E:DD:13:23:F0:68
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188A72446F02A70759860F4A0DEEC31A0FC
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BFWZWj5hXy-cvK1xmOye3RMj8Gg.roa
Signing time: Sat 10 Jun 2023 21:09:12 +0000
ROA not before: Sat 10 Jun 2023 21:09:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56913
IP address blocks: 163.5.70.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.77.0/24 maxlen: 24
163.5.78.0/24 maxlen: 24
163.5.72.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a7:24:46:f0:2a:70:75:98:60:f4:a0:de:ec:31:a0:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 10 21:09:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0455995a3e615f2f9cbcad7198ec9edd1323f068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:01:b5:9f:90:ca:bb:d6:a6:bb:20:4a:56:b4:
2e:af:52:32:ee:ed:c0:a4:80:de:ae:52:e2:2e:44:
07:80:04:ae:d0:c8:68:8b:ba:15:66:23:d6:af:ec:
d5:ff:3a:e1:b5:b0:e3:5d:bd:04:1e:e3:07:e3:46:
4b:34:19:b1:45:2c:ec:e3:1a:af:e2:f1:c2:37:ee:
fe:a2:5a:f8:d4:6e:ad:4a:5e:47:36:7a:97:85:3e:
13:47:83:da:18:90:5c:70:6b:c9:5d:5f:16:37:bf:
d2:4f:63:6f:46:ae:bd:0f:b1:f3:a8:6c:5c:6f:8a:
6e:81:05:29:a2:9d:8d:ff:98:18:8b:f7:2f:03:fb:
9b:27:6f:26:df:dc:5e:26:f8:49:09:82:35:ee:fd:
ff:2b:63:66:40:a7:4a:47:9b:5c:8f:bc:25:70:7c:
69:a5:3d:bb:ba:73:00:db:7a:b0:df:b6:b4:3f:27:
f9:fa:bc:d9:26:76:2c:b8:17:12:a7:59:4c:e0:3b:
9b:f3:41:a2:f6:e3:24:95:df:d3:f2:c0:20:eb:d8:
71:52:b6:7a:44:9f:1f:d9:f5:fd:c4:83:7a:e8:77:
ff:84:5c:22:09:52:3a:70:70:a7:75:42:ec:3f:97:
94:2e:d4:5a:4e:d3:c0:23:79:16:3d:0d:dd:10:24:
44:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:55:99:5A:3E:61:5F:2F:9C:BC:AD:71:98:EC:9E:DD:13:23:F0:68
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BFWZWj5hXy-cvK1xmOye3RMj8Gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.70.0/24
163.5.72.0/24
163.5.76.0-163.5.78.255
163.5.89.0/24
Signature Algorithm: sha256WithRSAEncryption
52:54:bd:53:10:19:7a:b2:94:5d:e9:a3:aa:18:5e:41:95:56:
a9:9a:35:54:86:35:b5:53:15:41:ae:ec:b4:9d:2a:75:00:61:
0a:c5:f6:18:4d:3b:53:25:ec:df:ff:91:d6:42:1d:7b:a6:4d:
e8:71:8a:c6:da:e2:4d:68:2d:5e:2e:4d:da:1d:4e:0d:a6:6d:
3b:84:c9:93:7d:68:60:36:36:33:01:0f:80:19:46:98:01:06:
3b:6b:7b:23:15:1c:90:0a:39:ff:45:c8:ca:50:f2:df:61:bd:
fd:a1:fc:f5:de:29:14:15:95:fd:91:49:de:32:a8:35:02:cc:
1f:1f:d7:67:97:5f:3f:a3:26:7a:77:78:31:54:c4:f1:5a:8e:
0c:12:48:d3:67:eb:e0:63:a7:3b:54:af:9d:30:67:40:bc:76:
d5:01:c2:5e:d2:49:dc:b4:dd:cf:6d:53:73:c2:7d:b1:9c:3d:
51:fe:f7:23:29:48:f6:6b:4f:40:a1:f2:41:cd:1d:5e:d3:7c:
ed:4b:bb:64:9c:e6:ba:85:5f:8d:95:d8:51:b6:e5:54:b2:47:
5d:7c:13:ac:37:f6:3d:a7:e4:07:d0:4c:d0:ba:d1:b5:d1:c1:
a5:3e:d0:60:49:91:78:96:0d:4b:ba:75:2e:5f:2a:6d:fe:99:
9e:9d:bc:50
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYinJEbwKnB1mGD0oN7sMaD8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjEwMjEwOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDU1OTk1YTNlNjE1ZjJmOWNiY2FkNzE5OGVjOWVkZDEzMjNmMDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngG1n5DKu9amuyBKVrQur1Iy7u3A
pIDerlLiLkQHgASu0Mhoi7oVZiPWr+zV/zrhtbDjXb0EHuMH40ZLNBmxRSzs4xqv
4vHCN+7+olr41G6tSl5HNnqXhT4TR4PaGJBccGvJXV8WN7/ST2NvRq69D7HzqGxc
b4pugQUpop2N/5gYi/cvA/ubJ28m39xeJvhJCYI17v3/K2NmQKdKR5tcj7wlcHxp
pT27unMA23qw37a0Pyf5+rzZJnYsuBcSp1lM4Dub80Gi9uMkld/T8sAg69hxUrZ6
RJ8f2fX9xIN66Hf/hFwiCVI6cHCndULsP5eULtRaTtPAI3kWPQ3dECREvQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFARVmVo+YV8vnLytcZjsnt0TI/BoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQkZXWldqNWhYeS1jdksxeG1PeWUzUk1qOEdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowVGAwQA
owVIMAwDBAKjBUwDBACjBU4DBACjBVkwDQYJKoZIhvcNAQELBQADggEBAFJUvVMQ
GXqylF3po6oYXkGVVqmaNVSGNbVTFUGu7LSdKnUAYQrF9hhNO1Ml7N//kdZCHXum
Tehxisba4k1oLV4uTdodTg2mbTuEyZN9aGA2NjMBD4AZRpgBBjtreyMVHJAKOf9F
yMpQ8t9hvf2h/PXeKRQVlf2RSd4yqDUCzB8f12eXXz+jJnp3eDFUxPFajgwSSNNn
6+BjpztUr50wZ0C8dtUBwl7SSdy03c9tU3PCfbGcPVH+9yMpSPZrT0Ch8kHNHV7T
fO1Lu2Sc5rqFX42V2FG25VSyR118E6w39j2n5AfQTNC60bXRwaU+0GBJkXiWDUu6
dS5fKm3+mZ6dvFA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org