Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BLfBo1SlrHhRgkrXBYBnuue5dsg.roa
File: BLfBo1SlrHhRgkrXBYBnuue5dsg.roa (raw, json)
Hash identifier: dS+RzOKB9bptVH/E/K4xbeYQS/zF02brDrN5dEY1s0s=
Subject key identifier: 04:B7:C1:A3:54:A5:AC:78:51:82:4A:D7:05:80:67:BA:E7:B9:76:C8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0190036601BD3968641902B3D00801B4CEFD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BLfBo1SlrHhRgkrXBYBnuue5dsg.roa
Signing time: Mon 10 Jun 2024 18:25:35 +0000
ROA not before: Mon 10 Jun 2024 18:25:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 163.5.134.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jun 2024 18:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:03:66:01:bd:39:68:64:19:02:b3:d0:08:01:b4:ce:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 10 18:25:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04b7c1a354a5ac7851824ad7058067bae7b976c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:84:5f:86:9b:f7:35:ca:d2:44:19:94:8e:3c:
c5:fc:77:82:b2:68:bc:0f:36:38:d2:a9:97:83:8d:
d5:27:0c:11:df:b1:94:43:3e:88:da:ce:a3:79:6c:
99:a1:9a:5c:83:18:84:d4:e0:8f:05:25:46:04:9b:
c7:29:70:5a:7a:4f:62:04:5d:57:6a:35:ab:17:38:
81:0f:67:f9:f3:60:fe:3e:25:5c:b2:f6:6e:db:1d:
35:a4:b5:66:ed:f0:5b:81:d2:33:b0:5b:af:a2:86:
4c:ee:cc:b7:24:4c:f4:bb:21:18:b7:47:d7:ed:e0:
d9:36:df:fa:e2:14:9c:e9:63:1f:a3:62:af:f6:d1:
4a:7d:26:21:0d:29:54:70:57:e5:8a:53:85:ba:2f:
09:d0:60:77:37:42:92:a6:c6:ed:fe:4f:3d:0b:41:
0b:84:a4:de:ae:64:d6:52:40:4d:a3:7c:ac:e7:55:
11:bf:b5:d9:0e:6b:33:0b:72:ee:98:18:75:c3:54:
fc:f1:32:07:71:3f:68:74:f9:98:86:48:19:35:93:
ec:c2:e3:8a:2a:75:63:4d:d1:19:80:e5:b1:d7:60:
b0:e9:1d:4b:0c:b5:eb:02:37:54:4a:90:fe:99:f7:
8c:00:ee:ac:f9:c2:5c:62:4b:05:e3:dd:57:e0:d2:
5c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B7:C1:A3:54:A5:AC:78:51:82:4A:D7:05:80:67:BA:E7:B9:76:C8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BLfBo1SlrHhRgkrXBYBnuue5dsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.134.0/24
163.5.136.0/24
163.5.163.0/24
163.5.185.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:22:7b:df:dd:cb:ce:c5:66:0d:13:f4:77:e4:9c:2c:45:65:
c7:3f:f7:47:7c:8e:80:22:66:ed:ff:b6:a5:a4:7d:b9:e1:75:
f7:0b:28:c9:18:9f:56:ae:9f:97:24:d1:86:b8:42:a3:20:28:
63:82:04:0f:5a:7f:e4:89:2d:6e:79:45:05:70:bc:17:c4:41:
6b:63:14:a4:ee:00:3c:45:8b:3e:1f:3b:fa:83:3e:25:5a:2b:
84:bb:02:80:6f:f9:47:76:21:6e:cb:dd:d4:a0:1f:e7:6f:c5:
5b:65:56:67:de:97:2e:75:ca:94:c9:53:8f:e5:c9:6f:6d:61:
75:b4:6a:4e:7b:31:78:37:3b:11:75:ba:79:da:29:ae:8b:f2:
f0:a8:5f:d7:bb:25:4d:27:00:f4:38:0d:df:a0:b6:28:98:64:
f5:5c:c7:e7:60:62:a2:7f:e9:10:38:cf:7a:fc:a7:7e:a5:c2:
e6:7a:ba:12:cf:f4:cd:e0:a5:f4:32:c4:ce:7b:f2:f8:52:1c:
b9:2c:ee:ac:ab:3c:23:a6:13:0b:9f:e7:7a:1c:ca:d0:a7:d2:
e0:3d:ec:ea:34:0a:1a:91:23:00:6b:c0:6c:04:e3:ef:09:63:
b3:47:0a:2e:8b:88:df:11:aa:5d:7f:07:21:bd:46:91:a1:8c:
44:f5:32:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZADZgG9OWhkGQKz0AgBtM79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNjEwMTgyNTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGI3YzFhMzU0YTVhYzc4NTE4MjRhZDcwNTgwNjdiYWU3Yjk3NmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4Rfhpv3NcrSRBmUjjzF/HeCsmi8
DzY40qmXg43VJwwR37GUQz6I2s6jeWyZoZpcgxiE1OCPBSVGBJvHKXBaek9iBF1X
ajWrFziBD2f582D+PiVcsvZu2x01pLVm7fBbgdIzsFuvooZM7sy3JEz0uyEYt0fX
7eDZNt/64hSc6WMfo2Kv9tFKfSYhDSlUcFflilOFui8J0GB3N0KSpsbt/k89C0EL
hKTermTWUkBNo3ys51URv7XZDmszC3LumBh1w1T88TIHcT9odPmYhkgZNZPswuOK
KnVjTdEZgOWx12Cw6R1LDLXrAjdUSpD+mfeMAO6s+cJcYksF491X4NJckwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAS3waNUpax4UYJK1wWAZ7rnuXbIMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQkxmQm8xU2xySGhSZ2tyWEJZQm51dWU1ZHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowWGAwQA
owWIAwQAowWjAwQAowW5MA0GCSqGSIb3DQEBCwUAA4IBAQBMInvf3cvOxWYNE/R3
5JwsRWXHP/dHfI6AImbt/7alpH254XX3CyjJGJ9Wrp+XJNGGuEKjIChjggQPWn/k
iS1ueUUFcLwXxEFrYxSk7gA8RYs+Hzv6gz4lWiuEuwKAb/lHdiFuy93UoB/nb8Vb
ZVZn3pcudcqUyVOP5clvbWF1tGpOezF4NzsRdbp52imui/LwqF/XuyVNJwD0OA3f
oLYomGT1XMfnYGKif+kQOM96/Kd+pcLmeroSz/TN4KX0MsTOe/L4Uhy5LO6sqzwj
phMLn+d6HMrQp9LgPezqNAoakSMAa8BsBOPvCWOzRwoui4jfEapdfwchvUaRoYxE
9TIt
-----END CERTIFICATE-----
Generated at Wed Jun 12 19:06:58 2024 by rpki-client on console-fra.rpki-client.org