Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BofC9uCoFvbr6abqPTrDMj2gcHw.roa
File: BofC9uCoFvbr6abqPTrDMj2gcHw.roa (raw, json)
Hash identifier: I7Bpj2ZLuL2hdxcx9ibcc1bCExIa7OcPFGp2NdMrngc=
Subject key identifier: 06:87:C2:F6:E0:A8:16:F6:EB:E9:A6:EA:3D:3A:C3:32:3D:A0:70:7C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194790B8B2B04FCBEC22464685F1521F31F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BofC9uCoFvbr6abqPTrDMj2gcHw.roa
Signing time: Sat 18 Jan 2025 10:53:06 +0000
ROA not before: Sat 18 Jan 2025 10:53:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 163.5.22.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 16:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:79:0b:8b:2b:04:fc:be:c2:24:64:68:5f:15:21:f3:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 18 10:53:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0687c2f6e0a816f6ebe9a6ea3d3ac3323da0707c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d2:1a:eb:f0:8e:3e:a7:68:27:e2:ad:3e:0b:
53:c4:61:69:6f:1c:4b:ab:08:4f:cb:a3:99:f9:57:
a9:12:75:e2:48:80:27:19:dd:81:d6:6f:2e:b2:4a:
f4:69:a8:e2:27:44:e7:5e:63:b7:51:8e:96:f2:2e:
cb:f7:e5:37:a8:7f:e8:53:a6:6c:55:fc:e9:59:c0:
52:e7:a3:65:f9:a0:4c:94:7f:b3:ea:37:74:8c:e0:
81:e5:01:f9:8a:98:9f:84:f5:bf:6c:ad:fe:cd:2f:
2a:0b:1b:a4:7c:3f:a0:50:e2:39:f4:2a:08:e6:6b:
06:0b:a6:9f:03:5d:9c:c0:02:d7:2e:ef:07:a4:d5:
f7:bc:2b:7d:e7:08:af:ba:51:5b:6a:59:d1:be:35:
0d:4b:11:62:5a:29:60:c1:c4:0a:c3:9d:76:84:bf:
60:96:e8:4d:5e:cc:97:08:f3:ec:30:43:02:14:65:
04:5c:27:82:a3:3d:bc:d3:e5:d6:5c:65:11:18:9b:
fc:18:d0:0e:ab:2f:e4:0d:b9:41:19:4e:34:ae:80:
b6:f6:b8:69:65:ab:92:94:c3:d8:0b:4d:79:cb:62:
cc:55:e0:97:87:3a:72:b9:c2:d0:37:da:d7:7b:2e:
ee:6f:61:c0:14:f9:7a:74:60:88:0c:77:de:77:21:
54:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:87:C2:F6:E0:A8:16:F6:EB:E9:A6:EA:3D:3A:C3:32:3D:A0:70:7C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BofC9uCoFvbr6abqPTrDMj2gcHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.22.0/24
163.5.31.0/24
163.5.46.0/24
163.5.62.0/24
163.5.149.0/24
163.5.187.0/24
163.5.209.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ad:20:eb:27:e8:ff:ba:1a:9d:31:a1:a7:98:b4:e9:ad:ac:
2d:78:2c:64:4e:68:c8:53:73:25:84:f2:50:53:1d:8c:e6:78:
e9:4c:50:83:9e:8d:ff:8b:e4:59:08:52:7d:99:14:cd:8b:15:
76:6c:41:03:98:5c:56:1f:4b:0d:49:a2:21:4d:13:ef:92:90:
fe:3a:58:9b:d9:a2:29:17:fa:ea:16:47:99:2e:4b:5b:6e:a2:
c5:fc:40:b7:3e:17:81:24:52:af:cf:39:2d:84:5f:8d:fc:4f:
a1:6c:51:b5:23:14:22:b8:28:18:cc:2a:70:38:c7:d9:a7:52:
fd:fb:fc:0e:cf:01:51:02:8b:23:09:01:d2:b8:24:a1:72:5e:
3c:04:b2:2c:db:84:b1:a0:a4:9c:1b:70:fe:76:39:4b:7c:cf:
e5:29:ee:49:5e:85:8c:e7:e0:3b:5f:11:05:d0:5e:36:83:bb:
27:49:0d:b9:66:c2:76:a3:c2:55:41:e1:2f:6a:83:7f:bb:66:
5b:c1:2c:3f:8c:6a:12:b7:13:97:c7:f1:f7:58:88:5d:86:0f:
d7:f6:d7:d8:5e:6a:ae:99:d8:98:75:db:f6:2a:14:b4:73:72:
fb:07:90:3c:77:17:90:51:9e:9b:6c:71:c3:9c:04:ae:f4:33:
08:cb:59:5f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZR5C4srBPy+wiRkaF8VIfMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTE4MTA1MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjg3YzJmNmUwYTgxNmY2ZWJlOWE2ZWEzZDNhYzMzMjNkYTA3MDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9Ia6/COPqdoJ+KtPgtTxGFpbxxL
qwhPy6OZ+VepEnXiSIAnGd2B1m8uskr0aajiJ0TnXmO3UY6W8i7L9+U3qH/oU6Zs
VfzpWcBS56Nl+aBMlH+z6jd0jOCB5QH5ipifhPW/bK3+zS8qCxukfD+gUOI59CoI
5msGC6afA12cwALXLu8HpNX3vCt95wivulFbalnRvjUNSxFiWilgwcQKw512hL9g
luhNXsyXCPPsMEMCFGUEXCeCoz280+XWXGURGJv8GNAOqy/kDblBGU40roC29rhp
ZauSlMPYC015y2LMVeCXhzpyucLQN9rXey7ub2HAFPl6dGCIDHfedyFUUwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAaHwvbgqBb26+mm6j06wzI9oHB8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQm9mQzl1Q29GdmJyNmFicVBUckRNajJnY0h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowUWAwQA
owUfAwQAowUuAwQAowU+AwQAowWVAwQAowW7AwQAowXRMA0GCSqGSIb3DQEBCwUA
A4IBAQBarSDrJ+j/uhqdMaGnmLTprawteCxkTmjIU3MlhPJQUx2M5njpTFCDno3/
i+RZCFJ9mRTNixV2bEEDmFxWH0sNSaIhTRPvkpD+Olib2aIpF/rqFkeZLktbbqLF
/EC3PheBJFKvzzkthF+N/E+hbFG1IxQiuCgYzCpwOMfZp1L9+/wOzwFRAosjCQHS
uCShcl48BLIs24SxoKScG3D+djlLfM/lKe5JXoWM5+A7XxEF0F42g7snSQ25ZsJ2
o8JVQeEvaoN/u2ZbwSw/jGoStxOXx/H3WIhdhg/X9tfYXmqumdiYddv2KhS0c3L7
B5A8dxeQUZ6bbHHDnASu9DMIy1lf
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:46:48 2025 by rpki-client