Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kbwcewWFHYWZtu1Le1pznQD6vk0.roa
File: kbwcewWFHYWZtu1Le1pznQD6vk0.roa (raw, json)
Hash identifier: s0a9ixgLfAmIfL9wyahmqz/LfdDL/5fHxIfNPGSsoTU=
Subject key identifier: 91:BC:1C:7B:05:85:1D:85:99:B6:ED:4B:7B:5A:73:9D:00:FA:BE:4D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0187801AA2ECEDB56A526B7420E2D91B7431
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kbwcewWFHYWZtu1Le1pznQD6vk0.roa
Signing time: Fri 14 Apr 2023 14:10:41 +0000
ROA not before: Fri 14 Apr 2023 14:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212886
IP address blocks: 163.5.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:1a:a2:ec:ed:b5:6a:52:6b:74:20:e2:d9:1b:74:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 14 14:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91bc1c7b05851d8599b6ed4b7b5a739d00fabe4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fc:4c:1d:07:70:b7:cd:e9:c4:46:16:10:33:
f6:15:90:bb:9c:53:4d:41:78:cd:cb:8d:a7:2a:47:
df:6a:7c:21:06:74:a0:81:8f:ba:ff:ce:ff:b4:40:
7a:5e:1a:49:a8:bb:c5:87:55:32:2a:6c:02:ab:fc:
66:00:1f:86:64:2f:dd:ae:27:07:71:a9:33:b5:ff:
fe:40:59:b4:48:57:8b:9f:8a:f2:27:67:e0:29:0c:
14:46:15:fb:4f:e0:8d:06:51:1f:16:52:1d:52:f1:
35:54:e5:e8:08:0f:dd:2a:59:cc:92:f2:b5:7b:dc:
13:ff:97:e4:61:97:78:a3:76:8e:55:f1:cf:64:1a:
00:3d:36:15:27:63:62:1f:74:8e:f2:79:eb:95:a6:
7d:4e:57:e2:0a:54:8b:30:fd:59:5f:e5:1c:8c:13:
8f:62:8e:a2:d3:36:c5:f1:fa:ba:f8:cb:d0:cf:2e:
4e:79:d6:23:83:e1:97:fc:05:cc:c2:64:ce:43:da:
cb:bd:e6:a3:70:ff:a1:33:75:fc:32:54:19:b7:dd:
f6:5a:34:df:54:2a:68:24:ae:c1:60:48:0b:d5:72:
6c:4f:7a:dc:67:05:18:94:bf:39:8a:ad:fe:50:b0:
f0:4e:ac:30:13:35:a0:e5:0c:3c:18:4b:21:35:59:
35:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:BC:1C:7B:05:85:1D:85:99:B6:ED:4B:7B:5A:73:9D:00:FA:BE:4D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kbwcewWFHYWZtu1Le1pznQD6vk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.122.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:95:ee:e5:15:fd:8b:76:4c:49:06:8e:82:ab:5a:ab:4e:94:
22:70:34:f6:54:ef:82:37:1e:50:be:30:0d:55:a4:9f:83:1b:
0e:61:d2:fb:d5:6b:ca:3c:d0:ad:70:1f:4b:1e:51:16:6d:0e:
69:05:d6:8d:41:b8:98:8b:da:f3:26:0c:0a:68:a4:48:c0:47:
69:7f:c7:37:e4:11:6c:2b:0e:5e:a4:b5:02:33:79:60:6e:5a:
c8:df:a0:cc:c7:af:0d:b4:e6:b6:42:91:77:b3:95:2a:d4:ca:
10:22:23:aa:19:a0:64:88:09:1b:59:6d:b6:1c:1e:e8:0d:a4:
e2:8b:67:45:41:76:b4:8a:ce:44:dc:d8:1d:2f:39:54:3a:0c:
e9:e4:db:4c:91:b9:29:6d:7d:80:0c:dc:d8:e8:30:39:bb:1e:
41:5c:e2:ba:71:bf:c1:89:f0:d2:aa:fd:39:b2:55:3c:08:38:
69:0e:0b:25:80:72:09:7c:99:67:f7:da:c0:b8:e1:a1:92:37:
e3:9c:bb:5e:ba:6e:35:47:b9:8b:c7:a7:eb:64:00:33:ce:45:
75:b4:e3:d4:c4:31:e8:3c:8f:dc:c7:28:7e:6b:47:85:8f:a3:
12:33:b8:8d:36:5c:46:a1:1e:5c:c0:75:b3:cd:d7:cf:dd:44:
bb:4f:e2:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeAGqLs7bVqUmt0IOLZG3QxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDE0MTQxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWJjMWM3YjA1ODUxZDg1OTliNmVkNGI3YjVhNzM5ZDAwZmFiZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovxMHQdwt83pxEYWEDP2FZC7nFNN
QXjNy42nKkffanwhBnSggY+6/87/tEB6XhpJqLvFh1UyKmwCq/xmAB+GZC/dricH
cakztf/+QFm0SFeLn4ryJ2fgKQwURhX7T+CNBlEfFlIdUvE1VOXoCA/dKlnMkvK1
e9wT/5fkYZd4o3aOVfHPZBoAPTYVJ2NiH3SO8nnrlaZ9TlfiClSLMP1ZX+UcjBOP
Yo6i0zbF8fq6+MvQzy5OedYjg+GX/AXMwmTOQ9rLveajcP+hM3X8MlQZt932WjTf
VCpoJK7BYEgL1XJsT3rcZwUYlL85iq3+ULDwTqwwEzWg5Qw8GEshNVk1kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJG8HHsFhR2FmbbtS3tac50A+r5NMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva2J3Y2V3V0ZIWVdadHUxTGUxcHpuUUQ2dmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowV6MA0G
CSqGSIb3DQEBCwUAA4IBAQC0le7lFf2LdkxJBo6Cq1qrTpQicDT2VO+CNx5QvjAN
VaSfgxsOYdL71WvKPNCtcB9LHlEWbQ5pBdaNQbiYi9rzJgwKaKRIwEdpf8c35BFs
Kw5epLUCM3lgblrI36DMx68NtOa2QpF3s5Uq1MoQIiOqGaBkiAkbWW22HB7oDaTi
i2dFQXa0is5E3NgdLzlUOgzp5NtMkbkpbX2ADNzY6DA5ux5BXOK6cb/BifDSqv05
slU8CDhpDgslgHIJfJln99rAuOGhkjfjnLteum41R7mLx6frZAAzzkV1tOPUxDHo
PI/cxyh+a0eFj6MSM7iNNlxGoR5cwHWzzdfP3US7T+Ln
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org