Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/BWMkoxclsXzpNhb_zGfNdS9Op4Q.roa
File: BWMkoxclsXzpNhb_zGfNdS9Op4Q.roa (raw, json)
Hash identifier: C7rPSk6LjX9rI38bgHN6+wPkwgcJJxi75m/KrLJYMgo=
Subject key identifier: 05:63:24:A3:17:25:B1:7C:E9:36:16:FF:CC:67:CD:75:2F:4E:A7:84
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018D2DA8C54A09DD357B957DF73BCDBDEE3F
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/BWMkoxclsXzpNhb_zGfNdS9Op4Q.roa
Signing time: Sun 21 Jan 2024 20:14:11 +0000
ROA not before: Sun 21 Jan 2024 20:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64200
IP address blocks: 5.182.186.0/23 maxlen: 23
5.182.193.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
31.132.53.0/24 maxlen: 24
31.132.54.0/23 maxlen: 23
45.67.147.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.136.0/24 maxlen: 24
63.246.139.0/24 maxlen: 24
63.246.142.0/24 maxlen: 24
63.246.145.0/24 maxlen: 24
63.246.146.0/23 maxlen: 23
63.246.148.0/24 maxlen: 24
63.246.149.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.158.0/23 maxlen: 23
63.246.159.0/24 maxlen: 24
185.171.124.0/24 maxlen: 24
185.171.125.0/24 maxlen: 24
185.171.127.0/24 maxlen: 24
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
192.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 19:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:a8:c5:4a:09:dd:35:7b:95:7d:f7:3b:cd:bd:ee:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 21 20:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=056324a31725b17ce93616ffcc67cd752f4ea784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:42:e8:67:14:2b:59:05:83:3e:56:37:69:f1:
e1:f2:1c:3e:cc:20:10:07:96:fb:8f:3e:a3:fe:79:
4f:95:a6:96:86:96:42:d1:e7:a9:2a:d3:03:ec:9f:
a2:a2:73:bc:79:57:90:16:74:92:29:28:43:de:d0:
8f:32:2c:18:15:85:35:08:ab:22:d6:3a:db:eb:ec:
fe:ef:3b:2c:15:ca:89:c8:8a:f3:5d:5f:33:9d:59:
83:3e:5b:35:55:cf:91:73:ef:ed:86:ea:e9:c8:53:
8d:83:54:db:6a:d6:dd:fe:b3:1b:72:cd:10:9a:91:
d6:e8:ea:db:a3:8f:b6:04:36:e7:ef:2f:bc:2c:13:
fe:31:3e:5d:9a:ec:b4:94:9a:07:b4:e4:05:f8:e2:
69:0f:91:0a:85:08:84:e1:28:e8:43:4c:30:90:7e:
41:49:70:1c:68:ce:be:8f:3f:86:e2:de:0c:e8:59:
58:6c:f4:3a:85:9f:c1:e1:38:c5:f4:9f:13:7d:9d:
51:6d:3f:8c:47:4b:e6:27:c4:58:86:bd:5e:72:1f:
23:fa:87:34:cc:90:57:7a:f4:49:5e:f5:f1:2c:e8:
1a:d5:d7:48:16:12:0f:dd:77:33:2d:8d:b6:ff:2b:
57:6a:fb:83:c0:ff:0a:ad:4c:36:b3:8d:3b:e2:6e:
04:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:63:24:A3:17:25:B1:7C:E9:36:16:FF:CC:67:CD:75:2F:4E:A7:84
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/BWMkoxclsXzpNhb_zGfNdS9Op4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/23
5.182.193.0-5.182.195.255
31.132.53.0-31.132.55.255
45.67.147.0/24
63.246.129.0/24
63.246.136.0/24
63.246.139.0/24
63.246.142.0/24
63.246.145.0-63.246.149.255
63.246.152.0/24
63.246.158.0/23
185.171.124.0/23
185.171.127.0/24
185.201.41.0/24
185.201.43.0/24
185.205.206.0/24
192.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:8c:1f:9f:56:d1:09:63:3b:d9:d6:af:1b:99:e2:56:c7:32:
94:af:63:88:5f:e5:27:fd:b5:57:36:80:f7:de:e6:68:b5:a7:
17:6b:ac:1d:02:5f:5c:7c:a6:a1:0c:21:90:f2:7f:3b:09:75:
38:48:ae:ce:d6:f9:73:b3:99:e5:26:cc:64:d3:e6:c7:1f:f0:
3f:31:b5:16:33:ba:80:f1:aa:41:1e:c1:7d:a2:c2:68:b3:e1:
15:1d:79:01:6d:9e:93:28:ce:52:e5:e1:42:ab:ae:94:38:00:
65:74:95:05:97:5b:95:fc:d6:5b:17:ee:c7:d2:26:38:03:65:
d2:ff:44:fc:0f:b6:89:93:58:aa:29:95:c1:84:ab:78:c7:c1:
10:51:c2:46:09:80:f8:f2:73:10:bf:11:fd:3a:16:ff:eb:9b:
b9:e6:fb:85:ce:c5:e8:8c:b3:cd:f7:82:3d:15:9c:fd:0c:50:
5e:18:9e:ba:1d:ef:2f:46:fc:7f:8c:f4:69:4f:26:2a:56:bf:
2a:e1:43:64:30:69:4c:08:7f:6c:50:cc:08:88:36:72:99:87:
c8:20:09:d4:16:5f:5f:62:dc:ab:44:46:96:dc:aa:b9:c8:9d:
6c:6f:cf:0d:56:c6:bc:74:2b:f9:67:1c:a3:bf:12:84:44:eb:
14:69:fb:b2
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY0tqMVKCd01e5V99zvNve4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMTIxMjAxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTYzMjRhMzE3MjViMTdjZTkzNjE2ZmZjYzY3Y2Q3NTJmNGVhNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkLoZxQrWQWDPlY3afHh8hw+zCAQ
B5b7jz6j/nlPlaaWhpZC0eepKtMD7J+ionO8eVeQFnSSKShD3tCPMiwYFYU1CKsi
1jrb6+z+7zssFcqJyIrzXV8znVmDPls1Vc+Rc+/thurpyFONg1Tbatbd/rMbcs0Q
mpHW6Orbo4+2BDbn7y+8LBP+MT5dmuy0lJoHtOQF+OJpD5EKhQiE4SjoQ0wwkH5B
SXAcaM6+jz+G4t4M6FlYbPQ6hZ/B4TjF9J8TfZ1RbT+MR0vmJ8RYhr1ech8j+oc0
zJBXevRJXvXxLOga1ddIFhIP3XczLY22/ytXavuDwP8KrUw2s4074m4EIwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFAVjJKMXJbF86TYW/8xnzXUvTqeEMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvQldNa294Y2xzWHpwTmhiX3pHZk5kUzlPcDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAQW2
ujAMAwQABbbBAwQCBbbAMAwDBAAfhDUDBAMfhDADBAAtQ5MDBAA/9oEDBAA/9ogD
BAA/9osDBAA/9o4wDAMEAD/2kQMEAT/2lAMEAD/2mAMEAT/2ngMEAbmrfAMEALmr
fwMEALnJKQMEALnJKwMEALnNzgMEAMCRRDANBgkqhkiG9w0BAQsFAAOCAQEAH4wf
n1bRCWM72davG5niVscylK9jiF/lJ/21VzaA997maLWnF2usHQJfXHymoQwhkPJ/
Owl1OEiuztb5c7OZ5SbMZNPmxx/wPzG1FjO6gPGqQR7BfaLCaLPhFR15AW2ekyjO
UuXhQquulDgAZXSVBZdblfzWWxfux9ImOANl0v9E/A+2iZNYqimVwYSreMfBEFHC
RgmA+PJzEL8R/ToW/+ubueb7hc7F6IyzzfeCPRWc/QxQXhieuh3vL0b8f4z0aU8m
Kla/KuFDZDBpTAh/bFDMCIg2cpmHyCAJ1BZfX2Lcq0RGltyqucidbG/PDVbGvHQr
+Wcco78ShETrFGn7sg==
-----END CERTIFICATE-----
Generated at Wed Jan 24 22:30:26 2024 by rpki-client on console-ams.rpki-client.org