Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/0TObVDOjRFZsz1Y5UD9c9MX4PIc.roa
File: 0TObVDOjRFZsz1Y5UD9c9MX4PIc.roa (raw, json)
Hash identifier: Tpxl1p777nEJF4rB2Mi36R+27ImGxYIr6RAx7LYzGqk=
Subject key identifier: D1:33:9B:54:33:A3:44:56:6C:CF:56:39:50:3F:5C:F4:C5:F8:3C:87
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0190A3BE94952FEAB891B96B6437CF885DFE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/0TObVDOjRFZsz1Y5UD9c9MX4PIc.roa
Signing time: Thu 11 Jul 2024 21:41:34 +0000
ROA not before: Thu 11 Jul 2024 21:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 163.5.135.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Aug 2024 20:20:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a3:be:94:95:2f:ea:b8:91:b9:6b:64:37:cf:88:5d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 11 21:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1339b5433a344566ccf5639503f5cf4c5f83c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1b:f1:9c:dd:e1:71:5a:7c:a5:64:25:f1:31:
35:9e:71:22:72:57:d3:a6:de:85:80:a8:fd:0b:0b:
eb:5b:9e:eb:88:b6:18:85:f7:26:99:44:e5:4a:91:
5d:c3:ec:5c:61:ea:e9:92:38:51:cb:4e:46:a3:31:
7c:73:ed:f2:8f:1b:df:36:37:bd:3f:18:e7:b2:ac:
07:23:fe:2a:7f:40:df:11:dd:68:29:3a:ce:29:35:
99:df:62:d1:c0:b7:5c:06:f3:78:65:fb:aa:aa:92:
7e:32:95:4a:6b:1d:2e:b5:1f:5a:6c:3a:d6:c5:d8:
e3:d9:93:cc:ca:a1:93:d0:b5:e6:3d:8a:d0:1c:e8:
2d:b0:c4:e2:7d:cc:bb:b2:4f:31:c6:92:52:91:ca:
31:61:5c:44:a7:95:3c:e1:f2:66:01:f0:21:e4:67:
30:7b:86:a3:c0:8e:99:29:79:40:ad:fa:13:4d:73:
8f:a1:09:27:1f:2c:dd:a7:62:d3:56:89:ea:9a:83:
9b:3e:ed:28:e1:51:ca:f2:ab:05:52:bc:76:b7:4c:
19:e2:b5:12:71:f3:35:c0:2a:55:58:da:76:1d:a4:
d0:bc:09:af:c9:0b:6b:35:75:55:5c:64:df:ee:dd:
39:51:0d:14:aa:2d:db:bd:ec:5b:47:6e:d9:b6:3e:
29:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:33:9B:54:33:A3:44:56:6C:CF:56:39:50:3F:5C:F4:C5:F8:3C:87
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/0TObVDOjRFZsz1Y5UD9c9MX4PIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.135.0/24
163.5.175.0/24
163.5.185.0/24
163.5.209.0/24
Signature Algorithm: sha256WithRSAEncryption
81:01:63:d2:60:7a:7f:87:ac:3f:a4:78:60:ae:d8:69:f8:df:
c8:24:30:86:fd:a8:ae:3e:79:93:f8:a5:be:02:eb:e2:39:33:
a1:24:52:d9:26:7d:29:68:dc:6e:27:8d:ee:fe:dd:b5:92:89:
33:7e:c5:ab:19:e1:cc:d8:16:65:db:0b:6c:82:c0:db:56:8b:
da:e2:2b:47:04:45:02:cb:9f:3d:f3:3b:84:91:66:21:0e:a2:
e3:f8:b2:b7:96:44:a5:1b:b3:2d:c9:ff:4d:1c:a8:0d:b8:6c:
7c:ef:3b:4a:04:6a:ae:ec:a2:5c:6a:91:dc:cf:43:0a:fc:e6:
13:70:49:86:69:4c:ed:56:ae:82:6c:c8:83:d0:e4:d1:b4:1d:
46:60:36:cb:7a:ed:df:99:f8:38:1a:fa:69:dc:21:66:d9:a1:
c2:bf:ee:a0:b3:8e:b3:96:e5:7d:63:03:b9:ad:f6:fb:2f:56:
72:87:69:5e:c1:38:73:18:4c:fd:c7:d3:54:d2:85:a8:99:fb:
f1:25:49:21:4c:67:bd:9f:7c:06:ff:43:17:28:98:06:78:4a:
bd:ad:b7:08:ed:7e:22:65:a9:d5:8c:ed:46:ef:f2:42:e7:de:
ca:9e:89:45:b6:7a:9b:7b:5f:c2:e6:68:f2:2d:05:02:aa:82:
1e:89:57:e7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCjvpSVL+q4kblrZDfPiF3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzExMjE0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTMzOWI1NDMzYTM0NDU2NmNjZjU2Mzk1MDNmNWNmNGM1ZjgzYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxvxnN3hcVp8pWQl8TE1nnEiclfT
pt6FgKj9CwvrW57riLYYhfcmmUTlSpFdw+xcYerpkjhRy05GozF8c+3yjxvfNje9
PxjnsqwHI/4qf0DfEd1oKTrOKTWZ32LRwLdcBvN4ZfuqqpJ+MpVKax0utR9abDrW
xdjj2ZPMyqGT0LXmPYrQHOgtsMTifcy7sk8xxpJSkcoxYVxEp5U84fJmAfAh5Gcw
e4ajwI6ZKXlArfoTTXOPoQknHyzdp2LTVonqmoObPu0o4VHK8qsFUrx2t0wZ4rUS
cfM1wCpVWNp2HaTQvAmvyQtrNXVVXGTf7t05UQ0Uqi3bvexbR27Ztj4plQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNEzm1Qzo0RWbM9WOVA/XPTF+DyHMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMFRPYlZET2pSRlpzejFZNVVEOWM5TVg0UEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowWHAwQA
owWvAwQAowW5AwQAowXRMA0GCSqGSIb3DQEBCwUAA4IBAQCBAWPSYHp/h6w/pHhg
rthp+N/IJDCG/aiuPnmT+KW+AuviOTOhJFLZJn0paNxuJ43u/t21kokzfsWrGeHM
2BZl2wtsgsDbVova4itHBEUCy5898zuEkWYhDqLj+LK3lkSlG7Mtyf9NHKgNuGx8
7ztKBGqu7KJcapHcz0MK/OYTcEmGaUztVq6CbMiD0OTRtB1GYDbLeu3fmfg4Gvpp
3CFm2aHCv+6gs46zluV9YwO5rfb7L1Zyh2lewThzGEz9x9NU0oWomfvxJUkhTGe9
n3wG/0MXKJgGeEq9rbcI7X4iZanVjO1G7/JC597KnolFtnqbe1/C5mjyLQUCqoIe
iVfn
-----END CERTIFICATE-----
Generated at Fri Aug 9 22:15:45 2024 by rpki-client on console-fra.rpki-client.org