Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-1HfqWZEiCPmzQ7ZBNv8vZNnedE.roa
File: 1-1HfqWZEiCPmzQ7ZBNv8vZNnedE.roa (raw, json)
Hash identifier: Rf82I5pJayjXLhs4D+FSt1bQQIzA+b1RRKfShO7dMzY=
Subject key identifier: FB:51:DF:A9:66:44:88:23:E6:CD:0E:D9:04:DB:FC:BD:93:67:79:D1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0192FD212A1D0ED9F9FE48397A18D4AAD2D2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-1HfqWZEiCPmzQ7ZBNv8vZNnedE.roa
Signing time: Tue 05 Nov 2024 16:21:01 +0000
ROA not before: Tue 05 Nov 2024 16:21:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56339
IP address blocks: 163.5.2.0/24 maxlen: 24
163.5.5.0/24 maxlen: 24
163.5.10.0/24 maxlen: 24
163.5.11.0/24 maxlen: 24
163.5.12.0/24 maxlen: 24
163.5.20.0/24 maxlen: 24
163.5.21.0/24 maxlen: 24
163.5.23.0/24 maxlen: 24
163.5.24.0/24 maxlen: 24
163.5.42.0/24 maxlen: 24
163.5.43.0/24 maxlen: 24
163.5.45.0/24 maxlen: 24
163.5.48.0/24 maxlen: 24
163.5.50.0/24 maxlen: 24
163.5.52.0/24 maxlen: 24
163.5.55.0/24 maxlen: 24
163.5.57.0/24 maxlen: 24
163.5.68.0/24 maxlen: 24
163.5.69.0/24 maxlen: 24
163.5.80.0/24 maxlen: 24
163.5.81.0/24 maxlen: 24
163.5.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 15:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:21:2a:1d:0e:d9:f9:fe:48:39:7a:18:d4:aa:d2:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 5 16:21:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb51dfa966448823e6cd0ed904dbfcbd936779d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:10:9c:85:7a:05:f0:06:6a:55:ae:ad:44:1b:
4e:7d:a8:9c:12:6f:d1:7c:5d:d8:f2:dd:84:6b:c8:
36:ed:d0:ff:ba:37:8d:fb:e9:38:bd:db:ed:d3:9b:
69:74:be:59:6a:13:dd:66:85:2b:f3:0d:19:0c:17:
08:9a:37:14:b1:24:0e:9b:60:28:da:50:77:36:98:
8c:d1:7a:aa:27:d4:7b:fa:4c:0a:ac:3d:59:ca:f3:
e6:cf:75:4d:4d:bc:e7:c7:b4:7a:e3:fa:6e:c6:a8:
c3:20:71:25:fb:bb:6f:e4:71:f8:f9:d6:99:e2:ac:
95:7a:74:e4:ea:de:a9:33:cb:4a:d8:4c:54:eb:4a:
22:ee:26:e3:bb:ea:ba:fe:e6:14:f6:9e:53:d6:51:
08:b6:d4:eb:b2:1b:9f:b6:0a:e3:7a:55:8f:0b:bf:
5a:c6:e3:86:3c:0e:46:04:9f:d9:46:15:9a:26:d9:
13:24:28:36:c4:1c:b1:72:64:29:33:4c:d0:54:ac:
51:19:0c:81:bf:86:b6:c1:d9:57:74:df:8b:e3:42:
04:c6:55:70:3a:15:29:ad:f7:f1:62:ee:c5:3b:85:
1a:a4:ff:1a:28:18:8e:c1:46:88:53:e6:a0:f9:c7:
b2:f1:f9:59:af:a5:b6:8c:04:3d:e8:d4:de:53:37:
ec:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:51:DF:A9:66:44:88:23:E6:CD:0E:D9:04:DB:FC:BD:93:67:79:D1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-1HfqWZEiCPmzQ7ZBNv8vZNnedE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.2.0/24
163.5.5.0/24
163.5.10.0-163.5.12.255
163.5.20.0/23
163.5.23.0-163.5.24.255
163.5.42.0/23
163.5.45.0/24
163.5.48.0/24
163.5.50.0/24
163.5.52.0/24
163.5.55.0/24
163.5.57.0/24
163.5.68.0/23
163.5.80.0/23
163.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:97:cc:34:0b:1b:8b:ce:37:38:b8:ef:99:23:ff:32:f5:c2:
36:6f:fa:81:93:ee:22:4e:42:cb:24:cc:7e:09:3e:78:5c:6f:
3e:ac:bb:4b:d9:aa:b9:8b:46:bf:dd:b8:cb:0d:a6:c6:f0:d7:
5c:a5:75:0c:57:f5:87:e6:1f:69:f6:cc:11:2c:2e:17:db:00:
4e:7e:46:ee:cd:c9:b6:0e:24:b5:ec:79:d7:a8:33:34:4b:f3:
26:2e:36:20:01:3e:c3:59:c4:ff:4f:17:13:64:b0:92:ca:13:
57:84:7f:c7:bb:91:0b:0a:ba:5e:e7:df:db:9a:39:cf:7a:f7:
96:72:6d:d9:7d:e9:a8:72:e9:6b:51:58:c6:8d:fb:39:43:37:
4c:0b:9f:a0:48:33:5a:fc:04:7a:86:98:dc:a8:8d:0b:28:1a:
22:46:87:51:90:f9:b6:a0:ad:30:85:5b:a3:dc:d8:ba:58:8e:
79:35:d8:e5:eb:1d:08:43:b2:d9:29:1c:4b:7e:87:b1:bc:83:
b7:aa:9b:57:df:25:e5:89:9b:0b:70:bc:3f:1a:89:af:22:dc:
96:05:8c:97:85:00:f2:65:86:39:a2:db:12:8a:50:80:c0:9e:
fc:ef:6e:9d:fc:a3:34:96:0e:aa:a7:19:4e:24:16:e7:12:74:
f7:7c:23:08
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZL9ISodDtn5/kg5ehjUqtLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTA1MTYyMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjUxZGZhOTY2NDQ4ODIzZTZjZDBlZDkwNGRiZmNiZDkzNjc3OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxCchXoF8AZqVa6tRBtOfaicEm/R
fF3Y8t2Ea8g27dD/ujeN++k4vdvt05tpdL5ZahPdZoUr8w0ZDBcImjcUsSQOm2Ao
2lB3NpiM0XqqJ9R7+kwKrD1ZyvPmz3VNTbznx7R64/puxqjDIHEl+7tv5HH4+daZ
4qyVenTk6t6pM8tK2ExU60oi7ibju+q6/uYU9p5T1lEIttTrshuftgrjelWPC79a
xuOGPA5GBJ/ZRhWaJtkTJCg2xByxcmQpM0zQVKxRGQyBv4a2wdlXdN+L40IExlVw
OhUprffxYu7FO4UapP8aKBiOwUaIU+ag+cey8flZr6W2jAQ96NTeUzfsgQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFPtR36lmRIgj5s0O2QTb/L2TZ3nRMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS0xSGZxV1pFaUNQbXpRN1pCTnY4dlpObmVkRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYw
MS8xL0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBgwYIKwYBBQUHAQcBAf8EdDByMHAEAgABMGoDBACjBQID
BACjBQUwDAMEAaMFCgMEAKMFDAMEAaMFFDAMAwQAowUXAwQAowUYAwQBowUqAwQA
owUtAwQAowUwAwQAowUyAwQAowU0AwQAowU3AwQAowU5AwQBowVEAwQBowVQAwQA
owVVMA0GCSqGSIb3DQEBCwUAA4IBAQANl8w0CxuLzjc4uO+ZI/8y9cI2b/qBk+4i
TkLLJMx+CT54XG8+rLtL2aq5i0a/3bjLDabG8NdcpXUMV/WH5h9p9swRLC4X2wBO
fkbuzcm2DiS17HnXqDM0S/MmLjYgAT7DWcT/TxcTZLCSyhNXhH/Hu5ELCrpe59/b
mjnPeveWcm3ZfemoculrUVjGjfs5QzdMC5+gSDNa/AR6hpjcqI0LKBoiRodRkPm2
oK0whVuj3Ni6WI55Ndjl6x0IQ7LZKRxLfoexvIO3qptX3yXliZsLcLw/GomvItyW
BYyXhQDyZYY5otsSilCAwJ78726d/KM0lg6qpxlOJBbnEnT3fCMI
-----END CERTIFICATE-----
Generated at Tue Nov 19 18:43:33 2024 by rpki-client on console-ams.rpki-client.org