Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-Pe3xEPVIc2CXyjSaCQ8gPvEQ4.roa
File: 1-Pe3xEPVIc2CXyjSaCQ8gPvEQ4.roa (raw, json)
Hash identifier: /AX1AAHSVyAth29rIoYd9J4lp2HQUZbQHS5CrdPfeSs=
Subject key identifier: D7:E3:DE:DF:11:0F:54:87:36:09:7C:A3:49:A0:90:F2:03:EF:11:0E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0192FD2B3A82B9D328AEBC000A61964FE786
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-Pe3xEPVIc2CXyjSaCQ8gPvEQ4.roa
Signing time: Tue 05 Nov 2024 16:32:01 +0000
ROA not before: Tue 05 Nov 2024 16:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 163.5.0.0/24 maxlen: 24
163.5.1.0/24 maxlen: 24
163.5.3.0/24 maxlen: 24
163.5.4.0/24 maxlen: 24
163.5.6.0/24 maxlen: 24
163.5.7.0/24 maxlen: 24
163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 15:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:2b:3a:82:b9:d3:28:ae:bc:00:0a:61:96:4f:e7:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 5 16:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7e3dedf110f548736097ca349a090f203ef110e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:96:37:66:98:d5:72:ca:da:e1:ed:f5:0e:d6:
68:af:bc:5f:7b:16:7b:e3:94:99:94:1e:27:c8:39:
53:84:85:89:01:d7:3e:24:a4:81:79:48:d9:ad:8f:
7e:81:40:77:17:a9:87:ae:9d:da:bd:e7:3f:1f:a4:
7b:e8:1d:63:f3:6a:33:e5:1d:13:46:37:47:4a:20:
92:60:cc:2a:11:2d:01:0d:05:3d:00:e5:8e:ed:7e:
99:03:44:3f:c1:6e:1b:f4:56:3d:6b:f4:ea:81:35:
23:84:91:98:f7:e5:31:38:d1:cc:5f:00:52:f4:fb:
64:3c:f7:49:76:25:84:e0:55:b7:c2:10:b2:58:50:
15:ff:c4:3b:ff:1e:68:10:3b:6b:14:48:f3:6d:0a:
4e:c2:18:d0:2d:51:bf:c5:1d:07:97:01:74:01:fe:
cd:37:79:f5:3c:5b:43:1d:f8:05:a9:f5:5b:71:15:
cc:cf:2e:4f:98:39:84:2c:df:15:9a:8d:92:06:7f:
62:83:64:46:db:f8:7c:ae:42:8b:c6:7d:d4:a5:52:
b2:f5:a6:8e:46:06:e7:76:73:1c:46:53:41:ab:a5:
3f:38:8e:29:00:58:be:5e:ad:2c:a3:c8:0a:6b:d9:
a5:07:01:69:44:15:25:bc:dd:f0:c0:d2:02:dd:0c:
80:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E3:DE:DF:11:0F:54:87:36:09:7C:A3:49:A0:90:F2:03:EF:11:0E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-Pe3xEPVIc2CXyjSaCQ8gPvEQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.0.0/23
163.5.3.0-163.5.4.255
163.5.6.0-163.5.9.255
163.5.13.0/24
Signature Algorithm: sha256WithRSAEncryption
08:b9:e7:cb:bc:9f:17:3e:31:01:a4:a7:72:0f:5c:7b:f0:a8:
8f:c0:b9:5b:a5:fc:f3:b0:d3:ec:ee:fe:ce:97:4c:0d:3d:09:
b4:63:af:76:91:72:94:e7:94:01:a7:8c:ff:2b:f8:88:bb:da:
00:3f:ed:95:08:07:3d:ef:91:a2:1c:37:c0:fd:c1:25:61:92:
eb:5f:d9:b3:d0:c7:00:f9:1a:71:a9:01:a2:95:ea:9e:b1:33:
b5:cc:f4:4e:58:75:67:35:5e:f4:8b:76:7b:e2:6f:48:68:a8:
0d:a4:76:80:dc:8d:ec:71:a4:5b:e3:64:3d:8f:0e:d7:32:eb:
9b:dd:52:26:36:7c:6b:e7:0f:ae:d5:5c:b7:af:6e:56:79:f5:
0b:0f:b0:83:ca:ac:e1:42:46:4b:5c:3f:d4:d6:83:fc:bd:3f:
37:9c:30:2a:90:51:a0:f9:63:f9:b7:b4:e0:38:8d:6b:84:b7:
fe:17:d8:72:e0:64:1e:7a:b1:2d:30:d5:9a:d5:25:ab:ec:25:
e7:19:a6:3f:0f:cb:18:30:58:f2:5f:e1:0f:ef:61:d1:3e:de:
66:3e:3a:be:b1:2d:60:62:9e:f5:db:2c:4a:97:d6:9d:bd:db:
10:28:2d:33:12:92:fa:84:75:7c:44:9f:9e:06:6e:aa:84:5e:
40:79:da:18
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZL9KzqCudMorrwACmGWT+eGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTA1MTYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2UzZGVkZjExMGY1NDg3MzYwOTdjYTM0OWEwOTBmMjAzZWYxMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZY3ZpjVcsra4e31DtZor7xfexZ7
45SZlB4nyDlThIWJAdc+JKSBeUjZrY9+gUB3F6mHrp3avec/H6R76B1j82oz5R0T
RjdHSiCSYMwqES0BDQU9AOWO7X6ZA0Q/wW4b9FY9a/TqgTUjhJGY9+UxONHMXwBS
9PtkPPdJdiWE4FW3whCyWFAV/8Q7/x5oEDtrFEjzbQpOwhjQLVG/xR0HlwF0Af7N
N3n1PFtDHfgFqfVbcRXMzy5PmDmELN8Vmo2SBn9ig2RG2/h8rkKLxn3UpVKy9aaO
RgbndnMcRlNBq6U/OI4pAFi+Xq0so8gKa9mlBwFpRBUlvN3wwNIC3QyAxwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNfj3t8RD1SHNgl8o0mgkPID7xEOMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS1QZTN4RVBWSWMyQ1h5alNhQ1E4Z1B2RVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBowUAMAwD
BACjBQMDBACjBQQwDAMEAaMFBgMEAaMFCAMEAKMFDTANBgkqhkiG9w0BAQsFAAOC
AQEACLnny7yfFz4xAaSncg9ce/Coj8C5W6X887DT7O7+zpdMDT0JtGOvdpFylOeU
AaeM/yv4iLvaAD/tlQgHPe+Rohw3wP3BJWGS61/Zs9DHAPkacakBopXqnrEztcz0
Tlh1ZzVe9It2e+JvSGioDaR2gNyN7HGkW+NkPY8O1zLrm91SJjZ8a+cPrtVct69u
Vnn1Cw+wg8qs4UJGS1w/1NaD/L0/N5wwKpBRoPlj+be04DiNa4S3/hfYcuBkHnqx
LTDVmtUlq+wl5xmmPw/LGDBY8l/hD+9h0T7eZj46vrEtYGKe9dssSpfWnb3bECgt
MxKS+oR1fESfngZuqoReQHnaGA==
-----END CERTIFICATE-----
Generated at Tue Nov 19 19:24:41 2024 by rpki-client on console-fra.rpki-client.org