Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2XESnmVnbx4-4jmoXPbJsumN-Mc.roa
File: 2XESnmVnbx4-4jmoXPbJsumN-Mc.roa (raw, json)
Hash identifier: NCWiu3YHnqmjM6O+mVarm0q8qnjjpZ1F+5T+WKDaMCE=
Subject key identifier: D9:71:12:9E:65:67:6F:1E:3E:E2:39:A8:5C:F6:C9:B2:E9:8D:F8:C7
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01929F20C1EB1CA012636D79E8CF9CDE2D6C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2XESnmVnbx4-4jmoXPbJsumN-Mc.roa
Signing time: Fri 18 Oct 2024 10:16:17 +0000
ROA not before: Fri 18 Oct 2024 10:16:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 163.5.0.0/24 maxlen: 24
163.5.1.0/24 maxlen: 24
163.5.3.0/24 maxlen: 24
163.5.4.0/24 maxlen: 24
163.5.6.0/24 maxlen: 24
163.5.7.0/24 maxlen: 24
163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.14.0/24 maxlen: 24
163.5.22.0/24 maxlen: 24
163.5.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 16:21:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:20:c1:eb:1c:a0:12:63:6d:79:e8:cf:9c:de:2d:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 18 10:16:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d971129e65676f1e3ee239a85cf6c9b2e98df8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6a:80:23:8f:84:53:35:4d:a1:95:e8:84:a4:
ef:9d:4a:f0:d1:33:a6:f7:fa:1e:b6:b1:fa:21:82:
d1:9f:86:10:c6:68:0a:c1:b8:f0:a6:06:7f:aa:5d:
9a:27:67:1c:5f:5d:b3:63:65:de:3a:35:72:44:52:
d2:9d:0d:60:89:d1:82:92:cf:d3:eb:8b:13:b4:2c:
96:1d:26:07:b9:24:6a:c1:cf:3a:3d:49:0f:29:dd:
b2:e7:58:05:0c:4b:2a:98:4b:cf:b5:16:24:a3:d3:
c6:f4:36:5e:b6:d7:f7:61:4c:6a:4c:43:54:56:4e:
6e:61:92:76:d2:b0:c6:73:d5:75:22:11:bf:cf:1d:
ae:8d:f6:6a:3b:dc:8d:49:49:a2:d5:7e:a1:cc:24:
a6:32:ec:29:fc:07:1b:9f:da:5f:c0:87:20:6a:48:
3e:23:e6:5e:50:bb:85:33:bd:d1:3a:6e:01:cc:69:
ed:13:36:2f:fa:77:b1:b7:47:a8:45:45:d5:b4:f6:
ea:f8:02:92:30:bf:4e:78:c3:2c:1d:71:fa:9c:a4:
d5:0d:3f:58:34:07:14:55:56:37:6e:47:43:59:47:
d1:a7:2a:fe:8f:6c:3c:8a:fa:38:48:7d:c7:fb:75:
96:d2:84:1f:05:1d:d3:2a:f7:28:57:0b:2f:62:78:
b2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:71:12:9E:65:67:6F:1E:3E:E2:39:A8:5C:F6:C9:B2:E9:8D:F8:C7
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2XESnmVnbx4-4jmoXPbJsumN-Mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.0.0/23
163.5.3.0-163.5.4.255
163.5.6.0-163.5.9.255
163.5.13.0-163.5.14.255
163.5.22.0/24
163.5.25.0/24
Signature Algorithm: sha256WithRSAEncryption
84:f7:17:b2:9a:2b:04:4e:67:73:30:85:c9:ea:28:1d:61:26:
dd:cc:a1:fe:85:e0:a3:2c:76:c6:27:ce:95:f9:dc:fc:9e:9d:
bc:ba:6a:22:4d:dc:dd:58:90:b0:03:d8:47:40:9e:31:f7:26:
bc:c9:1d:4f:85:19:ad:f0:2b:49:4c:56:97:15:96:db:ed:d3:
dc:07:eb:eb:2d:f5:6e:68:e8:f6:e3:26:b9:6f:fb:af:98:90:
21:cb:68:2e:f0:55:5e:45:eb:80:9e:6d:d3:ce:1f:ee:35:b9:
2f:f1:b4:cd:7f:16:41:9d:7e:79:54:b6:48:a7:a4:bb:09:52:
d1:28:70:14:13:1e:4c:34:aa:59:20:27:23:28:b9:58:1c:7a:
bf:95:38:8a:1c:ab:31:c7:29:18:a0:e3:63:5e:7e:e4:c5:42:
83:e8:44:cf:d6:4b:c7:a9:20:e8:21:92:f6:d1:37:d3:81:e1:
cd:7e:cb:7e:c6:c1:dc:1f:7a:99:e2:2d:e2:ac:59:fb:44:51:
df:7f:81:85:71:69:96:b2:3b:78:a7:ed:46:ca:3f:98:24:60:
25:3e:99:3e:f2:fb:e5:72:94:58:b2:ff:19:38:8c:42:54:40:
41:e5:40:67:2b:dc:16:35:49:32:15:47:94:0a:a4:3b:63:ab:
6c:55:1e:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZKfIMHrHKASY2156M+c3i1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMDE4MTAxNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTcxMTI5ZTY1Njc2ZjFlM2VlMjM5YTg1Y2Y2YzliMmU5OGRmOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWqAI4+EUzVNoZXohKTvnUrw0TOm
9/oetrH6IYLRn4YQxmgKwbjwpgZ/ql2aJ2ccX12zY2XeOjVyRFLSnQ1gidGCks/T
64sTtCyWHSYHuSRqwc86PUkPKd2y51gFDEsqmEvPtRYko9PG9DZettf3YUxqTENU
Vk5uYZJ20rDGc9V1IhG/zx2ujfZqO9yNSUmi1X6hzCSmMuwp/Acbn9pfwIcgakg+
I+ZeULuFM73ROm4BzGntEzYv+next0eoRUXVtPbq+AKSML9OeMMsHXH6nKTVDT9Y
NAcUVVY3bkdDWUfRpyr+j2w8ivo4SH3H+3WW0oQfBR3TKvcoVwsvYniyyQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNlxEp5lZ28ePuI5qFz2ybLpjfjHMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMlhFU25tVm5ieDQtNGptb1hQYkpzdW1OLU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBowUAMAwD
BACjBQMDBACjBQQwDAMEAaMFBgMEAaMFCDAMAwQAowUNAwQAowUOAwQAowUWAwQA
owUZMA0GCSqGSIb3DQEBCwUAA4IBAQCE9xeymisETmdzMIXJ6igdYSbdzKH+heCj
LHbGJ86V+dz8np28umoiTdzdWJCwA9hHQJ4x9ya8yR1PhRmt8CtJTFaXFZbb7dPc
B+vrLfVuaOj24ya5b/uvmJAhy2gu8FVeReuAnm3Tzh/uNbkv8bTNfxZBnX55VLZI
p6S7CVLRKHAUEx5MNKpZICcjKLlYHHq/lTiKHKsxxykYoONjXn7kxUKD6ETP1kvH
qSDoIZL20TfTgeHNfst+xsHcH3qZ4i3irFn7RFHff4GFcWmWsjt4p+1Gyj+YJGAl
Ppk+8vvlcpRYsv8ZOIxCVEBB5UBnK9wWNUkyFUeUCqQ7Y6tsVR7T
-----END CERTIFICATE-----
Generated at Tue Nov 5 19:27:10 2024 by rpki-client on console-ams.rpki-client.org