Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3r1D0uvAPRkLMJXJ4WHF2X0OE10.roa
File: 3r1D0uvAPRkLMJXJ4WHF2X0OE10.roa (raw, json)
Hash identifier: AeeP+Rpf3XZthtf6lkWRuXpjlJT6CKBMQPN7Wr6/l3s=
Subject key identifier: DE:BD:43:D2:EB:C0:3D:19:0B:30:95:C9:E1:61:C5:D9:7D:0E:13:5D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01939D1CFC145C064D748AB13628B42581D1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3r1D0uvAPRkLMJXJ4WHF2X0OE10.roa
Signing time: Fri 06 Dec 2024 17:55:42 +0000
ROA not before: Fri 06 Dec 2024 17:55:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.41.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9d:1c:fc:14:5c:06:4d:74:8a:b1:36:28:b4:25:81:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 6 17:55:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=debd43d2ebc03d190b3095c9e161c5d97d0e135d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:76:bf:b4:a4:60:4a:0c:01:22:37:07:c6:1c:
48:bf:92:ab:28:fd:86:b7:34:41:71:51:19:ae:05:
b3:1f:67:55:1e:3e:5c:b3:8d:53:15:a5:c9:7c:e0:
1b:39:29:e5:6f:73:fa:ce:c2:37:e0:63:25:54:83:
bc:23:d9:bb:ac:6a:4a:5a:de:f3:33:a2:eb:b1:8a:
13:0d:5b:ce:75:71:a5:05:59:a9:a2:9e:27:9d:57:
13:80:d1:f2:c3:08:6d:ee:eb:d4:0a:7e:eb:f4:23:
02:4f:a9:ea:0d:7b:3a:90:45:0f:8b:67:ea:13:a9:
49:b4:b1:db:ef:be:c4:b0:cd:a8:2a:84:bd:20:82:
63:f8:38:d0:88:38:bb:af:6f:44:b8:a6:ee:c8:02:
0b:15:4b:0d:16:57:51:14:e9:3d:36:72:a6:c3:56:
38:d8:e7:68:95:c3:fe:33:3e:0a:40:1a:4f:c2:78:
78:7d:68:8f:4e:39:a0:0b:4e:93:a9:ec:cc:83:a3:
2a:8b:e7:99:7b:ec:0f:fe:78:1b:70:df:cb:8c:b8:
d6:b6:81:2e:8c:c7:33:51:2f:34:e4:77:4c:68:e7:
2f:33:85:61:05:03:ce:ba:70:85:b3:32:e3:4f:36:
99:3e:b6:63:89:d0:10:17:fa:a3:fb:98:a7:35:3e:
0f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BD:43:D2:EB:C0:3D:19:0B:30:95:C9:E1:61:C5:D9:7D:0E:13:5D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3r1D0uvAPRkLMJXJ4WHF2X0OE10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.41.0/24
163.5.86.0/24
163.5.97.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:74:4b:62:1a:b7:54:6e:85:77:91:78:01:d6:a9:b9:e3:f2:
d8:81:f2:ab:0a:ab:04:ad:d2:ed:51:51:b6:e8:d0:13:36:64:
2d:0e:15:df:9f:c5:36:5c:97:f0:75:a9:96:9d:ee:8d:28:b8:
cc:8d:82:a8:80:eb:6f:df:6f:4a:5c:0e:9f:cb:e4:c9:81:bf:
3a:ad:ff:89:03:ed:a6:10:e9:13:bd:c8:48:82:0e:50:0d:ba:
5e:92:1c:eb:9d:17:8d:86:72:cb:4d:e4:2e:49:54:9c:e3:6f:
79:c0:65:c5:bd:fc:ed:d8:5a:c5:70:21:7d:d5:24:69:18:5f:
ed:bb:0e:f6:b7:14:0e:cf:7d:df:97:5f:ce:e9:b0:7f:84:74:
99:bc:ea:8c:33:c9:97:0a:b5:db:85:a8:e2:0e:fe:8a:3c:3c:
94:a1:3b:07:89:08:d9:cf:1a:16:bc:6a:b2:58:0f:a6:a0:3c:
6e:78:46:7b:cd:cf:98:cc:83:3b:43:f8:4e:20:dc:f1:22:f0:
a4:f1:43:10:68:0d:73:bb:fe:c5:0a:9e:b4:70:0b:4f:93:f1:
69:81:dc:ac:61:de:dc:17:a4:4f:29:0d:8f:ce:07:0b:99:4e:
1b:0e:72:84:66:be:45:53:53:9c:00:69:37:c2:1e:34:50:11:
53:46:55:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOdHPwUXAZNdIqxNii0JYHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMjA2MTc1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWJkNDNkMmViYzAzZDE5MGIzMDk1YzllMTYxYzVkOTdkMGUxMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHa/tKRgSgwBIjcHxhxIv5KrKP2G
tzRBcVEZrgWzH2dVHj5cs41TFaXJfOAbOSnlb3P6zsI34GMlVIO8I9m7rGpKWt7z
M6LrsYoTDVvOdXGlBVmpop4nnVcTgNHywwht7uvUCn7r9CMCT6nqDXs6kEUPi2fq
E6lJtLHb777EsM2oKoS9IIJj+DjQiDi7r29EuKbuyAILFUsNFldRFOk9NnKmw1Y4
2OdolcP+Mz4KQBpPwnh4fWiPTjmgC06TqezMg6Mqi+eZe+wP/ngbcN/LjLjWtoEu
jMczUS805HdMaOcvM4VhBQPOunCFszLjTzaZPrZjidAQF/qj+5inNT4PRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN69Q9LrwD0ZCzCVyeFhxdl9DhNdMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvM3IxRDB1dkFQUmtMTUpYSjRXSEYyWDBPRTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowUpAwQA
owVWAwQAowVhMA0GCSqGSIb3DQEBCwUAA4IBAQCxdEtiGrdUboV3kXgB1qm54/LY
gfKrCqsErdLtUVG26NATNmQtDhXfn8U2XJfwdamWne6NKLjMjYKogOtv329KXA6f
y+TJgb86rf+JA+2mEOkTvchIgg5QDbpekhzrnReNhnLLTeQuSVSc4295wGXFvfzt
2FrFcCF91SRpGF/tuw72txQOz33fl1/O6bB/hHSZvOqMM8mXCrXbhajiDv6KPDyU
oTsHiQjZzxoWvGqyWA+moDxueEZ7zc+YzIM7Q/hOINzxIvCk8UMQaA1zu/7FCp60
cAtPk/FpgdysYd7cF6RPKQ2PzgcLmU4bDnKEZr5FU1OcAGk3wh40UBFTRlWM
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:36:51 2025 by rpki-client