Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4PCGthDdBpgI84AYNETvqTkzmpM.roa
File: 4PCGthDdBpgI84AYNETvqTkzmpM.roa (raw, json)
Hash identifier: 6UpPNKPG/K3OFTf4r1xENV+b0tBWg5cAkh6kxMU+sk4=
Subject key identifier: E0:F0:86:B6:10:DD:06:98:08:F3:80:18:34:44:EF:A9:39:33:9A:93
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191E1ED46A9EBCB5AFBC0BEBE1FE5B2EF38
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4PCGthDdBpgI84AYNETvqTkzmpM.roa
Signing time: Wed 11 Sep 2024 16:31:49 +0000
ROA not before: Wed 11 Sep 2024 16:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.31.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:ed:46:a9:eb:cb:5a:fb:c0:be:be:1f:e5:b2:ef:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 11 16:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0f086b610dd069808f380183444efa939339a93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e3:74:2a:d2:9b:c5:20:1b:4a:b6:b5:52:26:
6d:c5:ac:f3:f3:89:8d:1f:b5:c0:69:05:7b:cc:d2:
2c:5e:bc:87:8c:88:71:47:09:cc:43:a7:6f:de:23:
20:ae:09:76:6e:b8:0a:11:96:e9:a5:8f:09:55:7b:
64:c8:d2:40:34:bc:d7:2c:37:22:82:80:a5:e1:c6:
83:74:6d:16:f0:b9:e2:a7:01:2a:37:d0:aa:67:17:
3e:77:6a:0a:aa:a4:64:d1:e9:ca:9e:6a:a4:dd:5e:
2a:cd:5a:2b:db:1f:5d:66:b1:88:fb:19:26:f4:b9:
04:d6:ca:02:d4:dd:3d:94:6b:ad:d3:5a:9a:1c:41:
75:8d:d2:48:4f:a0:48:0b:5e:06:ab:89:f7:5e:b6:
35:58:0c:30:5c:bf:97:71:8d:a9:3a:07:12:f6:39:
40:e4:12:e2:f9:d8:88:58:8c:da:c1:ca:a3:37:56:
12:ce:76:a3:0e:c9:e6:bc:1b:06:06:03:8b:e2:dc:
37:74:7c:3f:78:26:0c:a9:90:83:ee:7f:ee:21:ef:
6b:a4:9d:43:89:d7:8d:5a:8c:16:f5:57:3a:44:63:
c9:18:6d:a7:46:7f:5d:af:ba:16:2a:52:bf:12:7e:
c3:0b:b8:97:d7:a2:af:c3:ac:3a:2f:a7:27:66:77:
33:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F0:86:B6:10:DD:06:98:08:F3:80:18:34:44:EF:A9:39:33:9A:93
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4PCGthDdBpgI84AYNETvqTkzmpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.62.0/24
163.5.99.0/24
163.5.142.0/23
163.5.192.0/23
163.5.213.0-163.5.214.255
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
18:4c:e8:ad:55:5a:6b:25:4c:cc:16:c1:9f:6b:5b:9d:da:c5:
a4:b7:db:ca:a4:6c:8f:48:d8:1b:78:a3:16:af:ae:be:d8:ca:
fb:64:da:5f:d3:5b:a8:51:3d:18:ba:5e:43:cd:61:b4:3b:51:
48:59:c8:b7:0e:c6:9f:5f:52:09:1d:7c:9d:72:44:84:e6:40:
f5:14:0e:ae:0d:06:d3:c5:91:08:10:4a:7f:2a:17:04:6e:c8:
2a:8b:93:ad:e6:86:4b:cc:77:1f:8d:7f:8d:80:db:1f:f2:0d:
fe:1d:04:dd:9d:c1:70:42:4b:13:21:62:15:cc:a5:ee:8c:88:
5b:b7:55:07:8a:52:1f:50:ed:28:95:e6:fe:69:85:df:76:30:
12:e1:7f:6c:19:20:db:00:95:29:9a:1a:80:df:7e:18:aa:ef:
b3:64:8b:26:eb:4c:b5:fc:d2:a3:f4:3c:81:01:c1:e9:5f:75:
87:8d:b7:63:7f:bf:02:86:45:67:ce:a3:c4:2d:b0:b7:79:e4:
bf:87:1a:9d:16:77:45:92:4a:b0:76:c7:89:28:5e:ae:ac:38:
97:18:04:59:d2:5e:c7:53:ed:90:6e:4f:d2:81:88:04:90:b8:
69:5a:33:31:26:e2:90:5f:a2:99:ff:66:92:27:14:0b:ab:08:
3e:8d:96:41
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZHh7Uap68ta+8C+vh/lsu84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTExMTYzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGYwODZiNjEwZGQwNjk4MDhmMzgwMTgzNDQ0ZWZhOTM5MzM5YTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+N0KtKbxSAbSra1UiZtxazz84mN
H7XAaQV7zNIsXryHjIhxRwnMQ6dv3iMgrgl2brgKEZbppY8JVXtkyNJANLzXLDci
goCl4caDdG0W8LnipwEqN9CqZxc+d2oKqqRk0enKnmqk3V4qzVor2x9dZrGI+xkm
9LkE1soC1N09lGut01qaHEF1jdJIT6BIC14Gq4n3XrY1WAwwXL+XcY2pOgcS9jlA
5BLi+diIWIzawcqjN1YSznajDsnmvBsGBgOL4tw3dHw/eCYMqZCD7n/uIe9rpJ1D
ideNWowW9Vc6RGPJGG2nRn9dr7oWKlK/En7DC7iX16Kvw6w6L6cnZnczOQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFODwhrYQ3QaYCPOAGDRE76k5M5qTMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNFBDR3RoRGRCcGdJODRBWU5FVHZxVGt6bXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAowUfAwQA
owU+AwQAowVjAwQBowWOAwQBowXAMAwDBACjBdUDBACjBdYDBAC5/TYwDQYJKoZI
hvcNAQELBQADggEBABhM6K1VWmslTMwWwZ9rW53axaS328qkbI9I2Bt4oxavrr7Y
yvtk2l/TW6hRPRi6XkPNYbQ7UUhZyLcOxp9fUgkdfJ1yRITmQPUUDq4NBtPFkQgQ
Sn8qFwRuyCqLk63mhkvMdx+Nf42A2x/yDf4dBN2dwXBCSxMhYhXMpe6MiFu3VQeK
Uh9Q7SiV5v5phd92MBLhf2wZINsAlSmaGoDffhiq77NkiybrTLX80qP0PIEBwelf
dYeNt2N/vwKGRWfOo8QtsLd55L+HGp0Wd0WSSrB2x4koXq6sOJcYBFnSXsdT7ZBu
T9KBiASQuGlaMzEm4pBfopn/ZpInFAurCD6NlkE=
-----END CERTIFICATE-----
Generated at Thu Nov 7 22:52:09 2024 by rpki-client on console-fra.rpki-client.org