Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4zBIaILG74HSmGiQ0TMGc3oDDvk.roa
File: 4zBIaILG74HSmGiQ0TMGc3oDDvk.roa (raw, json)
Hash identifier: Pu5iVF4FM2mnxemtpNTiOckah9AvoiZo0W077APFbrk=
Subject key identifier: E3:30:48:68:82:C6:EF:81:D2:98:68:90:D1:33:06:73:7A:03:0E:F9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191735C6D330D394DBB853C495758698FC3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4zBIaILG74HSmGiQ0TMGc3oDDvk.roa
Signing time: Wed 21 Aug 2024 05:15:22 +0000
ROA not before: Wed 21 Aug 2024 05:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 163.5.56.0/24 maxlen: 24
163.5.82.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Sep 2024 11:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:73:5c:6d:33:0d:39:4d:bb:85:3c:49:57:58:69:8f:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 21 05:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e330486882c6ef81d2986890d13306737a030ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:58:9e:47:f9:a2:59:07:8a:03:76:0b:e2:a4:
7d:c4:bc:ac:42:e7:76:6d:4b:e2:07:87:36:cf:c8:
5d:d0:d3:9d:64:56:d7:b3:dc:f5:cf:92:dd:85:c5:
57:7f:ef:5c:79:01:66:6d:ec:ad:11:bc:c3:7d:8d:
f8:4d:6c:e5:f1:f2:bc:0e:5a:13:10:45:f7:a0:86:
49:0f:e8:25:5a:46:68:c5:08:a2:56:28:93:b7:26:
0f:cd:85:42:a7:63:4a:a7:ce:50:97:7a:40:8b:9a:
55:22:96:7c:0b:40:99:f2:28:72:7d:a8:86:e8:fb:
4b:41:aa:a3:b5:78:3c:24:8a:f6:5b:6c:3a:18:0a:
71:57:49:2c:64:01:63:56:81:70:03:12:94:79:b9:
ad:e6:44:34:aa:35:6d:31:ea:2e:1f:4a:b5:7d:c4:
38:e5:21:a5:6f:d5:17:8e:fb:08:5e:db:c2:7c:67:
14:61:f3:f5:53:17:bd:82:9d:b0:c0:bb:a6:00:6f:
53:53:85:16:d5:14:b0:10:aa:99:98:b5:3b:25:10:
c1:74:66:46:c8:8d:88:4b:2e:63:c1:a2:ab:fa:15:
5c:a6:04:67:5d:89:35:38:21:c8:a2:a8:19:11:b1:
e4:88:10:de:7b:78:fa:56:a2:aa:05:d7:03:84:87:
d5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:30:48:68:82:C6:EF:81:D2:98:68:90:D1:33:06:73:7A:03:0E:F9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4zBIaILG74HSmGiQ0TMGc3oDDvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.56.0/24
163.5.82.0/24
163.5.99.0/24
163.5.127.0/24
163.5.140.0/24
163.5.202.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:69:00:3c:a9:19:99:e6:15:0f:0c:90:15:da:21:06:43:ce:
0e:ef:45:32:6d:b4:76:79:c8:36:dd:ed:8a:ee:c8:f2:cb:ea:
ad:30:7f:94:23:6f:4c:0c:d4:17:37:81:b9:cb:e0:2c:2a:cc:
1a:73:4d:44:63:d3:ed:b8:bc:33:4d:25:95:86:5f:e1:90:95:
53:12:19:fe:43:1d:70:91:f7:05:1f:dd:0b:10:be:22:7f:22:
bd:cf:dd:80:e9:4e:cf:0a:df:ee:f1:29:dd:e0:ec:50:90:13:
19:6c:66:3d:83:ff:da:27:fd:3f:f8:96:e0:e8:0d:ca:15:6f:
22:4f:cb:50:bb:00:0c:ca:e9:1f:33:f2:0b:af:69:d6:5e:7a:
a2:09:e0:64:94:30:ee:df:37:30:08:ed:1f:01:02:4b:e1:71:
94:de:06:44:33:6a:17:66:51:03:ae:df:81:b5:c5:0d:46:88:
e9:36:d1:df:4e:5c:36:97:2d:42:37:ad:10:6e:57:78:85:4e:
72:e4:5a:5d:e0:5a:e5:42:73:59:f7:21:14:34:78:35:7d:15:
d8:08:a3:c6:70:e2:69:41:bc:1b:be:c1:d7:06:95:e3:5d:85:
86:ed:54:dd:62:1d:48:f2:2b:02:c4:86:d7:d7:10:8d:12:0a:
27:a5:9b:ad
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZFzXG0zDTlNu4U8SVdYaY/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwODIxMDUxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzMwNDg2ODgyYzZlZjgxZDI5ODY4OTBkMTMzMDY3MzdhMDMwZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlieR/miWQeKA3YL4qR9xLysQud2
bUviB4c2z8hd0NOdZFbXs9z1z5LdhcVXf+9ceQFmbeytEbzDfY34TWzl8fK8DloT
EEX3oIZJD+glWkZoxQiiViiTtyYPzYVCp2NKp85Ql3pAi5pVIpZ8C0CZ8ihyfaiG
6PtLQaqjtXg8JIr2W2w6GApxV0ksZAFjVoFwAxKUebmt5kQ0qjVtMeouH0q1fcQ4
5SGlb9UXjvsIXtvCfGcUYfP1Uxe9gp2wwLumAG9TU4UW1RSwEKqZmLU7JRDBdGZG
yI2ISy5jwaKr+hVcpgRnXYk1OCHIoqgZEbHkiBDee3j6VqKqBdcDhIfVtwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOMwSGiCxu+B0phokNEzBnN6Aw75MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNHpCSWFJTEc3NEhTbUdpUTBUTUdjM29ERHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowU4AwQA
owVSAwQAowVjAwQAowV/AwQAowWMAwQAowXKAwQAowX4MA0GCSqGSIb3DQEBCwUA
A4IBAQCdaQA8qRmZ5hUPDJAV2iEGQ84O70UybbR2ecg23e2K7sjyy+qtMH+UI29M
DNQXN4G5y+AsKswac01EY9PtuLwzTSWVhl/hkJVTEhn+Qx1wkfcFH90LEL4ifyK9
z92A6U7PCt/u8Snd4OxQkBMZbGY9g//aJ/0/+Jbg6A3KFW8iT8tQuwAMyukfM/IL
r2nWXnqiCeBklDDu3zcwCO0fAQJL4XGU3gZEM2oXZlEDrt+BtcUNRojpNtHfTlw2
ly1CN60Qbld4hU5y5Fpd4FrlQnNZ9yEUNHg1fRXYCKPGcOJpQbwbvsHXBpXjXYWG
7VTdYh1I8isCxIbX1xCNEgonpZut
-----END CERTIFICATE-----
Generated at Mon Sep 16 13:24:21 2024 by rpki-client on console-fra.rpki-client.org