Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/56q25k5ktkDqHBE9qqzxdjVzfrA.roa
File: 56q25k5ktkDqHBE9qqzxdjVzfrA.roa (raw, json)
Hash identifier: 8FTAbUfY0GRqG46nwrgi/lkLFbpAsLcIwHFJqrnBrQU=
Subject key identifier: E7:AA:B6:E6:4E:64:B6:40:EA:1C:11:3D:AA:AC:F1:76:35:73:7E:B0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042BC87B1ECBF3EE756E063997FFB6D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/56q25k5ktkDqHBE9qqzxdjVzfrA.roa
Signing time: Mon 02 Jan 2023 02:14:59 +0000
ROA not before: Mon 02 Jan 2023 02:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44486
IP address blocks: 163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 12:58:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:bc:87:b1:ec:bf:3e:e7:56:e0:63:99:7f:fb:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7aab6e64e64b640ea1c113daaacf17635737eb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:12:22:fc:2e:a4:54:6b:51:bd:d2:02:0f:ae:
fc:45:a4:c4:f5:60:79:7f:2e:f2:ef:40:70:6c:1d:
f0:e3:2b:69:1d:43:b8:ba:b9:6a:0d:b2:2e:81:90:
3f:52:29:97:69:f6:4b:43:1e:81:fe:70:bc:66:79:
2d:e8:a0:32:46:d7:20:02:84:7d:81:af:df:97:37:
b8:f9:46:71:d7:d0:59:18:6f:ed:b8:b1:52:cc:4a:
3e:b3:3e:46:b1:77:2a:64:96:55:fc:6c:92:50:d6:
61:2b:04:c3:c2:19:43:53:48:f1:c6:f8:5c:e6:50:
e6:31:cc:6d:b9:e4:70:4f:34:a2:4d:9b:c5:ff:a4:
54:cc:dd:cb:1e:e4:5d:93:c2:cd:77:0a:8f:47:f2:
38:78:9e:73:cb:cf:b4:eb:98:83:3f:98:65:2a:bb:
9b:6a:ab:be:28:95:8d:81:ce:82:55:e0:f0:b5:99:
21:89:7e:a5:ed:3a:5a:6b:3c:c3:f6:93:e4:10:7e:
dd:1b:af:3e:09:db:98:d9:3e:d2:77:55:c6:93:7e:
79:de:05:6e:d3:40:28:56:12:08:38:71:fb:0e:31:
8f:b2:fd:9a:57:82:9a:39:a2:9c:2a:f7:4c:c7:34:
0d:9a:dc:b8:90:64:c3:d7:65:7c:c6:40:09:bb:1e:
bc:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:AA:B6:E6:4E:64:B6:40:EA:1C:11:3D:AA:AC:F1:76:35:73:7E:B0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/56q25k5ktkDqHBE9qqzxdjVzfrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.148.0/24
163.5.176.0/24
163.5.178.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:da:fc:73:eb:18:9f:c7:2a:db:ac:b3:ef:69:4e:a8:c8:7f:
f4:08:2e:8b:c0:83:19:2f:48:be:14:73:ac:52:60:6c:16:4c:
82:fa:4a:05:47:7e:4d:29:98:64:9c:66:68:02:3a:18:ee:24:
2a:c3:98:16:85:9f:16:6e:d5:0e:d5:19:48:c4:d2:80:68:a1:
32:07:4e:74:d0:d7:59:37:28:73:39:65:b3:d8:56:03:6c:83:
b1:08:98:02:92:75:fa:cf:4a:aa:ed:c9:8d:95:40:75:3a:5c:
58:91:d4:73:6d:b1:d5:8b:61:10:36:20:e1:a8:3f:5a:ba:13:
67:29:58:b0:03:1e:79:d6:d2:e2:65:a8:99:41:ca:93:4b:a4:
9b:35:e0:0e:76:68:7c:5b:13:0d:5b:86:76:71:87:15:2b:be:
da:7e:e3:85:91:7e:de:bf:5a:3b:86:97:4d:e2:91:3d:df:21:
9b:02:e4:69:27:f7:e5:14:f3:f4:80:cc:7f:d3:59:2e:a3:d4:
a2:fd:36:7e:d2:7e:44:82:80:89:2d:0a:47:55:5c:18:cb:b4:
fa:be:d8:69:8d:fc:46:30:99:5e:ee:e3:d5:af:af:22:d9:a4:
77:be:29:45:82:6d:85:e6:d0:fd:88:ce:38:37:2d:60:14:7a:
a1:85:61:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwQryHsey/PudW4GOZf/ttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2FhYjZlNjRlNjRiNjQwZWExYzExM2RhYWFjZjE3NjM1NzM3ZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxIi/C6kVGtRvdICD678RaTE9WB5
fy7y70BwbB3w4ytpHUO4urlqDbIugZA/UimXafZLQx6B/nC8Znkt6KAyRtcgAoR9
ga/flze4+UZx19BZGG/tuLFSzEo+sz5GsXcqZJZV/GySUNZhKwTDwhlDU0jxxvhc
5lDmMcxtueRwTzSiTZvF/6RUzN3LHuRdk8LNdwqPR/I4eJ5zy8+065iDP5hlKrub
aqu+KJWNgc6CVeDwtZkhiX6l7TpaazzD9pPkEH7dG68+CduY2T7Sd1XGk3553gVu
00AoVhIIOHH7DjGPsv2aV4KaOaKcKvdMxzQNmty4kGTD12V8xkAJux68sQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOeqtuZOZLZA6hwRPaqs8XY1c36wMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNTZxMjVrNWt0a0RxSEJFOXFxenhkalZ6ZnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWUAwQA
owWwAwQAowWyMA0GCSqGSIb3DQEBCwUAA4IBAQCx2vxz6xifxyrbrLPvaU6oyH/0
CC6LwIMZL0i+FHOsUmBsFkyC+koFR35NKZhknGZoAjoY7iQqw5gWhZ8WbtUO1RlI
xNKAaKEyB0500NdZNyhzOWWz2FYDbIOxCJgCknX6z0qq7cmNlUB1OlxYkdRzbbHV
i2EQNiDhqD9auhNnKViwAx551tLiZaiZQcqTS6SbNeAOdmh8WxMNW4Z2cYcVK77a
fuOFkX7ev1o7hpdN4pE93yGbAuRpJ/flFPP0gMx/01kuo9Si/TZ+0n5EgoCJLQpH
VVwYy7T6vthpjfxGMJle7uPVr68i2aR3vilFgm2F5tD9iM44Ny1gFHqhhWEy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org