Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8D5InMLQGIiJhCoTKCuwOTN8rdg.roa
File: 8D5InMLQGIiJhCoTKCuwOTN8rdg.roa (raw, json)
Hash identifier: 3rX7zt7/lSDHl7GFxY1FX45BS3SATKaPpYRcDjpz0WY=
Subject key identifier: F0:3E:48:9C:C2:D0:18:88:89:84:2A:13:28:2B:B0:39:33:7C:AD:D8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A36FA9A3525FD8ED104A66D6CC3D3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8D5InMLQGIiJhCoTKCuwOTN8rdg.roa
Signing time: Wed 01 Jan 2025 19:49:10 +0000
ROA not before: Wed 01 Jan 2025 19:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 163.5.61.0/24 maxlen: 24
163.5.91.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.239.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 18:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:36:fa:9a:35:25:fd:8e:d1:04:a6:6d:6c:c3:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f03e489cc2d0188889842a13282bb039337cadd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:eb:02:9a:7b:36:c9:d2:7c:4f:8e:25:94:88:
38:8e:a6:aa:10:22:77:2c:8a:27:b1:9b:ed:0f:44:
42:b3:3e:54:68:6d:c4:68:45:4f:a6:df:8b:b3:56:
50:4d:e5:4a:a6:5a:ce:69:d2:78:ca:b5:e1:44:b6:
12:77:56:07:12:63:0b:81:df:2e:00:f6:83:ab:2f:
47:04:fc:4b:e6:20:17:83:aa:62:0d:4a:54:f1:ee:
7c:da:0b:62:94:a7:a2:b1:47:70:62:78:2d:91:d8:
c0:d1:6a:b5:c3:6e:e0:80:54:55:de:93:6d:08:fd:
0c:d0:5a:97:bc:24:0f:e1:83:b6:43:3d:9b:3a:37:
99:26:45:fd:36:18:d8:18:51:d0:e6:dd:b6:7a:ee:
a5:2b:4b:8e:74:21:e7:39:ac:10:74:c5:60:d8:5e:
04:96:0e:ed:50:7f:66:34:8f:5d:3c:73:e4:22:e4:
5d:8a:e1:26:e2:6f:5c:42:dc:fc:76:04:cd:88:53:
e0:c0:b7:59:e8:28:58:24:60:5c:85:3a:66:de:1f:
0e:d7:05:ce:84:38:38:8a:47:82:e4:10:93:27:77:
fd:24:d8:4b:a7:2e:5f:38:18:78:55:c9:22:c3:da:
91:c4:ee:a3:8a:7c:a7:32:c1:99:87:4b:a7:03:35:
d7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3E:48:9C:C2:D0:18:88:89:84:2A:13:28:2B:B0:39:33:7C:AD:D8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8D5InMLQGIiJhCoTKCuwOTN8rdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.61.0/24
163.5.91.0/24
163.5.140.0/24
163.5.215.0/24
163.5.239.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:48:cf:e2:04:4e:2e:13:25:9f:e9:c4:fa:3a:65:00:93:76:
1a:5a:29:e9:80:74:40:c9:e6:a8:60:34:09:9a:0c:d0:1e:71:
bd:ff:15:b0:3a:65:0c:25:23:39:dc:76:62:ee:9e:29:a0:00:
99:64:3c:c2:df:29:00:f9:50:95:50:87:fb:3a:1b:b7:d0:5c:
b6:26:27:c4:69:4d:a6:95:1a:30:94:06:7e:04:9b:6a:68:fa:
21:e6:43:4d:ab:fc:c1:cc:c5:70:a8:ad:02:4e:4d:17:ea:d2:
ed:c5:0a:10:45:52:4a:32:b8:1d:18:ba:28:a6:5c:aa:82:7a:
39:c2:a8:d7:60:19:fa:ae:09:04:92:7c:ab:f2:48:3f:99:ac:
73:89:6c:75:14:1a:5d:5a:59:db:5b:9c:b8:6e:19:ff:63:66:
34:38:e7:f5:f1:48:3a:10:6a:b8:28:46:ca:9f:5b:ad:40:b6:
95:dc:66:44:1f:1b:9d:64:b3:e1:94:18:d3:b2:0c:75:08:90:
f9:de:af:1f:25:7d:d5:b5:d2:38:f2:0c:b7:9c:1b:17:8a:5a:
b4:eb:0f:8c:09:b8:57:ca:a8:57:2f:81:57:fe:16:67:1f:14:
27:df:10:07:12:bb:4a:ab:f3:d7:35:77:48:5d:20:d4:4e:77:
8d:60:20:59
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQjajb6mjUl/Y7RBKZtbMPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNlNDg5Y2MyZDAxODg4ODk4NDJhMTMyODJiYjAzOTMzN2NhZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+sCmns2ydJ8T44llIg4jqaqECJ3
LIonsZvtD0RCsz5UaG3EaEVPpt+Ls1ZQTeVKplrOadJ4yrXhRLYSd1YHEmMLgd8u
APaDqy9HBPxL5iAXg6piDUpU8e582gtilKeisUdwYngtkdjA0Wq1w27ggFRV3pNt
CP0M0FqXvCQP4YO2Qz2bOjeZJkX9NhjYGFHQ5t22eu6lK0uOdCHnOawQdMVg2F4E
lg7tUH9mNI9dPHPkIuRdiuEm4m9cQtz8dgTNiFPgwLdZ6ChYJGBchTpm3h8O1wXO
hDg4ikeC5BCTJ3f9JNhLpy5fOBh4Vckiw9qRxO6jinynMsGZh0unAzXXOQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPA+SJzC0BiIiYQqEygrsDkzfK3YMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOEQ1SW5NTFFHSWlKaENvVEtDdXdPVE44cmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowU9AwQA
owVbAwQAowWMAwQAowXXAwQAowXvAwQAowX/MA0GCSqGSIb3DQEBCwUAA4IBAQCo
SM/iBE4uEyWf6cT6OmUAk3YaWinpgHRAyeaoYDQJmgzQHnG9/xWwOmUMJSM53HZi
7p4poACZZDzC3ykA+VCVUIf7Ohu30Fy2JifEaU2mlRowlAZ+BJtqaPoh5kNNq/zB
zMVwqK0CTk0X6tLtxQoQRVJKMrgdGLooplyqgno5wqjXYBn6rgkEknyr8kg/maxz
iWx1FBpdWlnbW5y4bhn/Y2Y0OOf18Ug6EGq4KEbKn1utQLaV3GZEHxudZLPhlBjT
sgx1CJD53q8fJX3VtdI48gy3nBsXilq06w+MCbhXyqhXL4FX/hZnHxQn3xAHErtK
q/PXNXdIXSDUTneNYCBZ
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:59:12 2025 by rpki-client