Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9vm28pZDzXKDo-NGq5Yfjcr_0SU.roa
File: 9vm28pZDzXKDo-NGq5Yfjcr_0SU.roa (raw, json)
Hash identifier: bXeWXe3iGroubL4BKlHFuOeo5WdjA9ToYKnv/Efn4ns=
Subject key identifier: F6:F9:B6:F2:96:43:CD:72:83:A3:E3:46:AB:96:1F:8D:CA:FF:D1:25
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0187E60AAFDF2395698E1573EF71E0723FDA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9vm28pZDzXKDo-NGq5Yfjcr_0SU.roa
Signing time: Thu 04 May 2023 09:14:32 +0000
ROA not before: Thu 04 May 2023 09:14:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.5.206.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.208.0/24 maxlen: 24
163.5.207.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 May 2023 09:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:0a:af:df:23:95:69:8e:15:73:ef:71:e0:72:3f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 4 09:14:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6f9b6f29643cd7283a3e346ab961f8dcaffd125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:36:8c:01:2e:b9:12:a7:4f:33:22:7a:cc:4f:
dc:5c:43:d1:2c:a3:3c:b4:1a:f7:b7:c6:39:2c:b1:
49:38:d3:51:e6:1f:4c:9a:a0:17:60:e9:80:75:4c:
01:34:63:a7:99:14:41:95:dc:04:9b:91:7d:27:0d:
0c:5b:6c:e2:4d:97:6d:9c:c1:1f:b4:12:dd:8f:b0:
0f:a1:5d:2b:5a:4b:ed:d0:60:77:66:1a:b0:6c:82:
ea:fc:94:d4:7a:5c:4a:8b:0d:f6:14:26:1b:4b:8c:
67:0f:13:eb:0b:e4:43:da:40:9d:24:84:df:ae:4c:
2d:19:94:e3:8f:8d:a1:7d:e7:10:46:48:6e:d3:62:
d7:26:b1:2d:09:f5:b0:e6:fa:a4:67:94:ff:b0:ee:
57:f8:37:55:ba:a9:5d:5e:a2:25:48:ee:a3:6d:07:
2b:bc:fe:4f:7b:a0:00:05:8d:42:65:4b:78:00:59:
66:32:f2:24:f7:f3:2d:e1:a1:9f:65:55:ae:35:a5:
0b:cc:ac:02:9e:f7:f9:f3:9c:a1:bb:98:12:0d:75:
16:14:4c:aa:ad:7a:d6:ac:95:03:fb:35:e6:04:d7:
f9:e8:be:3c:62:68:2b:4b:29:ee:3f:fb:98:33:db:
4f:04:95:70:95:57:f4:d5:f2:7a:03:fd:c5:99:32:
e5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F9:B6:F2:96:43:CD:72:83:A3:E3:46:AB:96:1F:8D:CA:FF:D1:25
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9vm28pZDzXKDo-NGq5Yfjcr_0SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.147.0/24
163.5.155.0-163.5.157.255
163.5.200.0/24
163.5.206.0-163.5.209.255
163.5.213.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:4a:61:28:c4:66:23:a6:30:7e:bc:a7:37:84:f1:87:a3:75:
5c:03:60:14:74:6e:95:9a:90:dc:e9:43:3c:2b:3d:52:16:fb:
43:2f:b2:f4:39:03:b8:85:dd:c3:ae:17:ca:60:af:a5:8b:3c:
fa:fd:29:5f:5e:22:07:f9:d7:f4:f0:7b:1f:b2:09:59:0c:bd:
aa:3f:cf:4a:11:c2:3a:c9:f6:c5:09:78:10:d9:4b:1b:f5:8b:
e4:b8:d3:1f:2b:8a:63:b3:57:3d:23:c5:68:6c:2b:91:c2:95:
bb:0b:26:47:7f:47:1c:df:1c:54:e3:99:47:c3:41:1c:57:6a:
bb:e5:c8:0b:2f:c8:e2:71:c0:8d:e3:ab:4c:bb:d5:09:5a:ac:
03:7b:fa:e4:f2:63:ce:24:3d:15:8b:ac:5b:04:f6:c0:b2:82:
1a:69:73:2d:d5:f5:03:0e:c6:2c:07:b7:c0:94:41:56:50:e8:
be:2c:51:a4:bd:ae:c0:42:50:f6:25:d3:6a:4e:12:28:12:96:
d4:4a:cd:c9:c5:dd:43:71:45:32:53:3e:07:88:f9:c3:36:08:
ce:6e:a7:eb:15:aa:d0:88:04:f7:7b:fd:e7:93:13:f8:b6:59:
3e:29:0e:72:c0:99:8f:43:d5:23:7d:fe:55:79:96:fc:06:7e:
ba:da:70:9a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYfmCq/fI5VpjhVz73Hgcj/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTA0MDkxNDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmY5YjZmMjk2NDNjZDcyODNhM2UzNDZhYjk2MWY4ZGNhZmZkMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljaMAS65EqdPMyJ6zE/cXEPRLKM8
tBr3t8Y5LLFJONNR5h9MmqAXYOmAdUwBNGOnmRRBldwEm5F9Jw0MW2ziTZdtnMEf
tBLdj7APoV0rWkvt0GB3ZhqwbILq/JTUelxKiw32FCYbS4xnDxPrC+RD2kCdJITf
rkwtGZTjj42hfecQRkhu02LXJrEtCfWw5vqkZ5T/sO5X+DdVuqldXqIlSO6jbQcr
vP5Pe6AABY1CZUt4AFlmMvIk9/Mt4aGfZVWuNaULzKwCnvf585yhu5gSDXUWFEyq
rXrWrJUD+zXmBNf56L48YmgrSynuP/uYM9tPBJVwlVf01fJ6A/3FmTLl+QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPb5tvKWQ81yg6PjRquWH43K/9ElMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOXZtMjhwWkR6WEtEby1OR3E1WWZqY3JfMFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAowWTMAwD
BACjBZsDBAGjBZwDBACjBcgwDAMEAaMFzgMEAaMF0AMEAKMF1TANBgkqhkiG9w0B
AQsFAAOCAQEAe0phKMRmI6YwfrynN4Txh6N1XANgFHRulZqQ3OlDPCs9Uhb7Qy+y
9DkDuIXdw64XymCvpYs8+v0pX14iB/nX9PB7H7IJWQy9qj/PShHCOsn2xQl4ENlL
G/WL5LjTHyuKY7NXPSPFaGwrkcKVuwsmR39HHN8cVOOZR8NBHFdqu+XICy/I4nHA
jeOrTLvVCVqsA3v65PJjziQ9FYusWwT2wLKCGmlzLdX1Aw7GLAe3wJRBVlDovixR
pL2uwEJQ9iXTak4SKBKW1ErNycXdQ3FFMlM+B4j5wzYIzm6n6xWq0IgE93v955MT
+LZZPikOcsCZj0PVI33+VXmW/AZ+utpwmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org