Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AEbZ4liPHABbLuAwv9OXxifM5js.roa
File: AEbZ4liPHABbLuAwv9OXxifM5js.roa (raw, json)
Hash identifier: Kl1v42b+4qKurcvEPoWv/myJUKHmnkUpXFwkgCBPC5A=
Subject key identifier: 00:46:D9:E2:58:8F:1C:00:5B:2E:E0:30:BF:D3:97:C6:27:CC:E6:3B
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018DDAA38E9FBB365959F4FF8E27858604BF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AEbZ4liPHABbLuAwv9OXxifM5js.roa
Signing time: Sat 24 Feb 2024 10:22:48 +0000
ROA not before: Sat 24 Feb 2024 10:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 163.5.154.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 11:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:da:a3:8e:9f:bb:36:59:59:f4:ff:8e:27:85:86:04:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 24 10:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0046d9e2588f1c005b2ee030bfd397c627cce63b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8c:7a:a7:35:80:1d:89:fb:69:32:87:02:27:
00:8a:6b:9d:85:e0:08:13:24:a0:70:e4:21:b6:1f:
6d:34:15:62:6c:e5:dc:93:cc:13:3a:1b:f4:ba:38:
e0:f9:5f:94:74:15:f0:e1:7b:37:b3:ca:7b:3c:2b:
c6:e4:c2:75:96:4f:6c:d4:27:9b:89:58:b9:0b:5f:
67:ac:65:90:b6:f1:e2:68:cd:2a:29:dc:c4:43:f2:
93:70:8a:b5:ac:b9:25:7e:97:d4:a8:59:43:30:1d:
38:6a:5b:c2:ef:f1:2b:bb:76:66:44:f8:6b:c1:74:
bb:3b:90:ee:0d:c2:99:48:35:9d:f9:51:5b:83:7e:
72:67:a1:1a:6f:ba:3a:7a:0d:d2:f5:36:6e:83:35:
24:a9:d5:7a:c2:9a:74:b8:ca:c7:79:e5:00:00:7a:
ea:be:dd:6a:61:ae:59:13:6f:8f:fa:90:53:84:d9:
18:9f:c3:72:90:ad:ec:91:7f:b6:1f:05:71:37:2b:
12:fb:0d:a2:05:32:9e:b7:8d:3a:17:78:14:01:54:
d2:ec:df:c4:1e:43:01:54:64:cc:d8:e5:44:e2:d7:
41:8e:e9:c5:d4:f0:74:23:75:98:7d:3b:45:6e:38:
f0:91:9f:88:f7:cf:2a:a4:80:94:fc:e0:e8:fe:1b:
fe:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:46:D9:E2:58:8F:1C:00:5B:2E:E0:30:BF:D3:97:C6:27:CC:E6:3B
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AEbZ4liPHABbLuAwv9OXxifM5js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.154.0/24
163.5.192.0/23
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
80:91:f6:9f:db:aa:86:2e:a5:c1:88:0a:fb:14:2a:44:e9:65:
4c:78:f0:bd:dd:6b:5e:ea:2d:55:ca:64:fa:b9:20:5d:22:f8:
4e:8b:ac:a9:f1:91:b3:d5:d7:21:38:e9:3c:cb:75:fc:e9:c6:
2b:f5:46:54:81:6a:a0:f6:60:13:28:ca:85:29:a6:a8:61:f9:
11:76:55:d4:65:79:49:f2:09:7d:cf:8a:39:4d:90:10:30:a1:
78:b7:c5:a2:0a:c1:a8:df:c7:59:3c:65:36:0a:f9:0f:a9:4b:
fd:9e:5f:16:d4:96:8c:66:44:41:68:d8:da:e8:58:b4:a6:59:
5b:bc:b3:c4:56:3a:e7:14:cf:c6:3b:65:57:a9:56:34:50:6b:
ba:3e:13:e3:45:e5:c6:32:5f:c2:bb:53:16:31:ec:18:33:e1:
00:96:eb:db:85:ce:dd:e4:85:b1:e3:f0:04:71:b9:d8:71:80:
aa:88:29:7c:f8:70:25:0c:47:e0:0a:6c:d0:7c:4e:de:c5:1b:
6f:ce:cb:93:55:f3:72:c2:28:82:cf:97:09:a9:34:a5:8e:d1:
be:13:a1:95:b7:e3:03:8a:c2:f9:50:74:b1:4b:ee:a5:b3:b6:
41:34:46:08:14:ad:f1:85:50:67:c6:49:3d:e1:6b:04:e7:9f:
b5:ca:e4:27
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY3ao46fuzZZWfT/jieFhgS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjI0MTAyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDQ2ZDllMjU4OGYxYzAwNWIyZWUwMzBiZmQzOTdjNjI3Y2NlNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIx6pzWAHYn7aTKHAicAimudheAI
EySgcOQhth9tNBVibOXck8wTOhv0ujjg+V+UdBXw4Xs3s8p7PCvG5MJ1lk9s1Ceb
iVi5C19nrGWQtvHiaM0qKdzEQ/KTcIq1rLklfpfUqFlDMB04alvC7/Eru3ZmRPhr
wXS7O5DuDcKZSDWd+VFbg35yZ6Eab7o6eg3S9TZugzUkqdV6wpp0uMrHeeUAAHrq
vt1qYa5ZE2+P+pBThNkYn8NykK3skX+2HwVxNysS+w2iBTKet406F3gUAVTS7N/E
HkMBVGTM2OVE4tdBjunF1PB0I3WYfTtFbjjwkZ+I988qpICU/ODo/hv+fQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFABG2eJYjxwAWy7gML/Tl8YnzOY7MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQUViWjRsaVBIQUJiTHVBd3Y5T1h4aWZNNWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAowWaAwQB
owXAMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAICR9p/bqoYupcGI
CvsUKkTpZUx48L3da17qLVXKZPq5IF0i+E6LrKnxkbPV1yE46TzLdfzpxiv1RlSB
aqD2YBMoyoUppqhh+RF2VdRleUnyCX3PijlNkBAwoXi3xaIKwajfx1k8ZTYK+Q+p
S/2eXxbUloxmREFo2NroWLSmWVu8s8RWOucUz8Y7ZVepVjRQa7o+E+NF5cYyX8K7
UxYx7Bgz4QCW69uFzt3khbHj8ARxudhxgKqIKXz4cCUMR+AKbNB8Tt7FG2/Oy5NV
83LCKILPlwmpNKWO0b4ToZW34wOKwvlQdLFL7qWztkE0RggUrfGFUGfGST3hawTn
n7XK5Cc=
-----END CERTIFICATE-----
Generated at Mon Mar 11 14:52:25 2024 by rpki-client on console-fra.rpki-client.org