Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BExsrglB_Sj4zR8_1d1zRapYn4U.roa
File: BExsrglB_Sj4zR8_1d1zRapYn4U.roa (raw, json)
Hash identifier: iz8ckmL14PyAm2ogTGVVqheUpfI6nuYfKSr4VFfTCJU=
Subject key identifier: 04:4C:6C:AE:09:41:FD:28:F8:CD:1F:3F:D5:DD:73:45:AA:58:9F:85
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0190D0C60F6A8B6A35031BBC87CA09DB336D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BExsrglB_Sj4zR8_1d1zRapYn4U.roa
Signing time: Sat 20 Jul 2024 15:32:39 +0000
ROA not before: Sat 20 Jul 2024 15:32:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 163.5.124.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 10:56:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d0:c6:0f:6a:8b:6a:35:03:1b:bc:87:ca:09:db:33:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 20 15:32:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=044c6cae0941fd28f8cd1f3fd5dd7345aa589f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:88:e0:87:00:92:cb:2a:0e:10:06:b8:72:64:
2b:ca:c8:e6:4a:fa:96:13:55:23:ea:b5:39:92:64:
13:20:e8:55:40:f9:51:d7:1b:37:84:1c:fb:2b:3e:
85:61:b3:79:17:0c:db:f4:7b:dc:a6:25:83:86:4c:
02:9f:d4:74:8c:69:d7:69:fb:5c:5d:9a:9d:83:d1:
32:c6:ee:aa:e4:b9:a7:fe:20:af:32:67:b3:03:c2:
17:d8:b7:5d:e7:a9:b5:a9:5b:97:f4:8c:93:53:24:
f9:2e:df:95:83:7c:cb:e8:3a:9e:7e:bd:7e:f5:5b:
3d:cd:23:31:4a:db:47:02:86:a9:6d:62:b2:ef:1d:
42:5f:61:39:b5:f5:cb:41:06:38:51:ef:e8:4a:4f:
f8:e0:85:ff:19:14:d7:2e:20:d7:bb:56:6c:75:1f:
fd:68:5f:b1:89:b8:33:89:b8:92:25:fd:e8:d6:42:
9d:90:29:f8:4a:93:bb:10:42:49:34:74:5f:1a:53:
f8:a7:99:fa:54:19:b8:70:88:97:57:6a:8d:e7:38:
30:8c:d1:8c:86:b4:cf:1e:a9:54:a6:e8:f2:0e:fc:
68:94:47:69:80:d3:1b:55:3f:78:99:f0:d3:9b:3d:
62:47:49:01:78:38:4d:fc:ff:47:66:73:4e:ec:a0:
4c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:4C:6C:AE:09:41:FD:28:F8:CD:1F:3F:D5:DD:73:45:AA:58:9F:85
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BExsrglB_Sj4zR8_1d1zRapYn4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.124.0/24
163.5.136.0/24
163.5.166.0/24
163.5.173.0/24
Signature Algorithm: sha256WithRSAEncryption
88:38:5f:a2:27:4c:8a:c2:0e:04:3c:3e:16:b4:74:27:85:3c:
03:73:cb:c8:78:97:7a:0c:55:81:18:d0:9c:cb:4c:de:50:10:
85:29:cb:8d:22:a2:3d:cb:f3:1c:a7:2a:c2:81:c8:91:19:41:
35:53:40:b6:af:e7:d4:76:2e:f1:1c:ae:6b:d4:84:cb:b3:78:
20:55:cd:06:e9:2d:c3:ef:d0:35:c2:e0:64:fb:aa:9a:60:c2:
8b:ab:9f:32:aa:85:82:8e:36:9a:dc:2a:81:66:79:ac:a7:28:
2a:e3:1a:5e:c0:83:fb:f7:b0:c5:0f:cb:24:5d:6f:17:b9:50:
8b:3d:47:53:12:19:64:fc:9c:a8:71:d2:33:f1:ac:e4:88:64:
94:cb:3f:35:ce:4a:cc:40:d9:6e:ef:b3:b5:11:58:5c:a9:ef:
11:14:5c:6d:a4:97:d7:a1:e1:b5:c9:b0:c1:8b:84:79:79:d8:
81:15:97:d0:0d:0a:8a:86:87:9c:82:d3:ed:a4:a4:f8:e7:40:
ea:86:6d:49:e7:a1:78:a1:8e:d2:e4:4b:bc:0e:dc:4a:f8:6d:
22:fc:49:61:67:22:89:53:2c:72:20:37:41:2c:45:5a:28:1e:
94:8a:7d:95:1e:a6:3a:35:b2:a9:a0:a0:8f:9a:ff:a4:91:41:
6a:ad:fc:79
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZDQxg9qi2o1Axu8h8oJ2zNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzIwMTUzMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDRjNmNhZTA5NDFmZDI4ZjhjZDFmM2ZkNWRkNzM0NWFhNTg5Zjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYjghwCSyyoOEAa4cmQrysjmSvqW
E1Uj6rU5kmQTIOhVQPlR1xs3hBz7Kz6FYbN5Fwzb9HvcpiWDhkwCn9R0jGnXaftc
XZqdg9Eyxu6q5Lmn/iCvMmezA8IX2Ldd56m1qVuX9IyTUyT5Lt+Vg3zL6Dqefr1+
9Vs9zSMxSttHAoapbWKy7x1CX2E5tfXLQQY4Ue/oSk/44IX/GRTXLiDXu1ZsdR/9
aF+xibgzibiSJf3o1kKdkCn4SpO7EEJJNHRfGlP4p5n6VBm4cIiXV2qN5zgwjNGM
hrTPHqlUpujyDvxolEdpgNMbVT94mfDTmz1iR0kBeDhN/P9HZnNO7KBMmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFARMbK4JQf0o+M0fP9Xdc0WqWJ+FMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQkV4c3JnbEJfU2o0elI4XzFkMXpSYXBZbjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowV8AwQA
owWIAwQAowWmAwQAowWtMA0GCSqGSIb3DQEBCwUAA4IBAQCIOF+iJ0yKwg4EPD4W
tHQnhTwDc8vIeJd6DFWBGNCcy0zeUBCFKcuNIqI9y/McpyrCgciRGUE1U0C2r+fU
di7xHK5r1ITLs3ggVc0G6S3D79A1wuBk+6qaYMKLq58yqoWCjjaa3CqBZnmspygq
4xpewIP797DFD8skXW8XuVCLPUdTEhlk/JyocdIz8azkiGSUyz81zkrMQNlu77O1
EVhcqe8RFFxtpJfXoeG1ybDBi4R5ediBFZfQDQqKhoecgtPtpKT450Dqhm1J56F4
oY7S5Eu8DtxK+G0i/ElhZyKJUyxyIDdBLEVaKB6Uin2VHqY6NbKpoKCPmv+kkUFq
rfx5
-----END CERTIFICATE-----
Generated at Sun Aug 11 13:09:05 2024 by rpki-client on console-fra.rpki-client.org