Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CxfZxHVKsN8Ta21aW76GY9TCigI.roa
File: CxfZxHVKsN8Ta21aW76GY9TCigI.roa (raw, json)
Hash identifier: xKguHNh7FNkBN/DBDLHfPbOJ2xPuXnbOPDp91n0/ckE=
Subject key identifier: 0B:17:D9:C4:75:4A:B0:DF:13:6B:6D:5A:5B:BE:86:63:D4:C2:8A:02
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01924D7BC159EF9E22B12956B80040164C9C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CxfZxHVKsN8Ta21aW76GY9TCigI.roa
Signing time: Wed 02 Oct 2024 13:46:48 +0000
ROA not before: Wed 02 Oct 2024 13:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 16:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:7b:c1:59:ef:9e:22:b1:29:56:b8:00:40:16:4c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 2 13:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b17d9c4754ab0df136b6d5a5bbe8663d4c28a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:87:c9:25:40:07:1b:bd:10:f1:c0:27:51:e7:
8f:79:85:0f:b3:c5:60:f7:16:cf:0f:d8:b9:8e:a6:
b4:55:31:33:7e:9e:ce:aa:af:9f:72:6a:52:e6:ab:
53:d2:6f:34:5c:e5:bb:9d:06:ac:20:fa:6f:05:7c:
8b:11:4b:45:01:f4:05:17:76:7b:23:ef:49:98:6c:
bc:cf:17:c5:92:2a:ae:1c:25:e2:f4:2f:c0:a7:a4:
4c:fd:8a:8a:4b:25:bd:5e:b6:a7:51:8d:12:0a:44:
ec:0b:06:0e:dd:e1:a0:71:90:84:02:f5:e4:a7:74:
f6:59:ab:60:eb:c1:95:c3:c0:36:38:b8:bd:30:e0:
2c:82:cf:78:a3:e8:8b:4c:67:98:56:6f:6d:e4:ac:
49:69:f1:fd:8e:47:1d:c9:1d:8c:65:c2:ee:8e:97:
f1:e3:78:0f:0e:b1:20:65:1c:bb:db:de:67:85:bb:
ca:ad:55:c2:cc:61:15:c6:ba:d7:ce:78:92:92:e7:
80:01:a0:8e:2d:78:1d:bf:1c:06:4d:cc:a9:0b:f6:
a2:32:25:60:c8:67:a6:df:20:4c:8d:e6:14:e0:22:
1f:a3:e7:aa:ba:f7:92:ea:92:af:1f:0b:37:e3:02:
52:cb:21:a9:6b:65:a1:b7:0a:4c:e3:c1:29:94:f7:
ab:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:17:D9:C4:75:4A:B0:DF:13:6B:6D:5A:5B:BE:86:63:D4:C2:8A:02
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CxfZxHVKsN8Ta21aW76GY9TCigI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.86.0/24
163.5.97.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
20:5b:6e:bf:99:03:36:6d:7d:40:0e:22:f7:41:f0:a0:9f:b9:
2e:08:4c:eb:9b:9e:fc:0d:92:4c:f2:c2:3d:61:6d:26:aa:3f:
e5:bd:3f:bb:f4:ca:14:30:6d:dc:5e:bc:46:9c:e5:52:63:1c:
d1:07:2d:13:74:1c:04:e2:33:9f:e2:f3:fb:18:71:73:88:34:
d3:70:9a:d3:f2:43:08:91:c8:01:3c:ab:8e:6d:e2:28:c9:a2:
22:81:5c:67:54:61:44:6e:3c:be:c0:26:ac:cd:78:b3:13:82:
8b:c7:f1:a6:0b:62:2d:d2:92:83:e3:18:20:f2:9f:99:e1:6a:
d7:7b:c5:68:5a:1f:5d:8b:94:d1:26:2f:bd:e1:d8:76:43:c9:
00:d4:7b:2f:98:95:42:2b:07:98:d3:e5:f9:c1:48:11:88:74:
d7:9a:4e:71:39:b9:4e:71:ee:7e:3c:12:84:49:0a:5f:2a:37:
7e:84:9c:55:ab:2e:29:37:b3:6c:ae:e4:30:c6:96:cc:b8:e2:
eb:39:e2:6e:3e:93:d1:b6:53:f4:ca:e9:22:8d:88:82:a2:06:
07:19:95:b9:87:04:7a:4a:60:76:e5:ca:15:ce:c7:df:88:59:
49:d1:b9:ef:94:70:2a:14:99:ea:e6:ce:fc:0f:90:59:37:b0:
73:94:31:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJNe8FZ754isSlWuABAFkycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMDAyMTM0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjE3ZDljNDc1NGFiMGRmMTM2YjZkNWE1YmJlODY2M2Q0YzI4YTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvofJJUAHG70Q8cAnUeePeYUPs8Vg
9xbPD9i5jqa0VTEzfp7Oqq+fcmpS5qtT0m80XOW7nQasIPpvBXyLEUtFAfQFF3Z7
I+9JmGy8zxfFkiquHCXi9C/Ap6RM/YqKSyW9XranUY0SCkTsCwYO3eGgcZCEAvXk
p3T2Watg68GVw8A2OLi9MOAsgs94o+iLTGeYVm9t5KxJafH9jkcdyR2MZcLujpfx
43gPDrEgZRy7295nhbvKrVXCzGEVxrrXzniSkueAAaCOLXgdvxwGTcypC/aiMiVg
yGem3yBMjeYU4CIfo+equveS6pKvHws34wJSyyGpa2WhtwpM48EplPergQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAsX2cR1SrDfE2ttWlu+hmPUwooCMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQ3hmWnhIVktzTjhUYTIxYVc3NkdZOVRDaWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowVWAwQA
owVhAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQAgW26/mQM2bX1ADiL3QfCgn7ku
CEzrm578DZJM8sI9YW0mqj/lvT+79MoUMG3cXrxGnOVSYxzRBy0TdBwE4jOf4vP7
GHFziDTTcJrT8kMIkcgBPKuObeIoyaIigVxnVGFEbjy+wCaszXizE4KLx/GmC2It
0pKD4xgg8p+Z4WrXe8VoWh9di5TRJi+94dh2Q8kA1HsvmJVCKweY0+X5wUgRiHTX
mk5xOblOce5+PBKESQpfKjd+hJxVqy4pN7NsruQwxpbMuOLrOeJuPpPRtlP0yuki
jYiCogYHGZW5hwR6SmB25coVzsffiFlJ0bnvlHAqFJnq5s78D5BZN7BzlDE2
-----END CERTIFICATE-----
Generated at Tue Nov 5 21:31:32 2024 by rpki-client on console-ams.rpki-client.org