Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DDpYehX2u-_eH__qByqB3ndLgKQ.roa
File: DDpYehX2u-_eH__qByqB3ndLgKQ.roa (raw, json)
Hash identifier: roXPJmfNCzgUr5nmrvpSIU1oEXofGse/0I4t+Z4Urb0=
Subject key identifier: 0C:3A:58:7A:15:F6:BB:EF:DE:1F:FF:EA:07:2A:81:DE:77:4B:80:A4
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019083BC5F817E4D3709D4200A2733E7BA16
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DDpYehX2u-_eH__qByqB3ndLgKQ.roa
Signing time: Fri 05 Jul 2024 16:31:18 +0000
ROA not before: Fri 05 Jul 2024 16:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.34.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jul 2024 20:17:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:83:bc:5f:81:7e:4d:37:09:d4:20:0a:27:33:e7:ba:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 5 16:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c3a587a15f6bbefde1fffea072a81de774b80a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:74:03:70:50:b9:27:23:0e:7b:8c:29:99:b9:
a7:0b:89:2b:18:81:76:3b:7c:b4:88:e2:8d:37:df:
51:69:ba:1c:12:e4:51:7e:22:b4:94:83:b8:35:41:
4f:95:bc:be:3f:3a:f4:2c:f0:16:d1:12:0c:9d:c4:
b7:6e:55:e1:ef:42:75:0c:eb:bf:f1:00:fa:02:4e:
94:03:dd:05:eb:ff:7d:ba:8c:5b:58:fa:fc:79:47:
2f:7b:1a:19:9e:84:c3:25:a7:2f:22:30:fb:c6:6c:
ee:3b:0d:ff:b2:97:c1:19:8c:c2:66:f5:ed:50:64:
84:db:3a:f9:ae:64:2b:18:a7:dd:9d:4f:5e:f6:91:
e0:1a:95:0c:47:6d:f2:52:5b:25:e3:3b:54:e3:a5:
5b:c5:cd:94:f8:c3:67:04:a5:51:f9:7a:6a:8f:5b:
99:8f:2f:2a:6c:20:03:a5:8d:6e:c4:af:ae:a8:22:
05:12:2d:20:3d:1c:e7:17:bc:ba:4a:c3:d8:18:52:
41:e8:f7:ac:da:75:16:59:de:52:86:78:52:b8:2f:
67:af:70:84:c0:61:5b:c4:b5:fc:8a:d9:bc:9b:c7:
f2:c5:e9:7f:23:48:a8:e6:8b:f1:16:1d:6f:03:38:
a7:72:b0:ca:60:96:af:05:31:08:46:0f:09:ec:e8:
a0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3A:58:7A:15:F6:BB:EF:DE:1F:FF:EA:07:2A:81:DE:77:4B:80:A4
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DDpYehX2u-_eH__qByqB3ndLgKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.118.0/24
163.5.153.0-163.5.154.255
163.5.177.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:b2:fb:eb:42:40:48:d8:70:61:db:f9:33:92:09:2b:5c:d1:
60:48:11:85:83:6b:35:45:5d:89:b2:7a:4c:0f:33:48:22:88:
cb:84:c5:45:5b:69:de:3d:e5:0e:9b:66:4b:7b:62:2a:d2:67:
3c:52:33:78:a0:9a:21:71:c6:05:f2:00:bd:c6:c4:5c:b9:c5:
f9:1c:a3:da:93:b9:51:e4:32:4d:5d:09:47:3b:82:84:83:cd:
6f:ee:bd:88:60:c4:45:71:2a:3c:1d:bb:09:a3:90:c7:18:87:
a1:3a:7a:e0:5b:d7:e6:88:0c:ee:e9:c9:3b:8f:fe:e0:fc:85:
d9:f4:1e:b2:82:21:99:47:77:a2:53:12:d6:e3:0f:d7:fc:d3:
70:b6:5d:79:7b:29:0c:45:f4:e9:fc:a7:27:6f:21:37:de:79:
fb:90:37:14:dc:ea:50:1c:fd:37:8e:70:ff:8f:6b:56:2e:6d:
f1:86:3f:5b:0e:2d:e4:51:50:62:3c:b4:ac:f6:50:8a:76:70:
6f:6e:84:c7:31:ae:21:fe:b2:2b:2a:f5:79:0a:8c:1f:f9:ab:
b6:d3:ef:f9:a6:0f:1b:fc:5d:fd:73:9a:0e:fd:68:ac:e7:d0:
63:35:f1:09:4c:76:85:49:1a:19:a9:05:0e:51:48:c1:e6:93:
57:e5:b1:76
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZCDvF+Bfk03CdQgCicz57oWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzA1MTYzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNhNTg3YTE1ZjZiYmVmZGUxZmZmZWEwNzJhODFkZTc3NGI4MGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHQDcFC5JyMOe4wpmbmnC4krGIF2
O3y0iOKNN99RabocEuRRfiK0lIO4NUFPlby+Pzr0LPAW0RIMncS3blXh70J1DOu/
8QD6Ak6UA90F6/99uoxbWPr8eUcvexoZnoTDJacvIjD7xmzuOw3/spfBGYzCZvXt
UGSE2zr5rmQrGKfdnU9e9pHgGpUMR23yUlsl4ztU46Vbxc2U+MNnBKVR+Xpqj1uZ
jy8qbCADpY1uxK+uqCIFEi0gPRznF7y6SsPYGFJB6Pes2nUWWd5ShnhSuC9nr3CE
wGFbxLX8itm8m8fyxel/I0io5ovxFh1vAzincrDKYJavBTEIRg8J7OigUQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAw6WHoV9rvv3h//6gcqgd53S4CkMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRERwWWVoWDJ1LV9lSF9fcUJ5cUIzbmRMZ0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowUiAwQA
owV2MAwDBACjBZkDBACjBZoDBACjBbEDBACjBfwwDQYJKoZIhvcNAQELBQADggEB
AHqy++tCQEjYcGHb+TOSCStc0WBIEYWDazVFXYmyekwPM0giiMuExUVbad495Q6b
Zkt7YirSZzxSM3igmiFxxgXyAL3GxFy5xfkco9qTuVHkMk1dCUc7goSDzW/uvYhg
xEVxKjwduwmjkMcYh6E6euBb1+aIDO7pyTuP/uD8hdn0HrKCIZlHd6JTEtbjD9f8
03C2XXl7KQxF9On8pydvITfeefuQNxTc6lAc/TeOcP+Pa1YubfGGP1sOLeRRUGI8
tKz2UIp2cG9uhMcxriH+sisq9XkKjB/5q7bT7/mmDxv8Xf1zmg79aKzn0GM18QlM
doVJGhmpBQ5RSMHmk1flsXY=
-----END CERTIFICATE-----
Generated at Wed Jul 31 22:46:34 2024 by rpki-client on console-fra.rpki-client.org