Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DXq1fUM1bQ1mrnDSJ0Fy_cERpFc.roa
File: DXq1fUM1bQ1mrnDSJ0Fy_cERpFc.roa (raw, json)
Hash identifier: U0ZUmTeaWfS4QvQAhXlgWGm49Rk1IcrwtDoS6M8EBjo=
Subject key identifier: 0D:7A:B5:7D:43:35:6D:0D:66:AE:70:D2:27:41:72:FD:C1:11:A4:57
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018729EC10A73FF6043083B080C75538C5A7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DXq1fUM1bQ1mrnDSJ0Fy_cERpFc.roa
Signing time: Tue 28 Mar 2023 20:32:29 +0000
ROA not before: Tue 28 Mar 2023 20:32:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Mar 2023 20:39:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:29:ec:10:a7:3f:f6:04:30:83:b0:80:c7:55:38:c5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 28 20:32:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d7ab57d43356d0d66ae70d2274172fdc111a457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:eb:05:14:6c:6c:c8:d4:94:88:27:88:b7:d9:
aa:9a:31:8d:11:92:41:07:7f:6b:85:0c:ff:8b:cf:
45:23:67:68:6d:6d:8f:08:8f:b0:38:c6:5c:eb:c8:
05:05:84:89:71:2e:b3:25:9f:82:56:0d:6f:87:2e:
aa:88:7a:40:ac:55:b6:f4:14:ec:2b:3d:c1:57:9e:
be:a9:35:e8:34:b6:ad:d7:c9:a7:ba:5c:93:fc:a3:
67:dc:11:fe:cb:39:f2:58:c0:2e:1a:16:ec:e9:4d:
cb:5f:ac:d1:f4:20:6b:58:a6:df:6a:cd:6f:a3:58:
bd:48:da:5b:7b:df:fb:6a:7f:3f:4f:41:a6:db:7e:
bb:f9:6a:0f:1b:16:52:30:04:f6:87:75:57:c2:a0:
1d:00:b0:d7:75:74:f2:72:07:c9:d7:33:f3:83:be:
67:3d:1b:f4:6d:e0:16:ee:fd:85:20:01:89:c6:31:
cc:8c:69:90:d6:7e:12:9b:02:93:11:fa:78:59:0e:
e9:3b:69:37:49:6f:6f:9c:88:be:f6:6d:ec:66:21:
ae:3e:54:aa:2d:11:df:7b:b4:77:1f:89:bd:08:02:
c9:b5:5e:2c:06:90:30:28:e3:1d:d3:6f:1e:a7:d6:
1b:4e:f8:f5:90:79:1c:29:d7:0d:93:3a:b0:7c:33:
46:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:7A:B5:7D:43:35:6D:0D:66:AE:70:D2:27:41:72:FD:C1:11:A4:57
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DXq1fUM1bQ1mrnDSJ0Fy_cERpFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.134.0/24
163.5.189.0/24
163.5.192.0/24
163.5.228.0/24
163.5.238.0/24
Signature Algorithm: sha256WithRSAEncryption
77:68:3f:ab:7d:f3:8d:60:cf:14:d6:90:ba:b5:92:8d:6b:26:
06:6f:65:48:fc:09:27:a2:f1:96:e3:75:13:6d:6b:2b:bf:08:
1e:c5:a1:b6:50:7e:e3:f2:81:e5:ca:c3:70:05:4e:7b:09:8c:
6e:35:9a:a9:05:be:11:61:5d:3c:b8:4b:65:c2:19:58:60:24:
d4:02:3f:16:db:3f:78:e2:40:7d:c1:da:32:12:66:4b:18:de:
ad:d9:14:69:f6:54:1a:fa:71:1d:bb:08:54:7e:6a:79:bc:59:
b3:58:14:de:58:78:33:70:82:cc:0d:84:98:06:2c:06:68:e2:
04:03:9f:ba:c9:6f:ec:c1:3d:66:4e:17:0c:bb:c8:0f:b6:ab:
78:9a:5a:e9:f4:4f:7b:d1:a7:f1:3d:fa:4d:74:9a:4c:79:a5:
48:20:f4:a8:b4:e3:4c:0c:57:95:83:8f:e8:af:93:f1:55:0b:
6d:41:ec:10:b9:82:1b:a1:c7:56:d4:22:ce:77:af:8b:2e:7a:
77:05:b2:74:31:87:0d:03:11:c6:4a:ee:86:c8:31:b2:24:16:
06:8f:44:46:fc:51:e1:fe:91:01:e5:5c:c9:db:2f:d0:f7:0d:
21:67:ee:47:40:32:86:84:c4:50:24:b4:46:f3:1c:8e:10:bc:
74:4b:12:a6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYcp7BCnP/YEMIOwgMdVOMWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMzI4MjAzMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDdhYjU3ZDQzMzU2ZDBkNjZhZTcwZDIyNzQxNzJmZGMxMTFhNDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+sFFGxsyNSUiCeIt9mqmjGNEZJB
B39rhQz/i89FI2dobW2PCI+wOMZc68gFBYSJcS6zJZ+CVg1vhy6qiHpArFW29BTs
Kz3BV56+qTXoNLat18mnulyT/KNn3BH+yznyWMAuGhbs6U3LX6zR9CBrWKbfas1v
o1i9SNpbe9/7an8/T0Gm2367+WoPGxZSMAT2h3VXwqAdALDXdXTycgfJ1zPzg75n
PRv0beAW7v2FIAGJxjHMjGmQ1n4SmwKTEfp4WQ7pO2k3SW9vnIi+9m3sZiGuPlSq
LRHfe7R3H4m9CALJtV4sBpAwKOMd028ep9YbTvj1kHkcKdcNkzqwfDNGtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA16tX1DNW0NZq5w0idBcv3BEaRXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRFhxMWZVTTFiUTFtcm5EU0owRnlfY0VScEZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowWGAwQA
owW9AwQAowXAAwQAowXkAwQAowXuMA0GCSqGSIb3DQEBCwUAA4IBAQB3aD+rffON
YM8U1pC6tZKNayYGb2VI/AknovGW43UTbWsrvwgexaG2UH7j8oHlysNwBU57CYxu
NZqpBb4RYV08uEtlwhlYYCTUAj8W2z944kB9wdoyEmZLGN6t2RRp9lQa+nEduwhU
fmp5vFmzWBTeWHgzcILMDYSYBiwGaOIEA5+6yW/swT1mThcMu8gPtqt4mlrp9E97
0afxPfpNdJpMeaVIIPSotONMDFeVg4/or5PxVQttQewQuYIbocdW1CLOd6+LLnp3
BbJ0MYcNAxHGSu6GyDGyJBYGj0RG/FHh/pEB5VzJ2y/Q9w0hZ+5HQDKGhMRQJLRG
8xyOELx0SxKm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org