Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DmElpmAP7ars4Tt279HPWweY01M.roa
File: DmElpmAP7ars4Tt279HPWweY01M.roa (raw, json)
Hash identifier: JRUzjdJfbyeF10XrfVd/L4M/IgVaUo8fU8XMTJaTNLE=
Subject key identifier: 0E:61:25:A6:60:0F:ED:AA:EC:E1:3B:76:EF:D1:CF:5B:07:98:D3:53
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194E1E7A198E0A19400389E9DBEF28C1D56
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DmElpmAP7ars4Tt279HPWweY01M.roa
Signing time: Fri 07 Feb 2025 19:34:01 +0000
ROA not before: Fri 07 Feb 2025 19:34:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 163.5.14.0/24 maxlen: 24
163.5.61.0/24 maxlen: 24
163.5.91.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.239.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 12:09:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e1:e7:a1:98:e0:a1:94:00:38:9e:9d:be:f2:8c:1d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 7 19:34:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e6125a6600fedaaece13b76efd1cf5b0798d353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cf:f4:f4:71:6e:33:f9:18:96:b8:5d:ba:e4:
c0:a2:9b:c7:41:c3:d5:e3:0c:7c:80:49:07:ed:b5:
cb:0c:58:09:46:76:6d:13:22:f8:ff:99:00:b9:8e:
88:09:7a:45:b5:d4:f2:43:98:80:8f:bc:a5:b0:e8:
b9:1b:04:a7:f7:14:cb:93:5b:38:56:04:d1:52:ad:
c5:cb:b4:b9:02:82:01:d6:f7:ab:49:21:a1:fa:42:
2b:20:db:53:74:60:b3:3e:1f:51:e3:37:e1:cf:26:
f0:fc:f5:60:c6:1f:2b:60:64:33:b7:83:eb:b2:cc:
05:62:36:44:8c:b3:b3:14:09:3f:cb:37:53:8d:d6:
7d:2d:29:79:24:e7:ca:36:c6:5d:8a:ae:c7:86:e3:
7d:07:00:42:d5:54:55:1a:6a:5e:33:9b:b6:0f:73:
b3:9b:57:c5:6a:0b:7f:57:e4:99:9b:99:25:7b:13:
27:b1:9f:63:ca:a6:80:d5:70:4d:ec:f4:cc:9a:02:
30:12:f8:9a:f0:f6:c3:53:ad:f3:0c:01:fa:0c:d9:
2a:54:2b:f6:41:39:51:62:c1:3f:51:54:e2:02:9a:
df:58:62:7d:3e:41:b0:47:ee:6f:b8:e0:43:03:53:
ae:68:d8:4d:7a:20:5a:d7:52:8e:57:30:c9:49:a9:
90:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:61:25:A6:60:0F:ED:AA:EC:E1:3B:76:EF:D1:CF:5B:07:98:D3:53
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DmElpmAP7ars4Tt279HPWweY01M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.14.0/24
163.5.61.0/24
163.5.91.0/24
163.5.140.0/24
163.5.211.0/24
163.5.215.0/24
163.5.239.0/24
163.5.245.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
85:71:5a:10:18:1a:bc:25:67:95:a5:a4:5d:81:bc:03:f0:5b:
13:72:45:38:64:52:d2:ad:a2:3f:cc:b4:ec:63:eb:9e:79:df:
8c:25:c0:b2:d3:4e:38:ef:0a:aa:75:2f:9e:25:63:b0:31:e0:
43:cf:32:2f:9d:f2:57:35:78:88:b2:20:e4:35:0b:0e:69:a2:
f5:0d:36:8c:62:0b:bb:2e:84:3b:3a:8a:c8:9e:4a:23:6e:fa:
6c:a6:42:e7:d5:ce:c8:58:73:67:60:56:d9:ca:1d:f7:9a:a0:
ce:fd:2e:4d:17:e8:a8:0d:3a:79:c7:c9:db:ba:98:79:c7:44:
74:71:83:20:ab:34:4f:0d:77:5f:23:e9:71:db:2b:92:e1:d0:
61:9e:4a:96:a2:4b:c5:da:81:7b:4e:1f:62:8c:b7:78:9d:7d:
c8:39:9e:38:1e:34:f8:76:86:25:99:dd:a8:17:0f:64:18:b6:
76:2d:95:a7:ef:ce:b0:94:72:f5:9d:7f:1a:42:bd:72:a9:6a:
d0:43:3b:d8:17:b5:c6:cc:ae:cf:d2:83:49:c5:c6:72:be:13:
77:19:db:2f:52:f9:7c:1f:d7:71:4d:07:91:ef:02:b8:27:db:
ae:d9:87:73:d9:4b:34:f2:2f:45:49:72:3f:24:ae:26:b9:25:
6f:b3:b7:a9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZTh56GY4KGUADienb7yjB1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMjA3MTkzNDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTYxMjVhNjYwMGZlZGFhZWNlMTNiNzZlZmQxY2Y1YjA3OThkMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8/09HFuM/kYlrhduuTAopvHQcPV
4wx8gEkH7bXLDFgJRnZtEyL4/5kAuY6ICXpFtdTyQ5iAj7ylsOi5GwSn9xTLk1s4
VgTRUq3Fy7S5AoIB1verSSGh+kIrINtTdGCzPh9R4zfhzybw/PVgxh8rYGQzt4Pr
sswFYjZEjLOzFAk/yzdTjdZ9LSl5JOfKNsZdiq7HhuN9BwBC1VRVGmpeM5u2D3Oz
m1fFagt/V+SZm5klexMnsZ9jyqaA1XBN7PTMmgIwEvia8PbDU63zDAH6DNkqVCv2
QTlRYsE/UVTiAprfWGJ9PkGwR+5vuOBDA1OuaNhNeiBa11KOVzDJSamQLwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFA5hJaZgD+2q7OE7du/Rz1sHmNNTMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRG1FbHBtQVA3YXJzNFR0Mjc5SFBXd2VZMDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAowUOAwQA
owU9AwQAowVbAwQAowWMAwQAowXTAwQAowXXAwQAowXvAwQAowX1AwQAowX/MA0G
CSqGSIb3DQEBCwUAA4IBAQCFcVoQGBq8JWeVpaRdgbwD8FsTckU4ZFLSraI/zLTs
Y+ueed+MJcCy00447wqqdS+eJWOwMeBDzzIvnfJXNXiIsiDkNQsOaaL1DTaMYgu7
LoQ7OorInkojbvpspkLn1c7IWHNnYFbZyh33mqDO/S5NF+ioDTp5x8nbuph5x0R0
cYMgqzRPDXdfI+lx2yuS4dBhnkqWokvF2oF7Th9ijLd4nX3IOZ44HjT4doYlmd2o
Fw9kGLZ2LZWn786wlHL1nX8aQr1yqWrQQzvYF7XGzK7P0oNJxcZyvhN3GdsvUvl8
H9dxTQeR7wK4J9uu2Ydz2Us08i9FSXI/JK4muSVvs7ep
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:28 2025 by rpki-client