Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ED_qARt_1QKkz5RAWhaDR-T28RE.roa
File: ED_qARt_1QKkz5RAWhaDR-T28RE.roa (raw, json)
Hash identifier: KzGWfS91I+FDevX8TIeBIlXevZzWtrqgJSUhCl1hgNE=
Subject key identifier: 10:3F:EA:01:1B:7F:D5:02:A4:CF:94:40:5A:16:83:47:E4:F6:F1:11
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01887DC48A08393B93EF6FD2E10886C63996
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ED_qARt_1QKkz5RAWhaDR-T28RE.roa
Signing time: Fri 02 Jun 2023 20:20:12 +0000
ROA not before: Fri 02 Jun 2023 20:20:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 163.5.212.0/24 maxlen: 24
163.5.105.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.115.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.242.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 16:36:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7d:c4:8a:08:39:3b:93:ef:6f:d2:e1:08:86:c6:39:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 2 20:20:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=103fea011b7fd502a4cf94405a168347e4f6f111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ed:28:88:77:8d:6b:0a:22:5d:e3:85:40:f7:
31:48:00:5c:10:42:26:7e:a5:72:37:fa:52:bc:26:
13:f4:8d:ba:04:02:07:46:a6:85:27:d8:12:ec:60:
1e:0e:5e:59:35:3b:8e:10:51:3a:5f:06:ad:ea:91:
8b:27:45:6f:8a:25:01:25:2a:eb:44:7e:15:16:f0:
f2:8d:72:3d:f6:0f:e6:3e:d2:ed:44:0e:fd:37:99:
48:2f:49:af:a5:75:a1:fb:2b:9f:61:34:cf:b3:a3:
46:2f:77:65:15:aa:14:10:46:50:ab:58:14:02:9a:
8f:be:a2:09:a7:9f:5e:18:68:f3:ae:d8:e2:e5:6c:
c6:5d:11:31:27:2b:3b:ed:f4:40:b8:ba:16:31:d3:
f2:17:d8:76:67:bb:da:43:05:6f:a8:64:09:dd:8a:
87:f5:5a:c3:86:9f:99:34:cd:87:67:99:25:38:a0:
4a:fd:46:f1:7c:b3:94:fa:4a:7f:fd:52:7a:30:20:
ab:3d:b6:8f:7e:f6:0e:25:8f:9c:3d:18:d4:34:3d:
78:36:7d:ff:66:e4:99:1d:2e:ca:44:eb:e8:b5:b6:
12:5d:4d:73:1b:0e:23:62:df:22:8d:e7:80:fc:8d:
e4:06:70:66:77:db:61:53:59:88:84:fc:6f:c5:25:
d8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:3F:EA:01:1B:7F:D5:02:A4:CF:94:40:5A:16:83:47:E4:F6:F1:11
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ED_qARt_1QKkz5RAWhaDR-T28RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.105.0-163.5.106.255
163.5.115.0/24
163.5.153.0/24
163.5.159.0/24
163.5.168.0/24
163.5.212.0/24
163.5.220.0/24
163.5.242.0/24
Signature Algorithm: sha256WithRSAEncryption
52:aa:c9:3f:8f:3e:94:c5:b4:c2:74:35:15:b2:3d:0f:a5:5c:
95:cb:c3:92:c4:2d:ce:71:56:f7:9e:bb:2f:a2:86:09:79:00:
fd:9c:b1:f3:c2:70:6c:90:87:58:92:f1:c3:ea:42:51:9f:ce:
ef:c8:3e:eb:71:87:e2:ad:04:58:54:cc:b0:cf:27:40:11:ff:
5b:d8:1a:ea:61:ee:8e:49:75:ab:c4:c1:7d:3c:6d:31:15:91:
fe:5d:d8:e4:1c:24:ce:e8:c3:dd:c6:28:ef:a7:bc:13:e7:35:
81:c2:f1:db:6c:ee:0e:a6:ea:71:06:18:16:c9:ea:0f:3a:e9:
96:c6:a1:de:c9:e8:ec:24:e2:19:d6:65:fd:12:09:0c:1f:b4:
ed:d5:4c:44:b2:5b:ae:b9:a9:35:34:a2:3d:2b:dc:81:ac:1f:
52:a4:f9:53:35:46:0b:46:2b:41:42:22:eb:8e:54:80:69:f2:
ee:2e:17:8c:6a:ad:d5:cc:5a:a3:73:42:79:74:45:8d:96:c7:
8a:f2:e5:9c:a8:e8:b5:25:85:75:a3:20:c9:8f:88:84:44:d5:
8e:8c:4f:0c:43:9f:5f:57:f2:f3:14:b9:19:d2:18:92:62:73:
2a:36:85:76:0a:55:b2:32:42:1b:eb:d8:6c:2b:36:51:43:27:
df:42:76:a8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYh9xIoIOTuT72/S4QiGxjmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjAyMjAyMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDNmZWEwMTFiN2ZkNTAyYTRjZjk0NDA1YTE2ODM0N2U0ZjZmMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+0oiHeNawoiXeOFQPcxSABcEEIm
fqVyN/pSvCYT9I26BAIHRqaFJ9gS7GAeDl5ZNTuOEFE6Xwat6pGLJ0VviiUBJSrr
RH4VFvDyjXI99g/mPtLtRA79N5lIL0mvpXWh+yufYTTPs6NGL3dlFaoUEEZQq1gU
ApqPvqIJp59eGGjzrtji5WzGXRExJys77fRAuLoWMdPyF9h2Z7vaQwVvqGQJ3YqH
9VrDhp+ZNM2HZ5klOKBK/UbxfLOU+kp//VJ6MCCrPbaPfvYOJY+cPRjUND14Nn3/
ZuSZHS7KROvotbYSXU1zGw4jYt8ijeeA/I3kBnBmd9thU1mIhPxvxSXYUwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFBA/6gEbf9UCpM+UQFoWg0fk9vERMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRURfcUFSdF8xUUtrejVSQVdoYURSLVQyOFJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAowUgMAwD
BACjBWkDBACjBWoDBACjBXMDBACjBZkDBACjBZ8DBACjBagDBACjBdQDBACjBdwD
BACjBfIwDQYJKoZIhvcNAQELBQADggEBAFKqyT+PPpTFtMJ0NRWyPQ+lXJXLw5LE
Lc5xVveeuy+ihgl5AP2csfPCcGyQh1iS8cPqQlGfzu/IPutxh+KtBFhUzLDPJ0AR
/1vYGuph7o5JdavEwX08bTEVkf5d2OQcJM7ow93GKO+nvBPnNYHC8dts7g6m6nEG
GBbJ6g866ZbGod7J6Owk4hnWZf0SCQwftO3VTESyW665qTU0oj0r3IGsH1Kk+VM1
RgtGK0FCIuuOVIBp8u4uF4xqrdXMWqNzQnl0RY2Wx4ry5Zyo6LUlhXWjIMmPiIRE
1Y6MTwxDn19X8vMUuRnSGJJicyo2hXYKVbIyQhvr2GwrNlFDJ99Cdqg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org