Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FCzEK2Lf4HrRo8BIXxtV0FWEevk.roa
File: FCzEK2Lf4HrRo8BIXxtV0FWEevk.roa (raw, json)
Hash identifier: w03rOPz+cNMqgYlSxfWjGw/RV3psuYhYjMelLi9dgHA=
Subject key identifier: 14:2C:C4:2B:62:DF:E0:7A:D1:A3:C0:48:5F:1B:55:D0:55:84:7A:F9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D185526E005F952FE04144E6FECC69EE8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FCzEK2Lf4HrRo8BIXxtV0FWEevk.roa
Signing time: Wed 17 Jan 2024 16:50:50 +0000
ROA not before: Wed 17 Jan 2024 16:50:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56339
IP address blocks: 163.5.2.0/24 maxlen: 24
163.5.5.0/24 maxlen: 24
163.5.10.0/24 maxlen: 24
163.5.11.0/24 maxlen: 24
163.5.12.0/24 maxlen: 24
163.5.20.0/24 maxlen: 24
163.5.23.0/24 maxlen: 24
163.5.24.0/24 maxlen: 24
163.5.40.0/24 maxlen: 24
163.5.41.0/24 maxlen: 24
163.5.42.0/24 maxlen: 24
163.5.43.0/24 maxlen: 24
163.5.44.0/24 maxlen: 24
163.5.45.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.47.0/24 maxlen: 24
163.5.48.0/24 maxlen: 24
163.5.49.0/24 maxlen: 24
163.5.50.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.52.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.54.0/24 maxlen: 24
163.5.55.0/24 maxlen: 24
163.5.56.0/24 maxlen: 24
163.5.57.0/24 maxlen: 24
163.5.65.0/24 maxlen: 24
163.5.68.0/24 maxlen: 24
163.5.69.0/24 maxlen: 24
163.5.80.0/24 maxlen: 24
163.5.81.0/24 maxlen: 24
163.5.82.0/24 maxlen: 24
163.5.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 12:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:55:26:e0:05:f9:52:fe:04:14:4e:6f:ec:c6:9e:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 17 16:50:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=142cc42b62dfe07ad1a3c0485f1b55d055847af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:12:95:27:e0:63:eb:0e:be:61:04:8e:58:6a:
22:dc:99:ea:6d:6e:60:b4:80:89:47:8f:08:30:ac:
97:cc:ac:76:6b:27:04:e6:8f:c5:16:48:03:e6:64:
76:68:89:a4:d7:e8:15:56:58:6a:83:cf:da:6f:d6:
8a:dc:b1:9c:4e:26:84:46:77:6d:66:47:74:1f:17:
eb:eb:f7:47:7c:01:fb:d8:02:b7:e6:fb:ac:38:07:
95:1a:35:6f:9e:60:2c:3b:af:2d:31:d2:ad:31:ad:
4b:84:04:43:91:cc:a5:df:4e:35:cf:1b:49:9e:ef:
50:1d:8e:47:34:e4:35:d1:84:8e:11:51:a4:ef:0e:
60:67:f4:a1:50:a1:14:87:d2:79:83:c8:16:a2:26:
b3:1f:3a:b8:99:1f:52:f9:cd:4c:e5:57:12:0c:95:
d9:4f:47:f7:0c:3a:46:a6:c4:32:14:84:0a:cd:26:
bc:8f:86:82:e4:a5:76:93:ea:40:60:32:06:2a:ea:
c3:a8:3c:12:e8:a5:0b:d4:7c:af:8c:e9:1a:45:4e:
f3:29:3a:6a:af:44:0d:e9:d9:18:58:39:07:cd:10:
c8:d5:8d:9b:8d:77:bc:59:57:50:ab:bb:09:15:58:
90:d5:7a:42:76:e8:12:9a:f8:2b:0d:e3:97:1b:66:
e2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2C:C4:2B:62:DF:E0:7A:D1:A3:C0:48:5F:1B:55:D0:55:84:7A:F9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FCzEK2Lf4HrRo8BIXxtV0FWEevk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.2.0/24
163.5.5.0/24
163.5.10.0-163.5.12.255
163.5.20.0/24
163.5.23.0-163.5.24.255
163.5.40.0-163.5.57.255
163.5.65.0/24
163.5.68.0/23
163.5.80.0-163.5.82.255
163.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:f6:31:37:96:8d:0b:40:7a:40:51:f9:2e:24:60:a1:47:dd:
25:ca:a5:38:e0:17:b6:70:de:13:36:7c:48:d8:5f:0a:48:94:
1b:3b:a6:44:d3:e1:7f:15:50:80:63:cc:37:6d:67:98:4b:53:
d6:72:0d:e0:5e:ed:ae:95:8a:77:be:6a:c2:ba:95:c8:af:39:
e1:7d:d4:96:60:52:6d:81:56:49:82:90:ab:d5:c6:41:84:63:
fb:6c:fb:a5:96:63:b5:72:92:bf:e1:f9:cc:97:74:5d:64:cd:
ca:46:5f:7f:78:cc:16:64:30:77:5c:f1:78:bb:d1:80:a2:e3:
cf:68:17:f4:72:be:3d:21:ad:bc:13:49:05:19:c7:95:86:d4:
25:51:07:62:a6:77:2b:ed:7d:3a:89:eb:cf:df:5b:29:c3:df:
aa:51:4c:bc:ce:be:5e:ef:04:e5:9b:1f:74:0d:f9:87:48:0e:
c7:ed:37:05:28:9b:57:9c:30:9e:42:8d:18:4b:77:4c:74:68:
ec:4e:69:33:98:e4:8d:0a:6c:da:ed:76:f1:f9:12:b8:5a:1d:
72:72:25:3c:e5:c6:09:59:62:ad:3a:54:8f:72:d0:4e:3d:b5:
5e:ee:5f:b2:b8:d1:c2:22:0c:52:e2:e1:32:d4:16:19:63:ac:
c7:03:7f:58
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAY0YVSbgBflS/gQUTm/sxp7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTE3MTY1MDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDJjYzQyYjYyZGZlMDdhZDFhM2MwNDg1ZjFiNTVkMDU1ODQ3YWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxKVJ+Bj6w6+YQSOWGoi3JnqbW5g
tICJR48IMKyXzKx2aycE5o/FFkgD5mR2aImk1+gVVlhqg8/ab9aK3LGcTiaERndt
Zkd0Hxfr6/dHfAH72AK35vusOAeVGjVvnmAsO68tMdKtMa1LhARDkcyl3041zxtJ
nu9QHY5HNOQ10YSOEVGk7w5gZ/ShUKEUh9J5g8gWoiazHzq4mR9S+c1M5VcSDJXZ
T0f3DDpGpsQyFIQKzSa8j4aC5KV2k+pAYDIGKurDqDwS6KUL1HyvjOkaRU7zKTpq
r0QN6dkYWDkHzRDI1Y2bjXe8WVdQq7sJFViQ1XpCdugSmvgrDeOXG2biRwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFBQsxCti3+B60aPASF8bVdBVhHr5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRkN6RUsyTGY0SHJSbzhCSVh4dFYwRldFZXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAowUCAwQA
owUFMAwDBAGjBQoDBACjBQwDBACjBRQwDAMEAKMFFwMEAKMFGDAMAwQDowUoAwQB
owU4AwQAowVBAwQBowVEMAwDBASjBVADBACjBVIDBACjBVUwDQYJKoZIhvcNAQEL
BQADggEBADz2MTeWjQtAekBR+S4kYKFH3SXKpTjgF7Zw3hM2fEjYXwpIlBs7pkTT
4X8VUIBjzDdtZ5hLU9ZyDeBe7a6Vine+asK6lcivOeF91JZgUm2BVkmCkKvVxkGE
Y/ts+6WWY7Vykr/h+cyXdF1kzcpGX394zBZkMHdc8Xi70YCi489oF/Ryvj0hrbwT
SQUZx5WG1CVRB2KmdyvtfTqJ68/fWynD36pRTLzOvl7vBOWbH3QN+YdIDsftNwUo
m1ecMJ5CjRhLd0x0aOxOaTOY5I0KbNrtdvH5ErhaHXJyJTzlxglZYq06VI9y0E49
tV7uX7K40cIiDFLi4TLUFhljrMcDf1g=
-----END CERTIFICATE-----
Generated at Mon Jan 22 16:40:14 2024 by rpki-client on console-ams.rpki-client.org