Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/F_2cSCE0rtvpf5vxljdXH0vzKPg.roa
File: F_2cSCE0rtvpf5vxljdXH0vzKPg.roa (raw, json)
Hash identifier: Bxinp9X7NMQ6ef7s3KaOzhQjZXLGxbWcea5mD85WcKw=
Subject key identifier: 17:FD:9C:48:21:34:AE:DB:E9:7F:9B:F1:96:37:57:1F:4B:F3:28:F8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01908E3C5C8FFF8901CB3FEFAFD2F6AC54A5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/F_2cSCE0rtvpf5vxljdXH0vzKPg.roa
Signing time: Sun 07 Jul 2024 17:27:18 +0000
ROA not before: Sun 07 Jul 2024 17:27:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 163.5.31.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 16:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8e:3c:5c:8f:ff:89:01:cb:3f:ef:af:d2:f6:ac:54:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 7 17:27:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17fd9c482134aedbe97f9bf19637571f4bf328f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d1:d4:8e:5d:24:f1:d2:43:d9:c3:46:b7:0f:
09:35:b7:96:e7:e1:30:6b:50:a1:f8:cc:5c:66:57:
3f:b5:2a:c0:a7:91:29:98:3f:b3:06:82:a8:08:1f:
f0:5a:77:21:43:a0:63:96:6c:07:f1:f3:64:29:9f:
81:79:76:ea:db:63:49:c2:0b:60:78:96:56:2b:cb:
eb:bc:ee:37:bf:9e:e8:73:49:77:6e:b5:1b:f5:30:
60:d0:84:e6:42:d2:9d:fa:ee:c0:b0:1c:11:48:cf:
96:26:53:14:7b:25:4f:9a:a2:2f:bf:4b:fb:d2:f3:
68:01:5e:f4:df:3e:ec:27:3a:ba:2f:69:ef:2c:30:
52:af:19:b6:b9:2e:ab:0d:30:ec:f6:7d:ea:c4:ef:
c0:55:13:06:93:8a:8a:41:e7:9c:08:af:b8:03:96:
06:9c:fd:db:c5:f3:d8:a6:91:35:0f:83:5d:c6:70:
31:b0:ab:0f:e2:0d:b7:e9:0d:31:29:27:1f:58:a5:
37:04:7c:6b:b7:da:b2:30:5b:c7:0d:aa:1e:86:33:
30:35:b9:30:24:ab:77:33:7e:34:c6:88:e8:20:aa:
19:3d:4e:91:b1:1f:89:26:f5:1c:87:ff:df:8f:54:
97:23:7b:e1:51:0a:d1:3e:bc:48:b6:e7:63:39:21:
3c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:FD:9C:48:21:34:AE:DB:E9:7F:9B:F1:96:37:57:1F:4B:F3:28:F8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/F_2cSCE0rtvpf5vxljdXH0vzKPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.62.0/24
163.5.142.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
67:c2:3a:ef:db:8c:73:be:b0:af:55:a0:e5:58:f3:40:5f:4c:
30:a8:bc:28:ae:82:dd:5e:f3:ce:ea:33:22:a2:71:89:2c:4d:
f7:b9:ea:dc:e7:d1:2c:f7:14:2d:77:8d:24:0c:f5:f1:f6:cc:
9e:1d:46:b2:b8:ca:e0:a8:f0:f2:49:56:70:73:ae:38:17:22:
50:25:13:aa:1e:37:09:d3:1d:67:72:f7:61:2f:c9:f3:86:cf:
3b:43:63:c7:7d:57:fc:fa:2b:b5:79:ad:57:af:14:33:d8:63:
34:70:4e:29:c0:45:3b:9f:03:8e:30:55:9f:ce:72:f0:52:6a:
31:1f:4b:07:13:55:38:50:29:34:8f:60:0a:89:c4:c6:44:c8:
41:80:ca:41:92:5f:37:1e:2a:88:87:22:5a:5d:7a:4f:89:df:
55:c7:47:d9:c8:1f:5f:48:29:89:29:90:0b:5d:c9:d0:23:16:
8f:df:57:02:fd:cf:38:7f:6c:3f:01:b4:4a:ab:ca:7c:d8:eb:
64:3e:46:43:9b:c7:d5:85:44:07:95:1b:7a:a2:02:31:c5:c5:
d1:14:b3:6f:6b:98:a7:91:1c:37:2f:14:e9:b9:91:8d:9b:8b:
12:08:95:a5:cd:77:7c:82:7a:3e:bb:2e:eb:de:51:e6:99:2c:
81:b3:30:b2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZCOPFyP/4kByz/vr9L2rFSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzA3MTcyNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2ZkOWM0ODIxMzRhZWRiZTk3ZjliZjE5NjM3NTcxZjRiZjMyOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNHUjl0k8dJD2cNGtw8JNbeW5+Ew
a1Ch+MxcZlc/tSrAp5EpmD+zBoKoCB/wWnchQ6BjlmwH8fNkKZ+BeXbq22NJwgtg
eJZWK8vrvO43v57oc0l3brUb9TBg0ITmQtKd+u7AsBwRSM+WJlMUeyVPmqIvv0v7
0vNoAV703z7sJzq6L2nvLDBSrxm2uS6rDTDs9n3qxO/AVRMGk4qKQeecCK+4A5YG
nP3bxfPYppE1D4NdxnAxsKsP4g236Q0xKScfWKU3BHxrt9qyMFvHDaoehjMwNbkw
JKt3M340xojoIKoZPU6RsR+JJvUch//fj1SXI3vhUQrRPrxItudjOSE88wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBf9nEghNK7b6X+b8ZY3Vx9L8yj4MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRl8yY1NDRTBydHZwZjV2eGxqZFhIMHZ6S1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUfAwQA
owUjAwQAowU+AwQAowWOAwQAowXdMA0GCSqGSIb3DQEBCwUAA4IBAQBnwjrv24xz
vrCvVaDlWPNAX0wwqLworoLdXvPO6jMionGJLE33uerc59Es9xQtd40kDPXx9sye
HUayuMrgqPDySVZwc644FyJQJROqHjcJ0x1ncvdhL8nzhs87Q2PHfVf8+iu1ea1X
rxQz2GM0cE4pwEU7nwOOMFWfznLwUmoxH0sHE1U4UCk0j2AKicTGRMhBgMpBkl83
HiqIhyJaXXpPid9Vx0fZyB9fSCmJKZALXcnQIxaP31cC/c84f2w/AbRKq8p82Otk
PkZDm8fVhUQHlRt6ogIxxcXRFLNva5inkRw3LxTpuZGNm4sSCJWlzXd8gno+uy7r
3lHmmSyBszCy
-----END CERTIFICATE-----
Generated at Thu Sep 5 18:20:21 2024 by rpki-client on console-fra.rpki-client.org