Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Fbl4MsnC7iLlgC_G3x2ksAf2lSg.roa
File: Fbl4MsnC7iLlgC_G3x2ksAf2lSg.roa (raw, json)
Hash identifier: KZ3j8/p2DSIU52N4avMGZPEQ+0uWmVSu+GchFEOioPU=
Subject key identifier: 15:B9:78:32:C9:C2:EE:22:E5:80:2F:C6:DF:1D:A4:B0:07:F6:95:28
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019276DDAE4ED33234218B90C0169EC16E45
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Fbl4MsnC7iLlgC_G3x2ksAf2lSg.roa
Signing time: Thu 10 Oct 2024 14:38:12 +0000
ROA not before: Thu 10 Oct 2024 14:38:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 163.5.135.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 06:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:dd:ae:4e:d3:32:34:21:8b:90:c0:16:9e:c1:6e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 10 14:38:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15b97832c9c2ee22e5802fc6df1da4b007f69528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:bb:47:e7:f5:29:65:72:2b:8f:8a:dd:9f:a9:
f6:ab:51:a5:0e:a9:89:2b:2a:bb:eb:3d:62:c0:a9:
07:e7:04:c4:6c:72:7a:85:21:85:c2:ce:d8:d3:f8:
2e:e8:46:00:26:34:4a:d3:92:5a:4e:d9:ee:05:d8:
9d:36:46:f4:1c:49:9c:88:74:42:cb:fc:81:3e:5f:
e6:14:a8:48:bc:93:5b:05:1e:66:59:5f:8b:b5:e6:
20:94:4c:94:f9:f9:a1:3a:1b:a6:bb:1c:cd:e5:81:
82:d8:5e:1a:e3:e4:a2:c1:78:24:12:ea:5b:8f:a2:
e9:81:37:ba:14:fa:7b:63:23:52:e7:2a:e7:ff:10:
1b:de:4e:0c:25:f6:32:8f:67:47:b2:08:a9:df:b6:
11:3d:d6:d2:17:54:08:6d:27:88:bf:f0:d0:e4:7d:
f6:b9:10:65:52:4d:96:4d:cb:5e:4c:81:b7:14:a1:
b3:e8:6b:23:55:f6:a6:31:cc:a6:b9:a0:64:95:c0:
c2:e2:59:db:8e:c5:c7:e4:ce:bb:24:40:fa:2a:f6:
ef:99:1d:ce:12:76:5b:b6:f3:4a:6b:88:1a:12:8b:
1a:d6:37:c9:8f:e0:3b:63:d2:73:0c:1e:cb:49:1c:
d8:7a:5b:f4:74:0f:8c:85:f9:27:c4:b9:91:82:ba:
cf:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B9:78:32:C9:C2:EE:22:E5:80:2F:C6:DF:1D:A4:B0:07:F6:95:28
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Fbl4MsnC7iLlgC_G3x2ksAf2lSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.135.0/24
163.5.209.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:03:3e:45:a7:79:6b:b4:dd:ee:79:7c:9e:c7:29:04:82:17:
ce:25:b7:92:9f:db:78:83:ce:75:43:ad:b9:1d:da:cf:ec:dd:
06:98:a0:05:78:c3:da:b6:32:59:9c:ef:01:ab:00:bb:82:71:
68:28:9a:c2:b4:69:fe:47:20:87:85:5d:50:e3:52:c7:22:6a:
3b:b6:3f:d5:c8:4c:96:87:07:1a:15:bc:21:a3:9c:48:a5:b9:
4e:37:60:35:7c:6a:0a:b0:61:98:08:44:c8:7b:cb:34:80:ee:
d4:53:5a:0d:ae:7a:3c:65:1d:25:4a:e3:dd:b1:ec:2e:ca:a5:
38:1a:b5:78:ce:f5:db:fe:eb:fd:20:92:7e:88:e1:fb:f7:1f:
2d:c8:7f:c3:6e:da:e8:f0:86:60:7f:9f:36:7c:eb:ae:3d:87:
4a:4e:f7:bb:55:d7:4e:da:e3:fd:8b:3f:d7:1f:1d:96:c7:df:
0f:03:1c:94:29:80:c5:a0:a6:8d:29:20:37:92:0e:30:56:e5:
1d:00:04:dc:18:d2:a4:af:65:7c:08:ba:66:90:dc:ef:c0:94:
c8:59:70:de:a3:37:b3:00:9c:d1:ab:06:fb:3e:37:25:1f:b5:
b7:e4:bb:c2:10:14:c6:84:ab:10:75:7e:39:b8:71:be:81:d3:
1a:a8:64:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJ23a5O0zI0IYuQwBaewW5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMDEwMTQzODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWI5NzgzMmM5YzJlZTIyZTU4MDJmYzZkZjFkYTRiMDA3ZjY5NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2btH5/UpZXIrj4rdn6n2q1GlDqmJ
Kyq76z1iwKkH5wTEbHJ6hSGFws7Y0/gu6EYAJjRK05JaTtnuBdidNkb0HEmciHRC
y/yBPl/mFKhIvJNbBR5mWV+LteYglEyU+fmhOhumuxzN5YGC2F4a4+SiwXgkEupb
j6LpgTe6FPp7YyNS5yrn/xAb3k4MJfYyj2dHsgip37YRPdbSF1QIbSeIv/DQ5H32
uRBlUk2WTcteTIG3FKGz6GsjVfamMcymuaBklcDC4lnbjsXH5M67JED6KvbvmR3O
EnZbtvNKa4gaEosa1jfJj+A7Y9JzDB7LSRzYelv0dA+MhfknxLmRgrrPSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBW5eDLJwu4i5YAvxt8dpLAH9pUoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRmJsNE1zbkM3aUxsZ0NfRzN4MmtzQWYybFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWHAwQA
owXRMA0GCSqGSIb3DQEBCwUAA4IBAQCxAz5Fp3lrtN3ueXyexykEghfOJbeSn9t4
g851Q625HdrP7N0GmKAFeMPatjJZnO8BqwC7gnFoKJrCtGn+RyCHhV1Q41LHImo7
tj/VyEyWhwcaFbwho5xIpblON2A1fGoKsGGYCETIe8s0gO7UU1oNrno8ZR0lSuPd
sewuyqU4GrV4zvXb/uv9IJJ+iOH79x8tyH/Dbtro8IZgf582fOuuPYdKTve7VddO
2uP9iz/XHx2Wx98PAxyUKYDFoKaNKSA3kg4wVuUdAATcGNKkr2V8CLpmkNzvwJTI
WXDeozezAJzRqwb7PjclH7W35LvCEBTGhKsQdX45uHG+gdMaqGSk
-----END CERTIFICATE-----
Generated at Thu Oct 24 09:01:22 2024 by rpki-client on console-fra.rpki-client.org