Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FlnVc3rleQ1NOOeSxunhSbnO7EQ.roa
File: FlnVc3rleQ1NOOeSxunhSbnO7EQ.roa (raw, json)
Hash identifier: j8yDBjZ9Qt9rp80OEEtNA5rsWYs7omOpp+vcogAGy0s=
Subject key identifier: 16:59:D5:73:7A:E5:79:0D:4D:38:E7:92:C6:E9:E1:49:B9:CE:EC:44
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018E3907F0048B4C70A9355EE1CCD20BC149
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FlnVc3rleQ1NOOeSxunhSbnO7EQ.roa
Signing time: Wed 13 Mar 2024 18:16:45 +0000
ROA not before: Wed 13 Mar 2024 18:16:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Apr 2024 09:07:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:07:f0:04:8b:4c:70:a9:35:5e:e1:cc:d2:0b:c1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 13 18:16:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1659d5737ae5790d4d38e792c6e9e149b9ceec44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:29:44:3a:31:68:8f:2a:f1:5f:3f:99:4d:ad:
66:17:bf:b9:4a:21:a2:b4:b1:e6:ee:73:51:96:66:
70:84:c1:a8:00:44:4b:f0:b2:a2:2e:19:0c:fb:d1:
08:43:8a:a1:a0:76:bb:e8:69:e3:f8:32:18:d0:1b:
08:e4:a9:40:c8:ae:11:46:c5:c9:4d:80:35:8b:e4:
8a:e0:b6:be:8e:29:16:ca:c4:63:c8:cd:0f:2a:e5:
83:65:23:1e:0d:7f:16:29:d9:36:c4:2d:db:aa:1c:
e4:9f:62:8b:a4:97:c6:6e:09:cf:01:76:72:3c:7d:
3c:c6:5a:b5:84:c8:96:18:0c:d9:90:ad:28:4c:7b:
ec:cd:3d:82:1b:70:5e:d7:00:b1:b7:50:8a:a7:41:
0d:05:69:72:2c:36:b4:3e:8f:72:b7:3a:36:8a:d3:
f5:fa:91:24:0d:b6:1d:2e:54:2a:87:2b:b6:2f:02:
c2:63:ff:0c:41:28:ac:f3:89:be:ab:85:df:27:74:
64:89:c6:97:a0:e7:09:e1:b6:b9:bb:5a:b0:91:5e:
bd:37:af:cb:d2:f3:01:56:52:b0:dc:14:f8:43:dd:
89:d6:8f:8f:45:d9:b7:a6:7e:61:ad:2c:af:cf:d9:
b8:61:cd:ac:76:0e:77:5a:ea:b2:bc:c7:ea:51:50:
d5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:59:D5:73:7A:E5:79:0D:4D:38:E7:92:C6:E9:E1:49:B9:CE:EC:44
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FlnVc3rleQ1NOOeSxunhSbnO7EQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.86.0/24
163.5.97.0/24
163.5.136.0/24
163.5.144.0/24
163.5.211.0/24
Signature Algorithm: sha256WithRSAEncryption
36:9d:a9:62:70:fd:af:57:2c:24:d4:da:df:ae:68:e6:40:3f:
80:f6:a0:94:25:68:83:5b:0a:ce:16:41:fd:e1:a8:78:4d:88:
53:cb:ef:a4:24:cb:bf:fc:9b:11:20:c3:c9:e9:ff:8e:9e:8c:
9c:e0:da:6e:07:00:a8:43:f1:92:e7:63:e7:72:ab:33:c1:dd:
60:b0:a1:6a:4d:0d:fc:82:36:18:d8:22:97:93:f1:eb:4b:b2:
3c:a5:40:ad:5c:46:e7:9e:d6:65:e3:f4:b9:0f:73:1a:52:af:
6d:0e:ad:bb:de:39:69:a2:fe:c6:4e:1f:1b:94:6d:80:14:fd:
4a:b4:4d:a3:ef:59:3f:05:59:6c:6d:91:4e:e1:0b:0e:df:b5:
3a:69:39:f5:f9:5d:39:29:d3:66:ad:ff:8b:5c:59:b2:27:2b:
3e:19:e1:ba:41:bf:62:38:04:3a:82:db:13:22:10:05:99:3d:
8e:d4:54:a9:a6:43:2e:df:cf:c6:f6:39:90:17:26:c4:34:b1:
9b:8a:c9:0d:91:70:ae:9c:55:fd:69:a3:c9:f8:09:78:6c:e2:
a8:ad:87:bc:f3:25:c6:6c:e5:79:f5:b7:dd:c1:ef:dd:4a:25:
43:31:a2:8b:b5:3d:23:c0:07:d0:2a:dd:9c:11:73:08:84:59:
45:75:b2:49
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY45B/AEi0xwqTVe4czSC8FJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMzEzMTgxNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjU5ZDU3MzdhZTU3OTBkNGQzOGU3OTJjNmU5ZTE0OWI5Y2VlYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtClEOjFojyrxXz+ZTa1mF7+5SiGi
tLHm7nNRlmZwhMGoAERL8LKiLhkM+9EIQ4qhoHa76Gnj+DIY0BsI5KlAyK4RRsXJ
TYA1i+SK4La+jikWysRjyM0PKuWDZSMeDX8WKdk2xC3bqhzkn2KLpJfGbgnPAXZy
PH08xlq1hMiWGAzZkK0oTHvszT2CG3Be1wCxt1CKp0ENBWlyLDa0Po9ytzo2itP1
+pEkDbYdLlQqhyu2LwLCY/8MQSis84m+q4XfJ3RkicaXoOcJ4ba5u1qwkV69N6/L
0vMBVlKw3BT4Q92J1o+PRdm3pn5hrSyvz9m4Yc2sdg53WuqyvMfqUVDVTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBZZ1XN65XkNTTjnksbp4Um5zuxEMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRmxuVmMzcmxlUTFOT09lU3h1bmhTYm5PN0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowVWAwQA
owVhAwQAowWIAwQAowWQAwQAowXTMA0GCSqGSIb3DQEBCwUAA4IBAQA2nalicP2v
Vywk1NrfrmjmQD+A9qCUJWiDWwrOFkH94ah4TYhTy++kJMu//JsRIMPJ6f+Onoyc
4NpuBwCoQ/GS52Pncqszwd1gsKFqTQ38gjYY2CKXk/HrS7I8pUCtXEbnntZl4/S5
D3MaUq9tDq273jlpov7GTh8blG2AFP1KtE2j71k/BVlsbZFO4QsO37U6aTn1+V05
KdNmrf+LXFmyJys+GeG6Qb9iOAQ6gtsTIhAFmT2O1FSppkMu38/G9jmQFybENLGb
iskNkXCunFX9aaPJ+Al4bOKorYe88yXGbOV59bfdwe/dSiVDMaKLtT0jwAfQKt2c
EXMIhFlFdbJJ
-----END CERTIFICATE-----
Generated at Sun Apr 14 13:40:22 2024 by rpki-client on console-fra.rpki-client.org