Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FzkEzgD6VISKjW24ZUxXSTum3JI.roa
File: FzkEzgD6VISKjW24ZUxXSTum3JI.roa (raw, json)
Hash identifier: 9s22f+y2SiiN2PblQZ+GIxMKLUS0EZUL1oGrNVH7ELo=
Subject key identifier: 17:39:04:CE:00:FA:54:84:8A:8D:6D:B8:65:4C:57:49:3B:A6:DC:92
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A1BEBB56D370181F75EBB5693E607
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FzkEzgD6VISKjW24ZUxXSTum3JI.roa
Signing time: Wed 01 Jan 2025 19:49:03 +0000
ROA not before: Wed 01 Jan 2025 19:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.47.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 09:13:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1b:eb:b5:6d:37:01:81:f7:5e:bb:56:93:e6:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=173904ce00fa54848a8d6db8654c57493ba6dc92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:41:dd:c9:3f:e3:f8:c1:c1:56:2b:19:85:bb:
7b:63:eb:8f:38:dc:7d:4b:48:dc:54:bd:aa:2c:68:
0d:0c:3a:ce:d4:d8:7b:96:f3:ec:cb:60:ab:86:a2:
91:11:c0:7b:61:f9:3d:8c:a9:e2:c4:2c:87:13:cf:
bf:46:fd:2e:18:a1:46:ba:13:72:9f:d0:8a:ba:58:
8f:7e:18:b7:bc:05:d2:ad:ae:7b:d5:21:64:a3:64:
a3:8d:c9:b6:14:76:24:c2:ce:8d:e4:d0:60:fb:cd:
a1:c3:bf:db:0b:9d:a0:99:2c:a6:a7:68:06:9d:fb:
ca:00:db:0a:6f:6f:a1:20:3e:27:b7:84:4f:c2:ed:
f3:bb:03:85:d2:77:2d:a0:ac:25:2f:cf:37:6b:33:
f4:ae:48:73:14:94:f5:e9:c5:d9:21:ab:a4:63:76:
cf:d7:3d:2a:8d:69:6c:ea:8a:22:57:2a:92:bf:11:
e5:4e:bf:78:d9:1e:6c:33:8c:c8:9f:f1:2d:0d:89:
73:11:23:4c:41:e0:6b:c1:7e:37:60:17:c9:e4:1a:
b2:dc:2c:9a:e3:6b:8e:77:f6:55:42:aa:fb:97:e4:
18:cc:1f:a0:23:8c:c1:0f:d1:f2:fe:9c:33:05:c4:
c7:ee:4e:e8:46:bc:00:b6:75:2d:25:f7:c1:ff:a5:
b2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:39:04:CE:00:FA:54:84:8A:8D:6D:B8:65:4C:57:49:3B:A6:DC:92
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FzkEzgD6VISKjW24ZUxXSTum3JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.47.0/24
163.5.66.0/24
163.5.156.0/24
163.5.170.0/24
163.5.186.0/24
163.5.220.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:27:1c:ec:93:de:a0:7e:d4:df:40:f4:94:42:c3:61:d1:90:
96:44:ae:b8:b9:1b:da:54:59:47:53:fd:64:f3:27:32:e7:1c:
2b:68:0b:ab:c4:70:10:2b:39:20:30:3a:fc:e0:1d:fe:ea:80:
fe:f5:85:77:a8:aa:f4:47:88:3e:42:b1:bb:a5:70:ef:7c:45:
08:aa:a2:af:13:6a:2b:89:d3:20:b6:86:f9:90:d2:11:79:d7:
e2:c4:66:e8:f0:f4:db:b7:8d:29:a9:4a:56:b6:1d:2d:c7:32:
41:2f:4b:f7:b0:e9:76:df:e0:e9:c3:ad:8e:e2:2e:ef:ca:d0:
bd:89:39:73:1a:aa:dc:ac:6e:9a:5d:3a:8a:53:09:1e:e7:b1:
4b:1b:84:47:ae:b0:20:ff:c2:f1:e4:ed:d3:3e:a7:54:28:64:
75:7e:68:52:1a:17:bc:65:bf:fd:b1:05:74:2f:4e:25:f1:26:
df:25:e3:e1:88:41:22:ae:79:da:8f:3d:a4:d9:ae:08:ee:65:
6e:92:a3:3f:44:c6:79:95:41:b9:a4:1d:4f:0e:39:fd:61:03:
10:01:af:7c:fe:e1:40:55:5e:d1:6c:69:e2:40:93:97:91:c0:
f1:d9:62:09:d9:a9:51:ae:85:36:e3:e4:81:04:d3:76:bf:00:
d2:81:cd:52
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQjahvrtW03AYH3XrtWk+YHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzM5MDRjZTAwZmE1NDg0OGE4ZDZkYjg2NTRjNTc0OTNiYTZkYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30HdyT/j+MHBVisZhbt7Y+uPONx9
S0jcVL2qLGgNDDrO1Nh7lvPsy2CrhqKREcB7Yfk9jKnixCyHE8+/Rv0uGKFGuhNy
n9CKuliPfhi3vAXSra571SFko2Sjjcm2FHYkws6N5NBg+82hw7/bC52gmSymp2gG
nfvKANsKb2+hID4nt4RPwu3zuwOF0nctoKwlL883azP0rkhzFJT16cXZIaukY3bP
1z0qjWls6ooiVyqSvxHlTr942R5sM4zIn/EtDYlzESNMQeBrwX43YBfJ5Bqy3Cya
42uOd/ZVQqr7l+QYzB+gI4zBD9Hy/pwzBcTH7k7oRrwAtnUtJffB/6WyMQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBc5BM4A+lSEio1tuGVMV0k7ptySMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRnprRXpnRDZWSVNLalcyNFpVeFhTVHVtM0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowUvAwQA
owVCAwQAowWcAwQAowWqAwQAowW6AwQAowXcMA0GCSqGSIb3DQEBCwUAA4IBAQBe
Jxzsk96gftTfQPSUQsNh0ZCWRK64uRvaVFlHU/1k8ycy5xwraAurxHAQKzkgMDr8
4B3+6oD+9YV3qKr0R4g+QrG7pXDvfEUIqqKvE2oridMgtob5kNIRedfixGbo8PTb
t40pqUpWth0txzJBL0v3sOl23+Dpw62O4i7vytC9iTlzGqrcrG6aXTqKUwke57FL
G4RHrrAg/8Lx5O3TPqdUKGR1fmhSGhe8Zb/9sQV0L04l8SbfJePhiEEirnnajz2k
2a4I7mVukqM/RMZ5lUG5pB1PDjn9YQMQAa98/uFAVV7RbGniQJOXkcDx2WIJ2alR
roU24+SBBNN2vwDSgc1S
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:51:46 2025 by rpki-client