Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/G2ONYmbYXmzBsOt1CXGo7sUmGqk.roa
File: G2ONYmbYXmzBsOt1CXGo7sUmGqk.roa (raw, json)
Hash identifier: JM4iriCdxaWZ/1gj6aPzm2rsVU8OFFjvnk/mMIaTFV4=
Subject key identifier: 1B:63:8D:62:66:D8:5E:6C:C1:B0:EB:75:09:71:A8:EE:C5:26:1A:A9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01900DA4FD8C83B3E12839DB76352410DE27
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/G2ONYmbYXmzBsOt1CXGo7sUmGqk.roa
Signing time: Wed 12 Jun 2024 18:10:34 +0000
ROA not before: Wed 12 Jun 2024 18:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 163.5.29.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Aug 2024 07:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0d:a4:fd:8c:83:b3:e1:28:39:db:76:35:24:10:de:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 12 18:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b638d6266d85e6cc1b0eb750971a8eec5261aa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1f:3e:7d:f2:89:0d:ea:fc:8f:5d:83:37:b3:
73:8d:9a:bc:38:7f:d0:09:d2:7e:b3:0f:85:4c:5c:
f1:a9:50:63:e8:20:fd:b2:8e:35:10:57:9e:ee:1e:
8a:b7:61:da:e8:d0:20:02:6e:d6:33:5d:a0:4a:f0:
71:82:78:9b:a8:9e:09:dd:d8:b4:ad:8c:93:bd:4e:
0c:7d:cd:02:09:0e:00:12:d6:71:eb:86:ba:15:d2:
3f:5b:c6:69:f3:9f:fd:8e:1f:5d:ce:a5:8e:5d:aa:
a1:76:7f:25:6b:c3:d1:26:52:80:be:88:33:ce:ed:
57:37:f4:4f:e6:af:d4:3a:41:83:a3:6a:b5:4a:ee:
e5:31:89:34:61:28:dd:a9:8c:d7:94:99:3d:ba:0e:
6c:7f:f0:39:e1:9e:c5:6e:51:7f:db:09:71:a1:1c:
33:14:75:39:48:f5:70:b4:1e:4d:70:89:05:ea:f4:
14:dd:75:8d:00:fe:46:08:fd:34:91:df:4b:45:2d:
9f:56:09:56:d9:88:bc:51:76:8e:8a:4f:aa:5b:88:
3a:4b:76:2e:de:94:ff:6f:58:0c:0d:41:26:18:90:
9c:16:c9:23:af:a9:d8:13:6b:20:05:e3:59:41:bd:
6c:4a:a2:10:13:fc:ac:7b:17:33:0e:ae:07:a4:3a:
49:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:63:8D:62:66:D8:5E:6C:C1:B0:EB:75:09:71:A8:EE:C5:26:1A:A9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/G2ONYmbYXmzBsOt1CXGo7sUmGqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.29.0/24
163.5.132.0/24
163.5.158.0/24
163.5.200.0/24
163.5.206.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:07:53:c3:f3:08:a1:34:f3:92:ab:30:bb:a7:95:eb:d6:15:
d3:be:b9:c5:fa:2b:8a:a9:40:6d:99:70:01:38:08:7a:ea:36:
51:25:6e:7c:fe:8b:d4:cc:9e:18:7a:4d:ad:d5:e0:c2:f1:76:
8d:d4:22:78:5f:b6:66:8a:c2:e1:77:dc:0f:78:7e:90:27:95:
6c:e0:b9:a8:ca:f7:29:62:10:64:f0:c7:56:1e:27:8c:ad:e1:
6c:1c:0f:17:fa:cd:7f:17:bf:e7:83:77:3a:b2:90:f8:d1:76:
9a:85:0d:7a:25:1c:ed:7e:d9:9c:66:49:a1:ae:5e:36:e1:38:
32:08:a0:bf:b9:b5:60:43:38:5a:67:bd:53:0d:21:1c:dd:df:
c7:8e:db:e1:ae:4c:3b:66:2d:3f:c3:d8:3f:55:83:cc:41:1b:
11:d8:71:74:bc:bb:6e:97:80:d8:b5:06:7d:51:48:71:b5:7b:
10:05:98:e3:fa:0a:b0:7a:2a:c0:fb:a2:21:18:82:02:82:ac:
38:61:4d:95:d8:98:48:5b:e8:94:54:5a:ac:1b:9b:8c:8c:1d:
23:fd:59:06:5c:3f:2b:d8:50:97:e6:8d:54:75:da:7d:38:8d:
25:53:bb:ee:f0:7a:db:8d:8d:4b:93:8b:1b:e3:9e:ec:2f:49:
3e:cd:79:b8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZANpP2Mg7PhKDnbdjUkEN4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNjEyMTgxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjYzOGQ2MjY2ZDg1ZTZjYzFiMGViNzUwOTcxYThlZWM1MjYxYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwh8+ffKJDer8j12DN7NzjZq8OH/Q
CdJ+sw+FTFzxqVBj6CD9so41EFee7h6Kt2Ha6NAgAm7WM12gSvBxgnibqJ4J3di0
rYyTvU4Mfc0CCQ4AEtZx64a6FdI/W8Zp85/9jh9dzqWOXaqhdn8la8PRJlKAvogz
zu1XN/RP5q/UOkGDo2q1Su7lMYk0YSjdqYzXlJk9ug5sf/A54Z7FblF/2wlxoRwz
FHU5SPVwtB5NcIkF6vQU3XWNAP5GCP00kd9LRS2fVglW2Yi8UXaOik+qW4g6S3Yu
3pT/b1gMDUEmGJCcFskjr6nYE2sgBeNZQb1sSqIQE/ysexczDq4HpDpJbwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBtjjWJm2F5swbDrdQlxqO7FJhqpMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRzJPTlltYllYbXpCc090MUNYR283c1VtR3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUdAwQA
owWEAwQAowWeAwQAowXIAwQAowXOMA0GCSqGSIb3DQEBCwUAA4IBAQCjB1PD8wih
NPOSqzC7p5Xr1hXTvrnF+iuKqUBtmXABOAh66jZRJW58/ovUzJ4Yek2t1eDC8XaN
1CJ4X7ZmisLhd9wPeH6QJ5Vs4LmoyvcpYhBk8MdWHieMreFsHA8X+s1/F7/ng3c6
spD40XaahQ16JRztftmcZkmhrl424TgyCKC/ubVgQzhaZ71TDSEc3d/Hjtvhrkw7
Zi0/w9g/VYPMQRsR2HF0vLtul4DYtQZ9UUhxtXsQBZjj+gqweirA+6IhGIICgqw4
YU2V2JhIW+iUVFqsG5uMjB0j/VkGXD8r2FCX5o1Uddp9OI0lU7vu8HrbjY1Lk4sb
457sL0k+zXm4
-----END CERTIFICATE-----
Generated at Sat Aug 3 09:29:40 2024 by rpki-client on console-ams.rpki-client.org