Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HjxXmN5KPQ3vSoRtswFLiAU_2Z0.roa
File: HjxXmN5KPQ3vSoRtswFLiAU_2Z0.roa (raw, json)
Hash identifier: U0ZyuDMCtZTQseEOBi9EwLiPmo7h1IakaNFgdEFguYc=
Subject key identifier: 1E:3C:57:98:DE:4A:3D:0D:EF:4A:84:6D:B3:01:4B:88:05:3F:D9:9D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01922F4D9E78B6A77DBD186B2C711699664C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HjxXmN5KPQ3vSoRtswFLiAU_2Z0.roa
Signing time: Thu 26 Sep 2024 17:07:48 +0000
ROA not before: Thu 26 Sep 2024 17:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 163.5.31.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2f:4d:9e:78:b6:a7:7d:bd:18:6b:2c:71:16:99:66:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 26 17:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e3c5798de4a3d0def4a846db3014b88053fd99d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fb:78:3a:a3:c2:a1:e0:a8:13:b2:8a:f5:dc:
32:76:7c:09:ee:7b:f9:ab:d0:fb:69:ea:71:2b:12:
7b:81:88:d7:51:0f:22:c6:5c:56:5d:3b:ee:49:6b:
0b:ea:b4:c4:66:53:14:43:ef:51:20:7f:61:7b:6b:
ab:4b:38:59:33:19:af:04:56:3a:c7:86:fc:07:2e:
8b:e8:6e:45:74:6a:b7:26:f8:d7:0c:e6:44:a5:00:
bd:49:9e:3c:bb:35:bf:b4:45:19:14:b6:49:8c:21:
db:a6:f7:e8:bf:a5:37:90:c9:97:93:36:a4:18:1b:
7c:82:0e:b9:e8:93:77:b8:ef:fe:c4:b6:82:f8:ea:
54:f4:42:5e:7a:42:52:ee:49:72:d0:a9:25:bc:b5:
1d:e2:6e:36:f7:bb:34:1b:5b:d7:23:64:1a:9c:ea:
0c:04:f7:b7:77:62:18:91:1a:a1:17:92:b7:53:b5:
75:28:fc:32:5e:bc:bc:e6:d9:f2:18:15:4e:ef:14:
58:02:4a:50:b9:00:6a:8e:61:96:47:be:d6:f6:a9:
1e:b6:5f:ab:4e:bb:be:90:de:95:32:4f:b1:1d:7e:
71:9c:41:4c:d4:bc:44:29:f5:f7:51:8e:d4:27:82:
65:69:5d:28:67:01:02:2d:83:62:55:fe:f8:5f:07:
03:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:3C:57:98:DE:4A:3D:0D:EF:4A:84:6D:B3:01:4B:88:05:3F:D9:9D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HjxXmN5KPQ3vSoRtswFLiAU_2Z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.62.0/24
163.5.192.0/23
163.5.195.0/24
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
64:a2:2f:a0:91:0b:44:d7:e5:76:3f:86:80:47:a4:12:17:fd:
21:22:de:b9:f5:94:bc:6d:f4:77:72:91:b3:1a:d8:8c:0e:49:
ac:df:5e:dd:ed:35:37:ae:04:5b:9d:ab:fc:7c:dd:b1:b2:b8:
cd:59:17:54:09:38:11:1a:c2:05:18:a7:eb:9c:b7:20:24:23:
ff:cd:43:b4:9f:ff:f9:37:6b:e0:d0:82:3c:07:3f:af:3d:c2:
c6:20:1c:0a:99:b7:62:ab:41:50:e9:60:9d:56:45:66:2d:02:
38:37:78:ac:f2:ab:36:f2:46:d1:f6:54:6d:62:af:83:5a:79:
c4:54:a9:de:e7:51:f0:1a:f5:9b:34:4d:d7:53:0a:11:3c:81:
24:0e:ae:37:4a:56:60:0c:90:98:cd:0d:12:3b:38:0e:c5:2a:
15:84:25:8a:0f:55:ce:29:bd:82:6a:1b:26:27:ce:2e:2c:54:
57:cc:fb:4e:74:3c:5a:0a:59:89:95:75:91:f4:49:12:7a:1c:
5d:9a:5a:cc:8b:c5:09:58:41:b8:25:ea:03:f3:bb:e2:74:2f:
91:a1:3c:7c:ef:68:0b:4e:d9:22:f2:4b:a7:11:71:45:eb:c8:
da:a2:29:c6:c0:27:36:ef:ff:4d:c8:cc:ec:05:39:3c:73:d0:
d8:6f:a5:4f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZIvTZ54tqd9vRhrLHEWmWZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTI2MTcwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTNjNTc5OGRlNGEzZDBkZWY0YTg0NmRiMzAxNGI4ODA1M2ZkOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Pt4OqPCoeCoE7KK9dwydnwJ7nv5
q9D7aepxKxJ7gYjXUQ8ixlxWXTvuSWsL6rTEZlMUQ+9RIH9he2urSzhZMxmvBFY6
x4b8By6L6G5FdGq3JvjXDOZEpQC9SZ48uzW/tEUZFLZJjCHbpvfov6U3kMmXkzak
GBt8gg656JN3uO/+xLaC+OpU9EJeekJS7kly0KklvLUd4m4297s0G1vXI2QanOoM
BPe3d2IYkRqhF5K3U7V1KPwyXry85tnyGBVO7xRYAkpQuQBqjmGWR77W9qketl+r
Tru+kN6VMk+xHX5xnEFM1LxEKfX3UY7UJ4JlaV0oZwECLYNiVf74XwcD7QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFB48V5jeSj0N70qEbbMBS4gFP9mdMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSGp4WG1ONUtQUTN2U29SdHN3RkxpQVVfMlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowUfAwQA
owU+AwQBowXAAwQAowXDMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEB
AGSiL6CRC0TX5XY/hoBHpBIX/SEi3rn1lLxt9HdykbMa2IwOSazfXt3tNTeuBFud
q/x83bGyuM1ZF1QJOBEawgUYp+uctyAkI//NQ7Sf//k3a+DQgjwHP689wsYgHAqZ
t2KrQVDpYJ1WRWYtAjg3eKzyqzbyRtH2VG1ir4NaecRUqd7nUfAa9Zs0TddTChE8
gSQOrjdKVmAMkJjNDRI7OA7FKhWEJYoPVc4pvYJqGyYnzi4sVFfM+050PFoKWYmV
dZH0SRJ6HF2aWsyLxQlYQbgl6gPzu+J0L5GhPHzvaAtO2SLyS6cRcUXryNqiKcbA
Jzbv/03IzOwFOTxz0NhvpU8=
-----END CERTIFICATE-----
Generated at Thu Nov 7 23:22:10 2024 by rpki-client on console-ams.rpki-client.org