Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/I4ohC7o_8PogRfk11smQomCv8hE.roa
File: I4ohC7o_8PogRfk11smQomCv8hE.roa (raw, json)
Hash identifier: 77fvZYFVLJzunAu1IgGpkR4Q5cS9jMsnK52gEiAJLg8=
Subject key identifier: 23:8A:21:0B:BA:3F:F0:FA:20:45:F9:35:D6:C9:90:A2:60:AF:F2:11
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0196A4C0A4B213B386B456F8772BBF2E10BE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/I4ohC7o_8PogRfk11smQomCv8hE.roa
Signing time: Tue 06 May 2025 08:40:10 +0000
ROA not before: Tue 06 May 2025 08:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.118.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Jun 2025 11:20:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:c0:a4:b2:13:b3:86:b4:56:f8:77:2b:bf:2e:10:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 6 08:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=238a210bba3ff0fa2045f935d6c990a260aff211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:53:bc:67:aa:0e:e1:bb:eb:a1:2b:2a:cb:5e:
c4:b4:bc:07:ab:8c:71:6f:84:42:8c:b7:72:bf:b9:
28:a0:04:13:ed:af:3d:91:b9:05:85:51:2f:55:f9:
e7:f8:f9:b1:e1:8b:5b:b4:44:1a:4b:ac:8b:fb:32:
f3:39:9a:be:48:19:81:1f:4f:d5:ac:8b:c9:1f:ad:
b5:ef:22:d3:8b:8a:c7:f4:d8:58:06:31:f4:45:5f:
cb:f4:ab:3c:d9:28:c9:84:0e:c6:d5:d6:99:83:e6:
47:bd:24:b0:e9:df:d0:17:fa:dd:94:2a:5e:3e:71:
31:29:07:3f:ee:fd:84:4a:d5:37:56:1e:cd:f4:90:
4e:e9:65:15:43:ab:2e:15:93:3a:fe:1e:8f:38:4b:
c1:77:a9:26:12:83:34:1d:24:7a:a9:a4:96:69:6c:
ee:77:0b:62:bf:21:43:ff:35:ab:f9:89:ba:b3:c0:
f9:4c:3c:5c:80:fe:34:d8:cb:e8:c1:4f:d9:72:5c:
3a:bd:15:08:cf:b1:98:dc:d9:f4:4a:cb:0d:1c:95:
4c:df:77:20:44:34:9d:b7:19:a5:6a:4e:a1:ca:c0:
1c:0c:a7:f8:57:8f:fa:bc:ae:53:a9:2a:58:a4:d4:
a0:db:bc:c1:0b:55:d0:64:4b:0f:6a:65:bf:32:88:
f5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8A:21:0B:BA:3F:F0:FA:20:45:F9:35:D6:C9:90:A2:60:AF:F2:11
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/I4ohC7o_8PogRfk11smQomCv8hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.118.0/24
163.5.153.0-163.5.154.255
163.5.177.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:8c:c5:3a:35:4a:ef:53:ba:88:fd:57:d8:bd:16:79:4b:bb:
7f:db:70:9c:de:b4:8c:ba:b5:c6:df:f1:5a:77:e7:cf:91:94:
75:9a:d5:b9:9e:d6:e6:e0:08:b4:3a:67:dd:09:c2:cd:c9:b5:
93:c4:ab:05:50:4b:02:3b:ef:9b:a7:02:b1:cf:e5:63:12:ae:
e9:7b:cf:76:eb:52:6c:9e:82:8c:2c:a9:5d:95:52:41:72:50:
17:2d:eb:15:59:bb:e9:df:85:eb:d1:4b:38:2d:bb:8a:f0:0d:
00:4b:86:c3:c6:b7:ea:60:04:d4:eb:d5:6c:47:7f:d6:0b:7d:
de:73:3a:5b:65:76:93:ad:0a:63:d4:44:5e:fb:f5:f2:23:cb:
3a:36:7a:62:f0:19:bc:00:5d:2d:9e:56:f7:4c:ac:42:21:4a:
a9:17:75:26:93:ed:09:5e:3a:6b:55:db:94:29:c3:c9:7f:3f:
75:fc:81:a0:16:33:8d:24:21:46:73:2e:33:77:37:6a:5c:4b:
f5:a1:76:36:33:99:0e:79:c3:2b:5c:1f:ca:6c:d9:0c:d9:64:
ad:1d:91:54:09:35:43:b4:31:f8:21:67:7f:18:c8:db:52:b1:
56:a8:90:b7:09:c7:29:84:b1:99:26:65:3a:d3:24:60:09:9f:
f6:2d:7b:81
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZakwKSyE7OGtFb4dyu/LhC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNTA2MDg0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhhMjEwYmJhM2ZmMGZhMjA0NWY5MzVkNmM5OTBhMjYwYWZmMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFO8Z6oO4bvroSsqy17EtLwHq4xx
b4RCjLdyv7kooAQT7a89kbkFhVEvVfnn+Pmx4YtbtEQaS6yL+zLzOZq+SBmBH0/V
rIvJH6217yLTi4rH9NhYBjH0RV/L9Ks82SjJhA7G1daZg+ZHvSSw6d/QF/rdlCpe
PnExKQc/7v2EStU3Vh7N9JBO6WUVQ6suFZM6/h6POEvBd6kmEoM0HSR6qaSWaWzu
dwtivyFD/zWr+Ym6s8D5TDxcgP402MvowU/Zclw6vRUIz7GY3Nn0SssNHJVM33cg
RDSdtxmlak6hysAcDKf4V4/6vK5TqSpYpNSg27zBC1XQZEsPamW/Moj1ewIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCOKIQu6P/D6IEX5NdbJkKJgr/IRMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSTRvaEM3b184UG9nUmZrMTFzbVFvbUN2OGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowV2MAwD
BACjBZkDBACjBZoDBACjBbEDBACjBfwwDQYJKoZIhvcNAQELBQADggEBAGqMxTo1
Su9Tuoj9V9i9FnlLu3/bcJzetIy6tcbf8Vp358+RlHWa1bme1ubgCLQ6Z90Jws3J
tZPEqwVQSwI775unArHP5WMSrul7z3brUmyegowsqV2VUkFyUBct6xVZu+nfhevR
Szgtu4rwDQBLhsPGt+pgBNTr1WxHf9YLfd5zOltldpOtCmPURF779fIjyzo2emLw
GbwAXS2eVvdMrEIhSqkXdSaT7QleOmtV25Qpw8l/P3X8gaAWM40kIUZzLjN3N2pc
S/WhdjYzmQ55wytcH8ps2QzZZK0dkVQJNUO0MfghZ38YyNtSsVaokLcJxymEsZkm
ZTrTJGAJn/Yte4E=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:56:21 2025 by rpki-client