Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Jpzqw_LOSpaIXQxqs-1a5Ax64pw.roa
File: Jpzqw_LOSpaIXQxqs-1a5Ax64pw.roa (raw, json)
Hash identifier: +qQ1tTtcVzOWIUAtySnzf7rOM0CoFA089USnf3baFzw=
Subject key identifier: 26:9C:EA:C3:F2:CE:4A:96:88:5D:0C:6A:B3:ED:5A:E4:0C:7A:E2:9C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC4256BF74C57695C7961BC51621EE0B5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Jpzqw_LOSpaIXQxqs-1a5Ax64pw.roa
Signing time: Mon 01 Jan 2024 08:30:35 +0000
ROA not before: Mon 01 Jan 2024 08:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216159
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Feb 2024 15:35:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:6b:f7:4c:57:69:5c:79:61:bc:51:62:1e:e0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=269ceac3f2ce4a96885d0c6ab3ed5ae40c7ae29c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7e:16:73:7b:c9:b0:aa:00:4a:df:50:9b:be:
45:99:ba:c4:23:e5:4c:23:41:81:9f:37:e0:13:70:
df:d2:34:64:01:60:bc:e0:44:75:b6:35:15:3e:c9:
9e:5f:8a:2e:ba:24:6b:dd:79:5d:2d:07:77:c8:0d:
f3:c6:fc:72:3a:51:72:79:2d:d5:c1:90:26:d6:10:
7e:1e:38:bb:30:32:36:68:1f:25:65:49:fe:35:38:
e3:bf:fc:f9:4a:0a:87:f0:d3:6e:74:e4:c7:b3:f4:
0b:cb:38:21:a1:e8:87:5e:27:f2:d8:76:4f:c6:25:
1d:aa:05:13:04:6e:55:7e:f0:b9:da:38:47:b5:d7:
2d:f8:26:07:6c:46:73:01:57:d8:5f:d8:95:92:a4:
89:22:5c:cc:27:d4:f8:d5:8d:87:1a:e4:c5:0b:54:
91:c1:59:de:78:24:1e:5d:c9:fe:17:48:9d:02:72:
aa:e5:ce:e1:2d:37:d6:00:1b:fe:77:e0:2d:8f:d3:
b7:22:1c:8f:3c:c1:c7:b2:87:01:bf:e8:d1:ca:42:
a5:67:d9:27:54:c6:42:40:7c:cc:94:23:1a:e4:f5:
6c:4b:29:60:69:a0:5a:bf:87:72:28:33:b0:36:52:
84:9b:93:9e:73:f1:00:ea:33:db:39:72:39:32:4c:
7e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:9C:EA:C3:F2:CE:4A:96:88:5D:0C:6A:B3:ED:5A:E4:0C:7A:E2:9C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Jpzqw_LOSpaIXQxqs-1a5Ax64pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.144.0/24
163.5.154.0/24
163.5.192.0/23
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
00:76:05:47:ce:38:d3:ef:be:ff:3c:d5:07:56:59:23:3a:b5:
95:ef:1e:ed:96:ba:15:60:d4:15:b8:aa:3c:82:38:78:8e:4a:
a3:a0:aa:a3:5d:c5:8e:9e:19:2d:a1:75:02:41:83:f5:96:cc:
9f:09:05:19:75:bf:24:b7:83:43:bc:d2:fa:dc:05:7d:b6:0b:
7f:13:87:6c:ba:b8:8a:ab:a5:7c:eb:75:4a:b5:8b:53:30:d5:
15:21:08:df:d8:ef:43:93:bd:cf:25:f0:33:0e:29:76:ef:3a:
9a:e6:9f:06:59:a5:eb:fb:d8:20:5b:cc:b4:ed:b5:28:91:2f:
d6:48:b6:c0:cf:b8:03:15:1a:da:af:62:15:17:9e:7f:16:51:
0e:ec:c5:e6:71:5b:86:2e:ec:01:c3:06:d1:b8:99:be:3a:e8:
06:e5:50:02:12:39:40:56:9b:88:c2:ca:e7:f5:85:e9:4b:10:
0c:4f:78:31:15:a4:4f:14:c9:8d:52:9f:6e:1f:11:64:98:bd:
c1:d0:3f:40:cf:00:39:6f:91:00:4b:0b:ed:7e:cd:8a:4d:43:
3e:22:19:fb:3d:fe:66:41:d4:f3:7a:02:5f:5b:a2:0e:25:59:
2e:75:f9:fa:8f:6d:ed:4a:9a:81:dd:58:85:a5:93:12:79:53:
50:e0:74:c2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEJWv3TFdpXHlhvFFiHuC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjljZWFjM2YyY2U0YTk2ODg1ZDBjNmFiM2VkNWFlNDBjN2FlMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH4Wc3vJsKoASt9Qm75FmbrEI+VM
I0GBnzfgE3Df0jRkAWC84ER1tjUVPsmeX4ouuiRr3XldLQd3yA3zxvxyOlFyeS3V
wZAm1hB+Hji7MDI2aB8lZUn+NTjjv/z5SgqH8NNudOTHs/QLyzghoeiHXify2HZP
xiUdqgUTBG5VfvC52jhHtdct+CYHbEZzAVfYX9iVkqSJIlzMJ9T41Y2HGuTFC1SR
wVneeCQeXcn+F0idAnKq5c7hLTfWABv+d+Atj9O3IhyPPMHHsocBv+jRykKlZ9kn
VMZCQHzMlCMa5PVsSylgaaBav4dyKDOwNlKEm5Oec/EA6jPbOXI5Mkx+IwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCac6sPyzkqWiF0MarPtWuQMeuKcMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSnB6cXdfTE9TcGFJWFF4cXMtMWE1QXg2NHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowWQAwQA
owWaAwQBowXAMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAAB2BUfO
ONPvvv881QdWWSM6tZXvHu2WuhVg1BW4qjyCOHiOSqOgqqNdxY6eGS2hdQJBg/WW
zJ8JBRl1vyS3g0O80vrcBX22C38Th2y6uIqrpXzrdUq1i1Mw1RUhCN/Y70OTvc8l
8DMOKXbvOprmnwZZpev72CBbzLTttSiRL9ZItsDPuAMVGtqvYhUXnn8WUQ7sxeZx
W4Yu7AHDBtG4mb466AblUAISOUBWm4jCyuf1helLEAxPeDEVpE8UyY1Sn24fEWSY
vcHQP0DPADlvkQBLC+1+zYpNQz4iGfs9/mZB1PN6Al9bog4lWS51+fqPbe1KmoHd
WIWlkxJ5U1DgdMI=
-----END CERTIFICATE-----
Generated at Sun Feb 11 18:16:40 2024 by rpki-client on console-fra.rpki-client.org