Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/K3EAcy9H6rRDMLVz5kJrOYg_pZQ.roa
File: K3EAcy9H6rRDMLVz5kJrOYg_pZQ.roa (raw, json)
Hash identifier: AFyJO4XDTrI+t4FkalsH0NiUw6y5oio/TX5+S2pcpmY=
Subject key identifier: 2B:71:00:73:2F:47:EA:B4:43:30:B5:73:E6:42:6B:39:88:3F:A5:94
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191E1F004A7697231AF784A73519C62E69B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/K3EAcy9H6rRDMLVz5kJrOYg_pZQ.roa
Signing time: Wed 11 Sep 2024 16:34:48 +0000
ROA not before: Wed 11 Sep 2024 16:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.33.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 09:38:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:f0:04:a7:69:72:31:af:78:4a:73:51:9c:62:e6:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 11 16:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b7100732f47eab44330b573e6426b39883fa594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:49:80:95:fe:79:35:f6:59:60:b9:4f:a4:89:
d3:bd:33:0c:55:20:ab:16:c7:65:f0:6a:f2:cb:df:
ad:bb:23:db:54:f3:09:c4:f3:59:9f:71:b6:35:b5:
0c:ae:22:6a:a1:11:38:d2:5a:b4:46:c2:09:d8:c4:
c8:34:eb:16:4a:e1:c8:b5:0d:06:78:f8:2d:14:54:
45:d1:53:9b:79:d6:76:4a:3e:68:a7:f9:d7:e0:7a:
cd:39:22:7c:74:57:83:fd:0c:50:4c:12:96:bc:51:
10:43:b1:59:af:9e:ec:98:3a:7a:41:fe:6c:1b:67:
c1:0d:28:01:ab:48:b6:78:06:69:98:5d:32:0e:e9:
f8:35:18:8b:48:6e:13:67:2a:42:a6:4a:50:92:6f:
51:78:e7:9f:e0:f3:8e:c7:c3:40:d2:e8:9c:84:1e:
6d:42:16:a0:3c:79:b0:55:5e:d4:ab:36:60:7d:6d:
e0:91:03:b9:56:a2:28:d0:66:bb:ae:e7:47:57:19:
56:4c:8b:53:c2:ec:c7:95:8e:9b:c4:53:55:90:ce:
e9:f1:2a:3e:ef:a6:8a:bd:8b:c4:d0:15:c2:b7:46:
d0:01:8d:4e:10:29:bd:72:08:9e:78:af:7d:35:68:
be:dd:d0:5c:e9:ca:85:68:ed:46:0c:f3:92:dc:95:
a8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:71:00:73:2F:47:EA:B4:43:30:B5:73:E6:42:6B:39:88:3F:A5:94
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/K3EAcy9H6rRDMLVz5kJrOYg_pZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.33.0/24
163.5.110.0/23
163.5.126.0/24
163.5.128.0/24
163.5.145.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:9d:7f:d7:2c:bb:76:ef:73:83:73:b1:d7:f9:48:0a:20:8b:
52:a5:10:be:2b:4b:1d:1c:70:79:82:f5:63:94:85:16:98:5c:
64:93:41:93:5d:cc:a4:77:dc:ba:3a:7b:70:a1:e3:b8:7a:c5:
43:a5:8c:ae:f9:3e:c6:e1:46:6a:a4:26:7e:92:1e:43:56:d9:
9f:7a:de:3a:1a:1f:40:2a:dc:f3:de:56:74:4c:62:d8:5a:52:
05:ae:28:21:95:bd:84:c8:49:11:5e:d4:5d:66:38:21:be:7d:
bf:3c:42:54:1c:9c:5a:2f:5d:6f:16:df:6b:a3:cc:52:9f:7f:
0b:25:a3:58:17:8e:26:6d:50:43:27:e1:ff:ac:1b:2c:82:ce:
c9:eb:82:13:60:9a:04:11:d4:28:a6:20:b3:a4:1d:cc:88:f8:
71:88:c5:2c:39:e8:30:a4:66:da:b2:2e:f1:c5:03:cf:5e:11:
d4:e6:72:9a:f8:de:30:a6:56:b4:15:d3:66:99:22:61:de:e0:
c1:35:c5:52:dd:46:fd:96:8c:cd:9c:b0:6f:66:4a:22:76:3c:
78:fd:62:c4:80:51:be:5c:dd:3f:77:fc:40:fe:d6:df:b3:15:
22:ba:2d:e6:e9:74:35:71:de:fe:7d:bb:95:07:4c:8f:74:75:
4c:3c:d7:c4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZHh8ASnaXIxr3hKc1GcYuabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTExMTYzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjcxMDA3MzJmNDdlYWI0NDMzMGI1NzNlNjQyNmIzOTg4M2ZhNTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EmAlf55NfZZYLlPpInTvTMMVSCr
Fsdl8Gryy9+tuyPbVPMJxPNZn3G2NbUMriJqoRE40lq0RsIJ2MTINOsWSuHItQ0G
ePgtFFRF0VObedZ2Sj5op/nX4HrNOSJ8dFeD/QxQTBKWvFEQQ7FZr57smDp6Qf5s
G2fBDSgBq0i2eAZpmF0yDun4NRiLSG4TZypCpkpQkm9ReOef4POOx8NA0uichB5t
QhagPHmwVV7UqzZgfW3gkQO5VqIo0Ga7rudHVxlWTItTwuzHlY6bxFNVkM7p8So+
76aKvYvE0BXCt0bQAY1OECm9cgieeK99NWi+3dBc6cqFaO1GDPOS3JWo4wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCtxAHMvR+q0QzC1c+ZCazmIP6WUMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSzNFQWN5OUg2clJETUxWejVrSnJPWWdfcFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowUhAwQB
owVuAwQAowV+AwQAowWAAwQAowWRAwQAowX6AwQAowX9MA0GCSqGSIb3DQEBCwUA
A4IBAQCMnX/XLLt273ODc7HX+UgKIItSpRC+K0sdHHB5gvVjlIUWmFxkk0GTXcyk
d9y6OntwoeO4esVDpYyu+T7G4UZqpCZ+kh5DVtmfet46Gh9AKtzz3lZ0TGLYWlIF
righlb2EyEkRXtRdZjghvn2/PEJUHJxaL11vFt9ro8xSn38LJaNYF44mbVBDJ+H/
rBssgs7J64ITYJoEEdQopiCzpB3MiPhxiMUsOegwpGbasi7xxQPPXhHU5nKa+N4w
pla0FdNmmSJh3uDBNcVS3Ub9lozNnLBvZkoidjx4/WLEgFG+XN0/d/xA/tbfsxUi
ui3m6XQ1cd7+fbuVB0yPdHVMPNfE
-----END CERTIFICATE-----
Generated at Tue Nov 12 13:08:38 2024 by rpki-client on console-fra.rpki-client.org