Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KWMM8jq9Qyg-3ssxUiVgIj6dn8A.roa
File: KWMM8jq9Qyg-3ssxUiVgIj6dn8A.roa (raw, json)
Hash identifier: hRZ2E9JcZsimPQbL7RR51v5KcumLni8GHvU+g/lRsxU=
Subject key identifier: 29:63:0C:F2:3A:BD:43:28:3E:DE:CB:31:52:25:60:22:3E:9D:9F:C0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191D6580A1216DBE8DF86DA0B664C93E7F1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KWMM8jq9Qyg-3ssxUiVgIj6dn8A.roa
Signing time: Mon 09 Sep 2024 10:32:59 +0000
ROA not before: Mon 09 Sep 2024 10:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 163.5.62.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 17:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:58:0a:12:16:db:e8:df:86:da:0b:66:4c:93:e7:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 9 10:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29630cf23abd43283edecb31522560223e9d9fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bf:b2:8f:b9:44:c6:8c:af:1c:f9:10:4f:07:
f5:0e:3d:52:ac:ea:8f:39:94:cb:18:2f:14:f9:f6:
bc:71:53:c2:52:aa:16:2f:90:43:57:dc:05:59:b2:
92:9e:1b:58:2b:b5:be:b6:57:db:9d:53:32:73:98:
b5:a9:04:ce:0e:d3:3a:0c:91:bd:0a:6d:b8:08:81:
21:98:df:02:b4:1e:0f:8e:b0:d9:4d:5d:6e:a4:6f:
09:04:e4:27:49:0f:13:b6:e2:6d:0e:f6:e0:4c:da:
bb:ae:3b:cd:3c:ea:69:5a:bb:59:5a:70:07:1b:80:
6e:d6:f2:fd:61:55:85:cd:13:f1:7f:23:15:fc:71:
2c:97:b0:85:33:ba:04:ee:a0:a2:bd:2b:cc:ce:50:
17:68:8c:0a:a5:3c:50:3d:51:dc:f8:7a:ee:67:4d:
12:ab:ba:72:83:19:53:0e:94:d4:a6:b3:08:e5:51:
01:10:ab:bf:33:f4:06:4c:e0:08:a8:c5:6b:54:1d:
ba:e0:cf:fc:7d:36:c8:1e:6a:68:0e:5d:3e:a9:49:
17:01:d6:be:b4:cd:86:a9:01:b9:47:e4:ea:c6:3b:
f1:1e:1f:65:ca:5c:68:6d:d9:e5:5c:3c:52:4e:70:
eb:6d:81:9f:01:a3:95:f0:47:a9:5b:8f:81:20:a5:
9c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:63:0C:F2:3A:BD:43:28:3E:DE:CB:31:52:25:60:22:3E:9D:9F:C0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KWMM8jq9Qyg-3ssxUiVgIj6dn8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.62.0/24
163.5.192.0/23
163.5.195.0/24
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
88:60:77:b4:19:24:f6:c3:09:3f:66:e5:18:a6:a9:28:74:cf:
aa:ea:81:f7:35:de:ec:f3:31:53:6b:48:ac:b3:27:14:5b:48:
59:77:f2:df:04:d5:f6:0b:f3:03:39:b6:bb:a2:bd:3d:1a:37:
13:cc:c3:42:8c:f3:03:fb:0a:52:d6:05:19:16:ee:b4:70:a2:
72:26:f7:21:72:fe:ed:c0:8c:e5:f4:48:d7:3e:af:d9:39:c1:
2f:29:da:c4:04:47:3e:5c:65:2f:1b:a8:5a:68:d7:02:3a:52:
40:68:a2:2c:8d:c7:15:53:0c:c2:69:06:25:bf:44:27:48:fc:
93:1e:c1:a7:9f:9c:1d:6f:96:b6:42:95:21:10:2c:6e:b0:f8:
36:1f:ab:16:41:66:d2:ae:f9:c8:59:ca:25:2b:10:e1:a7:3a:
bb:f0:2e:a4:53:e9:89:99:ff:d9:df:4b:08:2d:f9:1a:4a:94:
54:01:d2:bd:ec:46:11:d1:65:93:cc:36:6f:cd:19:db:24:4f:
fa:4b:3e:6b:7e:c8:67:ca:f4:12:f5:5e:4e:c6:7b:85:c9:d0:
dc:23:b8:94:52:04:69:5d:fa:4a:20:aa:e9:d6:e9:8b:53:24:
82:a3:9d:7e:56:c8:4f:87:25:3c:32:ff:0e:54:90:87:92:c8:
ff:e7:36:f7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZHWWAoSFtvo34baC2ZMk+fxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTA5MTAzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTYzMGNmMjNhYmQ0MzI4M2VkZWNiMzE1MjI1NjAyMjNlOWQ5ZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr+yj7lExoyvHPkQTwf1Dj1SrOqP
OZTLGC8U+fa8cVPCUqoWL5BDV9wFWbKSnhtYK7W+tlfbnVMyc5i1qQTODtM6DJG9
Cm24CIEhmN8CtB4PjrDZTV1upG8JBOQnSQ8TtuJtDvbgTNq7rjvNPOppWrtZWnAH
G4Bu1vL9YVWFzRPxfyMV/HEsl7CFM7oE7qCivSvMzlAXaIwKpTxQPVHc+HruZ00S
q7pygxlTDpTUprMI5VEBEKu/M/QGTOAIqMVrVB264M/8fTbIHmpoDl0+qUkXAda+
tM2GqQG5R+TqxjvxHh9lylxobdnlXDxSTnDrbYGfAaOV8EepW4+BIKWc+QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCljDPI6vUMoPt7LMVIlYCI+nZ/AMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvS1dNTThqcTlReWctM3NzeFVpVmdJajZkbjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowU+AwQB
owXAAwQAowXDMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAIhgd7QZ
JPbDCT9m5RimqSh0z6rqgfc13uzzMVNrSKyzJxRbSFl38t8E1fYL8wM5truivT0a
NxPMw0KM8wP7ClLWBRkW7rRwonIm9yFy/u3AjOX0SNc+r9k5wS8p2sQERz5cZS8b
qFpo1wI6UkBooiyNxxVTDMJpBiW/RCdI/JMewaefnB1vlrZClSEQLG6w+DYfqxZB
ZtKu+chZyiUrEOGnOrvwLqRT6YmZ/9nfSwgt+RpKlFQB0r3sRhHRZZPMNm/NGdsk
T/pLPmt+yGfK9BL1Xk7Ge4XJ0NwjuJRSBGld+kogqunW6YtTJIKjnX5WyE+HJTwy
/w5UkIeSyP/nNvc=
-----END CERTIFICATE-----
Generated at Thu Sep 26 19:23:10 2024 by rpki-client on console-fra.rpki-client.org