Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KtMuhQuNi1bv_PWIUI5tX9E32-I.roa
File: KtMuhQuNi1bv_PWIUI5tX9E32-I.roa (raw, json)
Hash identifier: Qnxa+b5hkqFp0JJCxesO/wYU4ESsgypt7hmpiqvC9GE=
Subject key identifier: 2A:D3:2E:85:0B:8D:8B:56:EF:FC:F5:88:50:8E:6D:5F:D1:37:DB:E2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01945A10653433A69519E0DA2C9A9A32FC02
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KtMuhQuNi1bv_PWIUI5tX9E32-I.roa
Signing time: Sun 12 Jan 2025 10:30:11 +0000
ROA not before: Sun 12 Jan 2025 10:30:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.25.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.40.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 16:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5a:10:65:34:33:a6:95:19:e0:da:2c:9a:9a:32:fc:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 12 10:30:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ad32e850b8d8b56effcf588508e6d5fd137dbe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5b:48:16:54:11:02:18:06:9f:14:a5:f6:e8:
6d:85:ac:e4:24:b0:fd:53:6d:33:7c:76:a5:90:5c:
17:14:85:f1:37:54:84:7a:55:3e:53:90:37:95:07:
75:c1:cc:1f:33:09:c0:50:4d:a3:37:72:58:71:39:
bd:af:a4:03:9f:d1:cb:c4:83:7e:dc:21:03:e7:9e:
a4:96:7a:1c:ab:b0:77:91:df:19:8a:e7:6c:96:45:
23:de:df:61:c2:31:69:45:b7:64:97:62:50:70:f6:
67:29:f4:af:e5:14:f2:3d:05:01:c5:76:13:16:79:
8b:e5:d6:f6:95:1c:f5:fd:65:05:31:fb:fc:30:db:
a3:b7:44:a8:35:20:02:1e:02:69:65:bb:32:20:8f:
83:15:7f:a5:94:38:e2:ae:ea:4a:12:e2:f8:91:b2:
ec:93:d0:fb:2c:c7:c6:02:1a:db:ef:17:63:a5:a7:
c4:ad:19:aa:76:78:b8:51:01:c1:43:db:c2:e3:34:
dc:53:34:9b:c1:2d:b0:d2:fa:08:3a:b2:3e:08:f4:
97:fe:10:42:85:27:7d:df:c6:a5:35:06:02:09:fe:
f6:49:6d:62:e3:42:5d:fb:cb:76:23:e1:15:52:12:
2d:7a:df:38:90:3d:7d:6d:e1:28:d3:01:62:bb:94:
a1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D3:2E:85:0B:8D:8B:56:EF:FC:F5:88:50:8E:6D:5F:D1:37:DB:E2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KtMuhQuNi1bv_PWIUI5tX9E32-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.25.0/24
163.5.33.0/24
163.5.40.0/24
163.5.110.0/23
163.5.126.0/24
163.5.128.0/24
163.5.145.0/24
163.5.165.0/24
163.5.250.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:64:26:c1:50:be:1a:c8:4c:a1:c2:86:1e:a8:74:27:96:bb:
cd:93:86:03:f6:b3:c1:60:9b:fe:93:ed:9b:7c:1d:81:b3:ab:
ed:ed:60:48:cb:b9:49:d2:47:ea:86:d9:70:3e:56:8a:99:5c:
c7:54:4c:a2:63:38:ca:0e:e0:02:b5:47:02:c3:ab:63:b3:8a:
e7:10:97:2e:11:1a:c6:ed:84:10:d6:8a:ca:17:62:2c:e3:19:
b0:16:75:79:16:f3:91:fe:12:53:8c:b2:8a:94:1e:3b:bf:f1:
99:d0:e6:67:58:4d:dd:08:ee:9b:b9:24:36:04:59:36:6c:aa:
ba:e0:5d:ad:e2:c1:b0:0a:99:6b:23:67:f4:1b:7d:16:e5:9e:
c5:ff:80:6c:48:cc:97:7f:3a:a6:5f:61:6f:ff:5c:07:ef:e0:
6c:fb:c6:b1:16:26:f2:d0:d1:ae:74:aa:3b:22:63:98:65:3b:
39:bc:f0:5c:c9:52:a7:b6:29:47:76:6d:08:ef:0a:a7:a0:98:
21:7f:aa:01:e7:c9:39:c8:80:05:f1:34:55:b0:90:97:d5:8d:
35:5c:9b:c5:0d:81:c8:91:44:11:ba:6e:80:f2:88:bf:e1:83:
ed:23:fb:f6:6c:4d:e6:d9:74:e1:9f:dd:f9:56:e2:f4:eb:e1:
49:d4:d3:3f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZRaEGU0M6aVGeDaLJqaMvwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTEyMTAzMDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQzMmU4NTBiOGQ4YjU2ZWZmY2Y1ODg1MDhlNmQ1ZmQxMzdkYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1tIFlQRAhgGnxSl9uhthazkJLD9
U20zfHalkFwXFIXxN1SEelU+U5A3lQd1wcwfMwnAUE2jN3JYcTm9r6QDn9HLxIN+
3CED556klnocq7B3kd8ZiudslkUj3t9hwjFpRbdkl2JQcPZnKfSv5RTyPQUBxXYT
FnmL5db2lRz1/WUFMfv8MNujt0SoNSACHgJpZbsyII+DFX+llDjirupKEuL4kbLs
k9D7LMfGAhrb7xdjpafErRmqdni4UQHBQ9vC4zTcUzSbwS2w0voIOrI+CPSX/hBC
hSd938alNQYCCf72SW1i40Jd+8t2I+EVUhItet84kD19beEo0wFiu5ShMwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCrTLoULjYtW7/z1iFCObV/RN9viMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvS3RNdWhRdU5pMWJ2X1BXSVVJNXRYOUUzMi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAowUZAwQA
owUhAwQAowUoAwQBowVuAwQAowV+AwQAowWAAwQAowWRAwQAowWlAwQAowX6MA0G
CSqGSIb3DQEBCwUAA4IBAQCuZCbBUL4ayEyhwoYeqHQnlrvNk4YD9rPBYJv+k+2b
fB2Bs6vt7WBIy7lJ0kfqhtlwPlaKmVzHVEyiYzjKDuACtUcCw6tjs4rnEJcuERrG
7YQQ1orKF2Is4xmwFnV5FvOR/hJTjLKKlB47v/GZ0OZnWE3dCO6buSQ2BFk2bKq6
4F2t4sGwCplrI2f0G30W5Z7F/4BsSMyXfzqmX2Fv/1wH7+Bs+8axFiby0NGudKo7
ImOYZTs5vPBcyVKntilHdm0I7wqnoJghf6oB58k5yIAF8TRVsJCX1Y01XJvFDYHI
kUQRum6A8oi/4YPtI/v2bE3m2XThn935VuL06+FJ1NM/
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:58:00 2025 by rpki-client