Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LMwMAObydN2PgzAm-He-DLQtht4.roa
File: LMwMAObydN2PgzAm-He-DLQtht4.roa (raw, json)
Hash identifier: 5uSznP6G/RGegPRF1sv/RSPEFomKM6qKnj+9aTqMCRY=
Subject key identifier: 2C:CC:0C:00:E6:F2:74:DD:8F:83:30:26:F8:77:BE:0C:B4:2D:86:DE
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0185C9985D081A916B478835C4F47A5CF19C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LMwMAObydN2PgzAm-He-DLQtht4.roa
Signing time: Thu 19 Jan 2023 10:34:43 +0000
ROA not before: Thu 19 Jan 2023 10:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Feb 2023 17:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:98:5d:08:1a:91:6b:47:88:35:c4:f4:7a:5c:f1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 19 10:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ccc0c00e6f274dd8f833026f877be0cb42d86de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9a:a6:5a:24:47:f5:67:2c:c9:aa:c4:32:93:
35:2f:d3:33:a6:63:11:c3:7d:13:3b:40:b0:4a:18:
e0:ec:de:3b:af:66:23:5b:9a:34:9a:79:2e:9b:30:
82:4c:d4:eb:c0:10:9b:6b:93:19:20:1d:6f:36:e4:
99:f4:a0:53:d2:fa:8e:48:3d:97:e4:1e:c0:ca:67:
74:8f:e1:53:0d:37:90:4f:d0:04:e3:32:20:77:7d:
49:4a:21:26:d2:21:1d:3b:e1:fa:78:8e:9a:ef:63:
8b:d1:06:7b:54:06:1e:4b:3e:b8:94:de:38:fb:e0:
77:d2:13:c9:62:f1:ff:c9:79:7c:7e:2a:47:3e:44:
f5:98:46:23:16:b4:d9:0a:ea:bf:8f:ca:cf:d5:2d:
6f:38:a8:3b:f1:fd:26:45:98:dd:43:be:81:f2:e3:
56:fe:1a:75:1c:fe:52:7c:c8:4c:d1:60:e7:4c:ef:
6c:8e:fd:14:64:73:82:0f:96:0f:5f:85:f3:7e:bf:
61:41:66:fa:fb:e6:20:f8:34:40:c4:9d:99:ba:6d:
6c:5b:06:63:03:3e:78:ec:df:84:84:23:e5:23:3c:
2f:24:90:fc:d8:35:b4:e4:6d:a4:5b:0c:42:2f:6f:
b9:68:8c:1c:b8:51:09:12:90:31:22:fb:a9:d5:93:
4b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CC:0C:00:E6:F2:74:DD:8F:83:30:26:F8:77:BE:0C:B4:2D:86:DE
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LMwMAObydN2PgzAm-He-DLQtht4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.38.0/24
163.5.120.0/24
163.5.143.0/24
163.5.154.0/24
163.5.192.0/24
163.5.214.0/24
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:f2:22:f2:bc:d0:6f:72:65:09:4c:3e:eb:f9:7d:0c:c4:07:
fe:6e:5f:dc:1a:87:8c:59:f6:2e:09:be:e3:14:aa:ee:32:8f:
db:07:e7:34:59:d5:b2:55:27:bc:d6:24:e9:e7:3b:ef:f4:0d:
1f:6f:0a:93:2b:72:9b:fa:b4:f5:28:96:aa:de:92:6c:d2:7b:
ff:41:3d:26:f6:fc:bb:ce:86:40:ea:dc:f7:28:ba:6c:f6:bb:
2e:82:29:b8:91:36:b4:b7:4a:52:62:85:ee:88:ae:d2:b9:36:
66:e6:a3:dd:03:1c:76:d0:7a:32:a9:f8:11:1c:98:cd:bd:2c:
10:16:9b:17:f6:05:5e:b2:1e:f4:07:3f:fb:5a:cf:a1:22:1c:
2b:03:f9:d5:40:e8:ca:5d:03:ef:9f:21:15:06:85:a8:9b:53:
78:4c:90:bf:28:99:27:ff:0c:60:76:31:d1:f5:14:b9:87:cb:
20:94:86:0c:f1:d1:85:f2:a7:4e:4d:41:eb:a0:36:47:91:81:
47:8e:bb:ef:14:b7:a5:39:e2:8c:0f:52:57:c2:7f:47:92:fa:
41:2e:0a:d8:2c:eb:ec:ba:6d:ef:04:80:9c:c7:4d:37:c7:c6:
1d:7a:b7:ac:40:1e:bc:84:d9:60:d5:20:4c:3f:be:ec:09:42:
1e:0a:51:0c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYXJmF0IGpFrR4g1xPR6XPGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTE5MTAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2NjMGMwMGU2ZjI3NGRkOGY4MzMwMjZmODc3YmUwY2I0MmQ4NmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJqmWiRH9WcsyarEMpM1L9MzpmMR
w30TO0CwShjg7N47r2YjW5o0mnkumzCCTNTrwBCba5MZIB1vNuSZ9KBT0vqOSD2X
5B7Aymd0j+FTDTeQT9AE4zIgd31JSiEm0iEdO+H6eI6a72OL0QZ7VAYeSz64lN44
++B30hPJYvH/yXl8fipHPkT1mEYjFrTZCuq/j8rP1S1vOKg78f0mRZjdQ76B8uNW
/hp1HP5SfMhM0WDnTO9sjv0UZHOCD5YPX4Xzfr9hQWb6++Yg+DRAxJ2Zum1sWwZj
Az547N+EhCPlIzwvJJD82DW05G2kWwxCL2+5aIwcuFEJEpAxIvup1ZNL4wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCzMDADm8nTdj4MwJvh3vgy0LYbeMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTE13TUFPYnlkTjJQZ3pBbS1IZS1ETFF0aHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowUmAwQA
owV4AwQAowWPAwQAowWaAwQAowXAAwQAowXWAwQAuf02MA0GCSqGSIb3DQEBCwUA
A4IBAQCh8iLyvNBvcmUJTD7r+X0MxAf+bl/cGoeMWfYuCb7jFKruMo/bB+c0WdWy
VSe81iTp5zvv9A0fbwqTK3Kb+rT1KJaq3pJs0nv/QT0m9vy7zoZA6tz3KLps9rsu
gim4kTa0t0pSYoXuiK7SuTZm5qPdAxx20HoyqfgRHJjNvSwQFpsX9gVesh70Bz/7
Ws+hIhwrA/nVQOjKXQPvnyEVBoWom1N4TJC/KJkn/wxgdjHR9RS5h8sglIYM8dGF
8qdOTUHroDZHkYFHjrvvFLelOeKMD1JXwn9HkvpBLgrYLOvsum3vBICcx003x8Yd
eresQB68hNlg1SBMP77sCUIeClEM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org