Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MWYfiYPKnth21mU4_rSb4_eTXtE.roa
File: MWYfiYPKnth21mU4_rSb4_eTXtE.roa (raw, json)
Hash identifier: 2+iu68Hba3r+gdln6ocQSjSpg80ROBDzgY9RhTdsrsw=
Subject key identifier: 31:66:1F:89:83:CA:9E:D8:76:D6:65:38:FE:B4:9B:E3:F7:93:5E:D1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018FD4511752B0C2F34D80A29F06D50D74EF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MWYfiYPKnth21mU4_rSb4_eTXtE.roa
Signing time: Sat 01 Jun 2024 15:00:35 +0000
ROA not before: Sat 01 Jun 2024 15:00:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 14:39:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d4:51:17:52:b0:c2:f3:4d:80:a2:9f:06:d5:0d:74:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 1 15:00:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31661f8983ca9ed876d66538feb49be3f7935ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ca:69:88:2d:37:1f:2c:73:a0:26:0d:4c:c7:
1f:d7:1d:d0:fe:bb:90:ec:02:8f:f1:ac:b0:a1:67:
1f:38:08:f0:67:a0:f9:19:44:f5:6b:b4:18:97:26:
8a:60:b1:ee:0b:71:f3:9e:71:93:60:18:78:6f:9a:
2a:02:d8:60:08:6f:6b:ab:f0:87:92:dd:61:6a:24:
bf:1c:19:2b:f3:18:f0:4a:42:cf:99:a9:f2:73:f5:
e3:94:7d:8e:4b:32:6f:af:a4:18:4a:7f:d3:17:ef:
d5:6e:78:88:57:ac:b4:c7:49:f4:16:7e:6c:4b:a0:
ba:10:f4:62:75:d6:61:0b:52:c3:69:08:3c:4e:7b:
d9:3e:3b:a2:bd:67:74:a8:f9:ea:ab:89:ac:a7:5b:
08:27:ea:98:78:46:96:b1:09:bb:b3:83:77:54:0e:
f0:a3:98:05:23:c8:a6:d5:9b:ac:ee:64:e6:27:a3:
34:1d:af:0c:16:ec:79:a5:17:2c:c8:0d:e2:cf:17:
56:7e:0c:7a:6e:d2:e8:1a:90:64:ce:b9:8e:b9:65:
6d:0a:1a:0e:2f:8d:9b:dc:b2:c4:d6:6c:2a:f0:e9:
6d:06:c2:0a:de:86:d9:00:99:25:3c:9b:6a:31:a4:
61:24:a8:3b:ad:53:05:6e:4f:70:e4:ae:20:77:7a:
96:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:66:1F:89:83:CA:9E:D8:76:D6:65:38:FE:B4:9B:E3:F7:93:5E:D1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MWYfiYPKnth21mU4_rSb4_eTXtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.110.0/23
163.5.126.0/24
163.5.128.0/24
163.5.145.0/24
163.5.212.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a4:e5:51:8b:5f:1d:3c:cf:56:f8:36:11:05:1b:5f:92:84:
59:a0:07:3e:e8:5c:d2:fe:56:78:66:0d:e7:5f:b1:c2:b4:b3:
3c:28:c1:6d:27:ad:66:95:f0:f7:1f:56:60:68:82:d9:62:75:
c8:05:f3:66:c7:1d:97:e0:38:5d:7a:8f:b1:f4:d8:37:ca:c4:
dd:c9:ac:df:25:40:1f:65:9e:a5:88:df:68:73:ee:8e:7c:8d:
d3:e2:1d:8c:05:9d:31:23:50:96:7d:53:81:42:98:eb:31:b2:
5f:d2:28:6e:c1:a4:c0:e5:47:81:5a:be:27:f2:c9:96:c9:10:
83:b5:d5:62:33:b7:ca:4c:a4:34:5c:77:fc:29:9d:fc:7d:fa:
f4:0c:fc:d1:bf:c8:12:81:24:51:73:7c:af:96:b6:03:8e:e5:
db:cc:79:10:a3:40:19:36:78:5b:ac:7d:6b:e4:3f:ab:c0:64:
0c:92:69:6b:f0:cb:fd:88:05:26:64:dc:7f:15:3f:5b:3f:b9:
65:29:a7:f7:bd:72:8d:e2:d8:d3:f2:6b:a8:13:54:c5:69:ea:
ad:40:54:5c:bd:27:26:41:87:ca:54:c9:7f:5c:72:d6:61:2f:
16:85:b5:0a:b2:49:4f:1a:55:7f:95:36:4c:32:ec:f7:4f:e9:
dd:6c:30:f3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY/UURdSsMLzTYCinwbVDXTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNjAxMTUwMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTY2MWY4OTgzY2E5ZWQ4NzZkNjY1MzhmZWI0OWJlM2Y3OTM1ZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMppiC03HyxzoCYNTMcf1x3Q/ruQ
7AKP8aywoWcfOAjwZ6D5GUT1a7QYlyaKYLHuC3HznnGTYBh4b5oqAthgCG9rq/CH
kt1haiS/HBkr8xjwSkLPmanyc/XjlH2OSzJvr6QYSn/TF+/VbniIV6y0x0n0Fn5s
S6C6EPRiddZhC1LDaQg8TnvZPjuivWd0qPnqq4msp1sIJ+qYeEaWsQm7s4N3VA7w
o5gFI8im1Zus7mTmJ6M0Ha8MFux5pRcsyA3izxdWfgx6btLoGpBkzrmOuWVtChoO
L42b3LLE1mwq8OltBsIK3obZAJklPJtqMaRhJKg7rVMFbk9w5K4gd3qWoQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDFmH4mDyp7YdtZlOP60m+P3k17RMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTVdZZmlZUEtudGgyMW1VNF9yU2I0X2VUWHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBowVuAwQA
owV+AwQAowWAAwQAowWRAwQAowXUAwQAowX6AwQAowX9MA0GCSqGSIb3DQEBCwUA
A4IBAQBHpOVRi18dPM9W+DYRBRtfkoRZoAc+6FzS/lZ4Zg3nX7HCtLM8KMFtJ61m
lfD3H1ZgaILZYnXIBfNmxx2X4Dhdeo+x9Ng3ysTdyazfJUAfZZ6liN9oc+6OfI3T
4h2MBZ0xI1CWfVOBQpjrMbJf0ihuwaTA5UeBWr4n8smWyRCDtdViM7fKTKQ0XHf8
KZ38ffr0DPzRv8gSgSRRc3yvlrYDjuXbzHkQo0AZNnhbrH1r5D+rwGQMkmlr8Mv9
iAUmZNx/FT9bP7llKaf3vXKN4tjT8muoE1TFaeqtQFRcvScmQYfKVMl/XHLWYS8W
hbUKsklPGlV/lTZMMuz3T+ndbDDz
-----END CERTIFICATE-----
Generated at Wed Jun 26 18:22:49 2024 by rpki-client on console-ams.rpki-client.org