Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NtgShTbK3y3wCr_iDGqEbRXyUjw.roa
File: NtgShTbK3y3wCr_iDGqEbRXyUjw.roa (raw, json)
Hash identifier: aXwz6qxpY22H/h7BbY0WfjJPQOAXB4zvGDOm5mKKrn8=
Subject key identifier: 36:D8:12:85:36:CA:DF:2D:F0:0A:BF:E2:0C:6A:84:6D:15:F2:52:3C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018F8BC7E90B4145FFBE65670756AD787FA7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NtgShTbK3y3wCr_iDGqEbRXyUjw.roa
Signing time: Sat 18 May 2024 12:58:05 +0000
ROA not before: Sat 18 May 2024 12:58:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.31.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 10:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8b:c7:e9:0b:41:45:ff:be:65:67:07:56:ad:78:7f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 18 12:58:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36d8128536cadf2df00abfe20c6a846d15f2523c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ea:8c:82:bb:0d:b4:b6:57:ff:a4:66:10:48:
d4:81:2f:e9:7f:ae:6b:3b:a2:c3:30:ea:b2:84:06:
18:31:1d:bd:e5:5d:cd:42:ab:8b:40:99:50:c5:14:
38:15:1b:97:83:37:09:6f:43:41:2b:17:76:2a:83:
f1:25:be:e4:f7:f6:45:de:ff:9c:60:a3:64:38:32:
ce:8c:6d:90:14:97:69:16:dd:bb:67:d8:ca:72:0b:
31:90:b9:80:e4:e5:1e:c6:0f:c5:4d:f5:38:62:84:
70:43:2d:a9:ca:df:83:45:07:a1:98:ac:9b:ee:fb:
70:48:b3:12:6c:7e:05:27:87:14:58:0a:32:42:ba:
9a:61:50:e0:9d:78:df:8d:b7:33:30:6e:8e:b4:ab:
55:cb:81:a7:31:86:c0:3e:85:29:ed:ee:2c:49:22:
e6:9d:2a:99:9d:b6:a7:6d:09:f4:15:d6:4c:91:be:
e2:5e:35:b1:19:c7:9c:a4:b7:07:34:f9:e3:df:29:
00:95:3b:dd:9b:4b:ed:e6:5c:91:f3:9d:bd:a2:bf:
ff:ca:6d:ba:7e:b6:93:68:a2:9f:64:cc:92:71:2b:
0f:ac:b0:0d:c3:87:4d:ca:52:63:eb:75:f9:4e:b5:
9b:12:df:07:c3:e9:8d:72:f3:59:40:9d:ac:85:21:
fd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D8:12:85:36:CA:DF:2D:F0:0A:BF:E2:0C:6A:84:6D:15:F2:52:3C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NtgShTbK3y3wCr_iDGqEbRXyUjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.59.0/24
163.5.62.0/24
163.5.99.0/24
163.5.142.0/23
163.5.192.0/23
163.5.213.0-163.5.214.255
163.5.221.0/24
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c4:53:73:76:a0:63:3b:c9:ca:6a:7b:40:d8:28:90:51:dc:
e7:d5:d4:a0:fd:97:01:42:38:cd:8c:a0:95:f0:b5:08:3a:b1:
5f:d4:b2:07:c0:e3:5a:2d:98:d9:12:b4:5d:fa:e5:d5:b0:1b:
10:fe:9b:2a:84:be:a8:38:87:d5:47:61:d4:e1:b6:37:ef:2a:
d7:57:cd:59:2a:95:36:de:de:0a:c9:ff:13:55:ec:b6:98:c2:
81:1e:d0:f6:ab:42:c0:73:36:b3:b0:e8:eb:b0:da:c9:60:b3:
44:67:25:f9:02:8b:74:c5:9c:98:5f:ff:2e:80:66:d8:74:3a:
38:67:e9:cd:42:cc:0a:df:e0:3d:77:09:02:bc:0c:6e:a7:da:
8f:6b:bb:09:75:1d:3a:e9:63:14:6d:f6:c1:c8:fc:17:d4:f4:
54:ff:09:ee:02:fc:b1:bb:22:53:e0:2c:c4:bd:67:2a:f2:d4:
94:68:23:91:4e:ca:d7:e0:59:2a:09:1d:2b:8b:c3:69:25:34:
71:2d:62:05:7c:d6:99:0d:22:ff:a3:64:23:a5:c7:f0:2a:1c:
36:b2:aa:10:a6:fc:3b:10:0e:df:d3:70:56:60:2b:0a:35:e1:
9e:f9:7a:cb:06:03:56:4e:0b:cb:40:58:9a:b6:38:46:11:54:
e1:2c:48:22
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY+Lx+kLQUX/vmVnB1ateH+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTE4MTI1ODA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ4MTI4NTM2Y2FkZjJkZjAwYWJmZTIwYzZhODQ2ZDE1ZjI1MjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOqMgrsNtLZX/6RmEEjUgS/pf65r
O6LDMOqyhAYYMR295V3NQquLQJlQxRQ4FRuXgzcJb0NBKxd2KoPxJb7k9/ZF3v+c
YKNkODLOjG2QFJdpFt27Z9jKcgsxkLmA5OUexg/FTfU4YoRwQy2pyt+DRQehmKyb
7vtwSLMSbH4FJ4cUWAoyQrqaYVDgnXjfjbczMG6OtKtVy4GnMYbAPoUp7e4sSSLm
nSqZnbanbQn0FdZMkb7iXjWxGcecpLcHNPnj3ykAlTvdm0vt5lyR8529or//ym26
fraTaKKfZMyScSsPrLANw4dNylJj63X5TrWbEt8Hw+mNcvNZQJ2shSH9jQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFDbYEoU2yt8t8Aq/4gxqhG0V8lI8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTnRnU2hUYkszeTN3Q3JfaURHcUViUlh5VWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAowUfAwQA
owUjAwQAowU7AwQAowU+AwQAowVjAwQBowWOAwQBowXAMAwDBACjBdUDBACjBdYD
BACjBd0DBAC5/TYwDQYJKoZIhvcNAQELBQADggEBAJrEU3N2oGM7ycpqe0DYKJBR
3OfV1KD9lwFCOM2MoJXwtQg6sV/UsgfA41otmNkStF365dWwGxD+myqEvqg4h9VH
YdThtjfvKtdXzVkqlTbe3grJ/xNV7LaYwoEe0ParQsBzNrOw6Ouw2slgs0RnJfkC
i3TFnJhf/y6AZth0Ojhn6c1CzArf4D13CQK8DG6n2o9ruwl1HTrpYxRt9sHI/BfU
9FT/Ce4C/LG7IlPgLMS9Zyry1JRoI5FOytfgWSoJHSuLw2klNHEtYgV81pkNIv+j
ZCOlx/AqHDayqhCm/DsQDt/TcFZgKwo14Z75essGA1ZOC8tAWJq2OEYRVOEsSCI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:48 2025 by rpki-client