Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OV-tMDnd7TSVvgRdd6TjE1ZDxxc.roa
File: OV-tMDnd7TSVvgRdd6TjE1ZDxxc.roa (raw, json)
Hash identifier: nyie1vXv5+1TdCeIPijEJjB10eXPXubZirWYNQN/f9A=
Subject key identifier: 39:5F:AD:30:39:DD:ED:34:95:BE:04:5D:77:A4:E3:13:56:43:C7:17
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D5E5A4BEFAB47AA56FE1D2D6911171612
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OV-tMDnd7TSVvgRdd6TjE1ZDxxc.roa
Signing time: Wed 31 Jan 2024 07:09:52 +0000
ROA not before: Wed 31 Jan 2024 07:09:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 163.5.0.0/24 maxlen: 24
163.5.1.0/24 maxlen: 24
163.5.3.0/24 maxlen: 24
163.5.4.0/24 maxlen: 24
163.5.6.0/24 maxlen: 24
163.5.7.0/24 maxlen: 24
163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.14.0/24 maxlen: 24
163.5.15.0/24 maxlen: 24
163.5.16.0/24 maxlen: 24
163.5.17.0/24 maxlen: 24
163.5.18.0/24 maxlen: 24
163.5.19.0/24 maxlen: 24
163.5.21.0/24 maxlen: 24
163.5.22.0/24 maxlen: 24
163.5.25.0/24 maxlen: 24
163.5.26.0/24 maxlen: 24
163.5.27.0/24 maxlen: 24
163.5.28.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.54.0/24 maxlen: 24
163.5.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 13:33:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:5a:4b:ef:ab:47:aa:56:fe:1d:2d:69:11:17:16:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 31 07:09:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=395fad3039dded3495be045d77a4e3135643c717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c1:66:ff:44:b1:41:a6:e1:df:23:8e:51:d4:
93:76:9b:11:0c:04:f8:e3:3f:49:de:03:16:19:02:
34:0a:66:84:91:db:64:f3:c1:0b:02:10:6c:5d:76:
45:fa:e1:58:ab:66:15:98:7d:2c:2b:35:44:53:21:
f6:3b:8c:d2:b9:49:71:d5:e4:f0:cf:db:e5:a2:85:
d0:38:5c:aa:1c:ac:96:d7:0f:b1:45:ed:68:16:0f:
56:4b:64:bb:c2:b6:4f:9b:5b:5b:2d:34:67:ad:f8:
80:11:39:0a:22:e5:f6:26:b1:44:ed:ed:0d:04:67:
e9:e8:6e:4d:ac:88:28:f0:57:58:7f:ba:1e:67:23:
82:98:7b:dd:10:4e:17:ed:5e:06:ed:11:7c:56:d9:
37:6c:48:aa:18:15:0b:3d:f0:58:b2:c7:b9:b1:ae:
20:cb:1a:0b:7e:df:87:1d:61:19:65:49:08:49:fd:
16:4b:da:74:8a:29:11:ae:1b:43:e9:90:77:0f:ba:
3f:0e:91:c2:fb:43:dc:9a:a8:83:b2:b3:1a:df:53:
6c:60:c9:a7:60:9a:cf:9e:5d:83:b3:21:76:27:78:
3c:05:0d:32:32:c6:3d:78:2c:1b:d8:a9:3d:a8:55:
3a:34:ca:fa:98:c0:af:cb:59:1d:9b:dc:39:67:28:
69:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:5F:AD:30:39:DD:ED:34:95:BE:04:5D:77:A4:E3:13:56:43:C7:17
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OV-tMDnd7TSVvgRdd6TjE1ZDxxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.0.0/23
163.5.3.0-163.5.4.255
163.5.6.0-163.5.9.255
163.5.13.0-163.5.19.255
163.5.21.0-163.5.22.255
163.5.25.0-163.5.28.255
163.5.51.0/24
163.5.53.0-163.5.54.255
163.5.56.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:8b:f1:aa:b4:94:42:51:20:77:27:23:6d:c0:79:0d:f4:80:
33:24:79:50:31:41:5d:13:5a:1c:c0:fa:c7:73:6a:06:e5:06:
09:28:cb:4a:35:22:b6:4e:1c:d8:be:45:2e:8a:b9:d9:48:1c:
43:a3:b8:6d:8b:2d:6d:ea:bf:bf:9b:b9:6b:51:6d:27:86:dc:
7e:25:16:3c:fb:b4:27:95:80:8a:a4:0d:02:bc:66:9e:bb:f1:
70:79:c8:9f:38:66:d1:87:cc:9c:c6:f1:dc:1f:c4:59:96:5e:
c4:82:8c:d5:f8:cc:2c:70:fa:70:70:7b:74:ce:6c:6d:f3:40:
fc:d2:0a:29:3e:54:90:1e:5e:3c:9e:1c:63:e5:7f:47:b9:a7:
a5:f9:1f:08:04:d6:a0:87:38:6f:40:e4:c2:f6:ff:73:41:a7:
29:1a:0e:87:30:4f:62:ae:5f:f6:0b:88:14:83:7b:46:cb:99:
30:38:76:a7:91:b5:59:f7:7d:62:a5:bf:1e:8f:7d:da:9c:e8:
5a:dc:84:13:1d:60:90:51:4a:25:a0:4d:8f:8e:85:50:af:17:
d8:80:17:a5:88:4a:1b:c3:05:9c:06:28:a3:bf:d3:3b:5f:04:
35:8a:8b:ab:d8:e2:d0:2a:cd:d0:d2:a8:b6:f4:bd:8f:8e:c9:
21:d8:78:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY1eWkvvq0eqVv4dLWkRFxYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTMxMDcwOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTVmYWQzMDM5ZGRlZDM0OTViZTA0NWQ3N2E0ZTMxMzU2NDNjNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcFm/0SxQabh3yOOUdSTdpsRDAT4
4z9J3gMWGQI0CmaEkdtk88ELAhBsXXZF+uFYq2YVmH0sKzVEUyH2O4zSuUlx1eTw
z9vlooXQOFyqHKyW1w+xRe1oFg9WS2S7wrZPm1tbLTRnrfiAETkKIuX2JrFE7e0N
BGfp6G5NrIgo8FdYf7oeZyOCmHvdEE4X7V4G7RF8Vtk3bEiqGBULPfBYsse5sa4g
yxoLft+HHWEZZUkISf0WS9p0iikRrhtD6ZB3D7o/DpHC+0PcmqiDsrMa31NsYMmn
YJrPnl2DsyF2J3g8BQ0yMsY9eCwb2Kk9qFU6NMr6mMCvy1kdm9w5ZyhpJwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFDlfrTA53e00lb4EXXek4xNWQ8cXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvT1YtdE1EbmQ3VFNWdmdSZGQ2VGpFMVpEeHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBowUAMAwD
BACjBQMDBACjBQQwDAMEAaMFBgMEAaMFCDAMAwQAowUNAwQCowUQMAwDBACjBRUD
BACjBRYwDAMEAKMFGQMEAKMFHAMEAKMFMzAMAwQAowU1AwQAowU2AwQAowU4MA0G
CSqGSIb3DQEBCwUAA4IBAQBri/GqtJRCUSB3JyNtwHkN9IAzJHlQMUFdE1ocwPrH
c2oG5QYJKMtKNSK2ThzYvkUuirnZSBxDo7htiy1t6r+/m7lrUW0nhtx+JRY8+7Qn
lYCKpA0CvGaeu/FwecifOGbRh8ycxvHcH8RZll7EgozV+MwscPpwcHt0zmxt80D8
0gopPlSQHl48nhxj5X9Huael+R8IBNaghzhvQOTC9v9zQacpGg6HME9irl/2C4gU
g3tGy5kwOHankbVZ931ipb8ej33anOha3IQTHWCQUUoloE2PjoVQrxfYgBeliEob
wwWcBiijv9M7XwQ1iour2OLQKs3Q0qi29L2Pjskh2HiD
-----END CERTIFICATE-----
Generated at Wed Jan 31 17:42:53 2024 by rpki-client on console-fra.rpki-client.org