Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OmhKlkw37E8h9-Aj5CCd-oPbwrM.roa
File: OmhKlkw37E8h9-Aj5CCd-oPbwrM.roa (raw, json)
Hash identifier: OXlqONWqb6Wf1mQZSzWHYLEOeLfNq5h53h/8qSvFqcY=
Subject key identifier: 3A:68:4A:96:4C:37:EC:4F:21:F7:E0:23:E4:20:9D:FA:83:DB:C2:B3
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01917C3BDAC6A4BAB5943C8E1ABBA409AEA9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OmhKlkw37E8h9-Aj5CCd-oPbwrM.roa
Signing time: Thu 22 Aug 2024 22:36:22 +0000
ROA not before: Thu 22 Aug 2024 22:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.118.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 16:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7c:3b:da:c6:a4:ba:b5:94:3c:8e:1a:bb:a4:09:ae:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 22 22:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a684a964c37ec4f21f7e023e4209dfa83dbc2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f9:20:e5:eb:af:d8:6b:a7:ea:37:23:b2:f9:
0f:df:56:02:c7:33:b3:58:8e:3e:da:d8:42:4e:41:
19:0a:2b:14:65:80:54:d8:23:02:8f:6a:a7:54:b0:
d1:68:e7:a4:17:79:38:e7:a5:55:00:45:14:54:43:
84:5c:74:02:62:5b:f0:11:a7:2c:17:76:fd:63:1c:
34:99:db:1c:89:c3:4c:a8:39:a4:1f:c7:38:54:c3:
d2:ba:06:e1:78:20:3e:56:6d:dd:df:69:7d:3e:e4:
da:1e:0e:c4:90:7c:3d:96:b0:9b:d1:58:91:32:90:
df:cc:21:c2:53:47:b2:4b:2c:1c:6d:6f:31:6c:fa:
f0:8f:6a:e0:f3:81:13:96:f8:e8:76:af:e8:77:3b:
99:b4:94:50:4b:b5:52:74:50:8a:73:08:07:64:4d:
de:35:54:7d:fa:c6:ca:93:13:b6:da:4f:b8:34:f3:
f1:23:1c:ab:c0:d0:18:f1:47:eb:d7:27:87:27:6d:
8d:ef:43:95:70:1a:00:4c:89:49:d1:e3:7a:d0:8c:
95:56:fe:55:a0:1b:a2:ae:8d:05:4f:7f:99:3d:68:
24:d2:db:69:b6:b4:3f:48:bc:96:74:de:21:c1:8b:
05:cf:71:08:50:98:ef:f5:79:93:1e:86:9d:9a:29:
2c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:68:4A:96:4C:37:EC:4F:21:F7:E0:23:E4:20:9D:FA:83:DB:C2:B3
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OmhKlkw37E8h9-Aj5CCd-oPbwrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.118.0/24
163.5.153.0-163.5.154.255
163.5.173.0/24
163.5.177.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:6c:8a:ca:be:30:14:4c:e9:ff:29:dc:99:94:a6:39:d7:c9:
26:e0:f6:b0:ae:f9:51:65:5e:f3:03:86:01:fc:5c:e2:8e:6d:
47:4e:d4:ef:86:39:df:6a:35:da:d0:b1:47:5c:cf:97:73:84:
66:f2:5d:8c:88:13:4e:04:2a:75:62:ac:ea:65:a5:61:a6:e4:
27:93:ab:a3:0c:5d:e3:16:2c:a5:c3:8f:90:02:46:e9:7c:bc:
a8:2f:9b:22:47:1e:5c:b6:c9:d6:2c:cd:6c:39:9d:4c:70:62:
ec:39:53:c4:79:7c:fe:05:7c:53:66:13:07:c4:20:7e:5e:b7:
76:06:18:8d:8e:12:1c:67:c6:1e:57:be:70:26:66:3e:67:f1:
85:41:9a:c5:a1:19:22:32:35:12:a8:19:b2:56:01:7e:eb:38:
56:96:17:83:ff:86:3b:75:fb:64:28:0c:8e:1b:a3:26:2f:be:
83:ac:5e:cf:ce:bc:31:f3:cd:75:d1:ab:36:ec:f4:12:f3:e9:
92:22:a1:bb:bf:dd:98:7a:6b:7f:a3:37:1f:14:8a:58:5d:4e:
ff:6d:71:fe:3f:a5:48:12:b4:d0:9e:09:ca:f0:2a:1c:87:75:
a7:ba:15:71:06:ed:72:f6:b0:7f:2a:60:0b:af:89:b1:51:a7:
7f:22:e7:64
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZF8O9rGpLq1lDyOGrukCa6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwODIyMjIzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY4NGE5NjRjMzdlYzRmMjFmN2UwMjNlNDIwOWRmYTgzZGJjMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/kg5euv2Gun6jcjsvkP31YCxzOz
WI4+2thCTkEZCisUZYBU2CMCj2qnVLDRaOekF3k456VVAEUUVEOEXHQCYlvwEacs
F3b9Yxw0mdscicNMqDmkH8c4VMPSugbheCA+Vm3d32l9PuTaHg7EkHw9lrCb0ViR
MpDfzCHCU0eySywcbW8xbPrwj2rg84ETlvjodq/odzuZtJRQS7VSdFCKcwgHZE3e
NVR9+sbKkxO22k+4NPPxIxyrwNAY8Ufr1yeHJ22N70OVcBoATIlJ0eN60IyVVv5V
oBuiro0FT3+ZPWgk0ttptrQ/SLyWdN4hwYsFz3EIUJjv9XmTHoadmiksVQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDpoSpZMN+xPIffgI+QgnfqD28KzMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvT21oS2xrdzM3RThoOS1BajVDQ2Qtb1Bid3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowV2MAwD
BACjBZkDBACjBZoDBACjBa0DBACjBbEDBACjBfwwDQYJKoZIhvcNAQELBQADggEB
AKZsisq+MBRM6f8p3JmUpjnXySbg9rCu+VFlXvMDhgH8XOKObUdO1O+GOd9qNdrQ
sUdcz5dzhGbyXYyIE04EKnVirOplpWGm5CeTq6MMXeMWLKXDj5ACRul8vKgvmyJH
Hly2ydYszWw5nUxwYuw5U8R5fP4FfFNmEwfEIH5et3YGGI2OEhxnxh5XvnAmZj5n
8YVBmsWhGSIyNRKoGbJWAX7rOFaWF4P/hjt1+2QoDI4boyYvvoOsXs/OvDHzzXXR
qzbs9BLz6ZIiobu/3Zh6a3+jNx8UilhdTv9tcf4/pUgStNCeCcrwKhyHdae6FXEG
7XL2sH8qYAuvibFRp38i52Q=
-----END CERTIFICATE-----
Generated at Thu Sep 5 18:20:21 2024 by rpki-client on console-fra.rpki-client.org