Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PKH8eYLHX7FeGDyxNSfo02pkjPk.roa
File: PKH8eYLHX7FeGDyxNSfo02pkjPk.roa (raw, json)
Hash identifier: 4m6ZttljAnP5+D18I/po1K9UB6/O1xERzqAOjtW4lIA=
Subject key identifier: 3C:A1:FC:79:82:C7:5F:B1:5E:18:3C:B1:35:27:E8:D3:6A:64:8C:F9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01922F4D9ED258396365B675362D29887E1E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PKH8eYLHX7FeGDyxNSfo02pkjPk.roa
Signing time: Thu 26 Sep 2024 17:07:49 +0000
ROA not before: Thu 26 Sep 2024 17:07:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 163.5.31.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2f:4d:9e:d2:58:39:63:65:b6:75:36:2d:29:88:7e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 26 17:07:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ca1fc7982c75fb15e183cb13527e8d36a648cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:05:e1:b2:1f:36:e0:e5:06:be:87:5b:c7:31:
c9:6a:ba:ca:b6:75:75:4a:85:6b:f9:17:e7:f8:17:
34:fd:f7:55:25:1c:e7:69:92:8b:af:5e:7a:67:02:
94:a5:ea:72:57:e1:89:d8:7a:5d:98:f7:d7:62:c7:
f4:a6:9a:63:2b:41:f0:84:e1:5b:b4:8b:b8:d9:95:
48:4e:9f:2a:20:1a:ca:79:32:63:cc:04:29:37:c9:
78:8a:f3:a9:9c:19:57:a0:2a:87:a2:89:e0:7a:e7:
1d:15:de:62:56:a4:34:10:ff:f4:c4:72:8f:50:77:
ca:1d:b8:07:1e:a0:70:d4:0b:59:8c:5a:69:26:ca:
61:42:94:ff:72:01:be:8f:1c:2e:13:1a:17:4f:53:
9a:fb:aa:e0:81:87:8e:0c:57:b8:63:d9:9b:d4:9d:
9e:50:ee:a2:c6:0d:94:4b:a4:07:3f:f2:c6:e1:5a:
a6:e6:f9:78:de:a5:71:7f:c6:57:66:0d:8b:94:c2:
2b:53:88:3f:fd:26:84:df:aa:91:d3:6e:3d:91:8c:
3d:7c:92:b6:fc:17:38:ce:fd:44:2f:23:ca:74:4d:
5b:0c:b3:b6:db:f0:8f:2b:2f:a9:57:ef:2a:00:30:
af:d5:7f:55:05:9a:28:f3:ee:57:1f:e4:a7:74:f6:
0f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A1:FC:79:82:C7:5F:B1:5E:18:3C:B1:35:27:E8:D3:6A:64:8C:F9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PKH8eYLHX7FeGDyxNSfo02pkjPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.62.0/24
163.5.192.0/23
163.5.195.0/24
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
5c:d1:55:28:62:c7:31:4b:80:d2:a0:e8:5f:19:7e:14:a0:13:
75:15:32:99:2a:0c:af:67:10:12:1d:a1:e6:3e:e2:71:24:4d:
21:f4:9e:9e:1b:43:00:4b:cb:8d:b8:1c:46:0a:41:a8:ba:7a:
a8:61:a3:b4:2c:fb:26:d4:85:21:0d:f7:7f:8f:ff:df:20:c9:
ae:df:f4:99:08:9b:dc:e1:49:cb:35:ef:b0:18:ca:70:b4:97:
9f:3c:3e:3f:c1:ae:a9:72:5c:a0:37:14:ce:e2:69:ce:dd:00:
50:ea:74:a1:9c:ac:71:97:e6:30:14:5c:fd:b8:09:5a:90:55:
24:04:cf:82:7f:89:24:5d:b5:cc:b6:43:72:e0:f0:9b:72:7d:
83:ce:34:93:b0:99:82:b6:34:82:9c:37:36:12:71:e5:5d:5a:
c1:4f:51:f7:6e:0f:9d:a8:bb:de:bb:18:c3:5a:eb:63:61:72:
0a:d5:bf:c2:1e:d5:09:ce:5d:a9:eb:34:37:7f:94:69:5b:ea:
18:92:20:ce:0e:35:e6:91:8f:14:90:93:be:c6:95:e5:44:e4:
e3:45:08:bf:39:60:45:fc:8d:4d:44:56:4d:1d:49:84:f5:9f:
f0:e3:b0:3b:1e:2f:6a:94:86:cb:b0:2c:16:4f:b5:c1:41:20:
94:eb:ba:f3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZIvTZ7SWDljZbZ1Ni0piH4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTI2MTcwNzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ExZmM3OTgyYzc1ZmIxNWUxODNjYjEzNTI3ZThkMzZhNjQ4Y2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gXhsh824OUGvodbxzHJarrKtnV1
SoVr+Rfn+Bc0/fdVJRznaZKLr156ZwKUpepyV+GJ2HpdmPfXYsf0pppjK0HwhOFb
tIu42ZVITp8qIBrKeTJjzAQpN8l4ivOpnBlXoCqHoongeucdFd5iVqQ0EP/0xHKP
UHfKHbgHHqBw1AtZjFppJsphQpT/cgG+jxwuExoXT1Oa+6rggYeODFe4Y9mb1J2e
UO6ixg2US6QHP/LG4Vqm5vl43qVxf8ZXZg2LlMIrU4g//SaE36qR0249kYw9fJK2
/Bc4zv1ELyPKdE1bDLO22/CPKy+pV+8qADCv1X9VBZoo8+5XH+SndPYPmwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDyh/HmCx1+xXhg8sTUn6NNqZIz5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUEtIOGVZTEhYN0ZlR0R5eE5TZm8wMnBralBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowUfAwQA
owU+AwQBowXAAwQAowXDMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEB
AFzRVShixzFLgNKg6F8ZfhSgE3UVMpkqDK9nEBIdoeY+4nEkTSH0np4bQwBLy424
HEYKQai6eqhho7Qs+ybUhSEN93+P/98gya7f9JkIm9zhScs177AYynC0l588Pj/B
rqlyXKA3FM7iac7dAFDqdKGcrHGX5jAUXP24CVqQVSQEz4J/iSRdtcy2Q3Lg8Jty
fYPONJOwmYK2NIKcNzYSceVdWsFPUfduD52ou967GMNa62NhcgrVv8Ie1QnOXanr
NDd/lGlb6hiSIM4ONeaRjxSQk77GleVE5ONFCL85YEX8jU1EVk0dSYT1n/DjsDse
L2qUhsuwLBZPtcFBIJTruvM=
-----END CERTIFICATE-----
Generated at Thu Nov 7 22:52:09 2024 by rpki-client on console-fra.rpki-client.org