Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/POUeLaq3zmNsj2g4kCNPsfW4eQY.roa
File: POUeLaq3zmNsj2g4kCNPsfW4eQY.roa (raw, json)
Hash identifier: 3DahPoZVYcTDf1ly2/nEksMVGRCQCcmjG+QiMEe7Ok8=
Subject key identifier: 3C:E5:1E:2D:AA:B7:CE:63:6C:8F:68:38:90:23:4F:B1:F5:B8:79:06
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01910A706A2BB24E8BDF3FA2FB1068F1C2ED
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/POUeLaq3zmNsj2g4kCNPsfW4eQY.roa
Signing time: Wed 31 Jul 2024 20:17:04 +0000
ROA not before: Wed 31 Jul 2024 20:17:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.118.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 22:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0a:70:6a:2b:b2:4e:8b:df:3f:a2:fb:10:68:f1:c2:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 31 20:17:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ce51e2daab7ce636c8f683890234fb1f5b87906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9f:2c:79:d9:f8:f2:d3:95:6e:45:94:86:92:
ff:cf:6e:ba:81:35:d7:1c:6a:5a:a7:87:76:fe:3f:
15:01:54:b4:a3:2c:e3:c3:ee:a0:b2:e7:cf:62:c6:
70:78:8b:20:45:6a:9a:5d:51:61:37:2c:78:db:7b:
55:85:61:06:a3:e9:35:1c:4d:33:c3:01:ae:d9:27:
e9:fc:3e:8d:d6:48:74:cd:82:de:a0:12:c2:f9:6b:
3e:b8:f6:cb:b0:35:12:4e:46:08:3f:5a:1e:77:4b:
3b:f4:47:dc:21:15:7b:67:38:7e:5d:c6:9e:3d:0a:
7c:42:b5:4f:b2:9f:89:d1:9e:7a:bc:9b:60:70:7f:
10:81:e2:fd:fe:59:91:13:b6:07:32:a2:86:ed:56:
e3:e3:68:21:49:b9:32:f4:06:a5:f5:ac:31:15:a5:
73:76:bc:c4:c9:bd:43:36:bc:d7:bc:57:55:72:32:
92:5b:d6:5d:2a:d0:46:e3:3d:54:3f:67:67:44:e8:
08:f6:bd:8c:a1:28:2d:d1:92:04:47:71:d3:ff:c9:
f2:b4:b2:16:0c:c1:1f:ba:72:00:06:fa:a7:88:56:
21:cc:aa:3c:ac:d1:9e:7a:fe:9e:33:cb:00:fb:0f:
63:50:42:12:65:b5:a7:1f:82:d5:83:e9:f2:b1:b1:
5a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E5:1E:2D:AA:B7:CE:63:6C:8F:68:38:90:23:4F:B1:F5:B8:79:06
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/POUeLaq3zmNsj2g4kCNPsfW4eQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.118.0/24
163.5.153.0-163.5.154.255
163.5.177.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:62:63:d1:48:a3:3f:3a:18:8a:f1:53:89:1a:11:3a:ac:d1:
1f:ac:fb:11:e8:d2:23:d6:27:c2:5a:37:fa:99:11:cc:0a:f8:
d5:6d:4d:fe:6a:b0:c0:f3:4f:6a:c2:4d:f4:8e:bb:ab:a5:d0:
66:42:f7:a8:96:5b:2c:67:e9:20:c7:4f:fb:c4:4f:8a:9e:69:
bf:30:34:9b:51:6f:18:ad:1c:fc:5d:70:38:fb:13:00:17:22:
e0:e7:5a:2e:44:13:53:37:cf:73:66:09:f1:73:25:80:51:b0:
a9:39:cc:ff:6b:3a:86:8b:ac:c4:7e:c5:29:a4:12:58:4e:a1:
00:06:ef:cd:e0:da:c1:be:67:71:7b:ed:38:f3:e1:e7:4c:a5:
62:6f:41:98:4f:44:18:cd:6e:ed:76:75:9c:fc:6f:6a:aa:a2:
7c:e9:3e:c7:76:af:b6:c7:1a:43:36:4e:55:6d:8a:8c:d0:50:
3f:d6:93:71:af:6b:a5:c7:74:68:47:7c:23:a3:eb:d9:eb:03:
1b:49:b0:67:49:60:ff:e3:2b:0a:b9:66:7b:0d:d2:57:3c:62:
71:ac:ed:ad:98:8d:06:a9:78:a3:a9:14:f1:a0:15:ff:a1:a7:
57:ca:0b:53:7f:57:63:02:4c:0e:99:04:90:36:04:80:97:57:
0b:52:0d:c6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZEKcGorsk6L3z+i+xBo8cLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzMxMjAxNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2U1MWUyZGFhYjdjZTYzNmM4ZjY4Mzg5MDIzNGZiMWY1Yjg3OTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsp8sedn48tOVbkWUhpL/z266gTXX
HGpap4d2/j8VAVS0oyzjw+6gsufPYsZweIsgRWqaXVFhNyx423tVhWEGo+k1HE0z
wwGu2Sfp/D6N1kh0zYLeoBLC+Ws+uPbLsDUSTkYIP1oed0s79EfcIRV7Zzh+Xcae
PQp8QrVPsp+J0Z56vJtgcH8QgeL9/lmRE7YHMqKG7Vbj42ghSbky9Aal9awxFaVz
drzEyb1DNrzXvFdVcjKSW9ZdKtBG4z1UP2dnROgI9r2MoSgt0ZIER3HT/8nytLIW
DMEfunIABvqniFYhzKo8rNGeev6eM8sA+w9jUEISZbWnH4LVg+nysbFaswIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDzlHi2qt85jbI9oOJAjT7H1uHkGMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUE9VZUxhcTN6bU5zajJnNGtDTlBzZlc0ZVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowV2MAwD
BACjBZkDBACjBZoDBACjBbEDBACjBfwwDQYJKoZIhvcNAQELBQADggEBAK1iY9FI
oz86GIrxU4kaETqs0R+s+xHo0iPWJ8JaN/qZEcwK+NVtTf5qsMDzT2rCTfSOu6ul
0GZC96iWWyxn6SDHT/vET4qeab8wNJtRbxitHPxdcDj7EwAXIuDnWi5EE1M3z3Nm
CfFzJYBRsKk5zP9rOoaLrMR+xSmkElhOoQAG783g2sG+Z3F77Tjz4edMpWJvQZhP
RBjNbu12dZz8b2qqonzpPsd2r7bHGkM2TlVtiozQUD/Wk3Gva6XHdGhHfCOj69nr
AxtJsGdJYP/jKwq5ZnsN0lc8YnGs7a2YjQapeKOpFPGgFf+hp1fKC1N/V2MCTA6Z
BJA2BICXVwtSDcY=
-----END CERTIFICATE-----
Generated at Fri Aug 23 00:20:33 2024 by rpki-client on console-ams.rpki-client.org