Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PXqinTSM4hTC0t_4OiAD6rryNAU.roa
File: PXqinTSM4hTC0t_4OiAD6rryNAU.roa (raw, json)
Hash identifier: rHlV6UXnvYpgJf56mLPKBAG++HFW95+kwiETgsuzAv8=
Subject key identifier: 3D:7A:A2:9D:34:8C:E2:14:C2:D2:DF:F8:3A:20:03:EA:BA:F2:34:05
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0187643DC589EE36A6F9EE871C376278A8FD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PXqinTSM4hTC0t_4OiAD6rryNAU.roa
Signing time: Sun 09 Apr 2023 04:19:42 +0000
ROA not before: Sun 09 Apr 2023 04:19:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56913
IP address blocks: 163.5.70.0/24 maxlen: 24
163.5.77.0/24 maxlen: 24
163.5.78.0/24 maxlen: 24
163.5.72.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.29.0/24 maxlen: 24
163.5.63.0/24 maxlen: 24
163.5.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Apr 2023 09:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:64:3d:c5:89:ee:36:a6:f9:ee:87:1c:37:62:78:a8:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 9 04:19:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d7aa29d348ce214c2d2dff83a2003eabaf23405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0e:0f:0d:db:a4:c4:3f:09:94:5e:74:a1:49:
cb:c7:9f:4a:30:72:45:33:00:a7:fd:99:98:19:52:
48:5b:3d:bb:46:0e:b9:6e:93:16:a4:e9:42:7c:8b:
8c:c2:55:00:73:69:e3:48:f1:33:d0:48:a4:d1:f4:
2b:06:e5:91:29:24:56:db:44:15:b9:e9:6f:96:bc:
0f:2d:2c:26:fd:19:17:4d:96:7c:7f:83:5d:82:a8:
68:6a:9e:a3:43:d8:6a:a4:59:02:7d:74:29:d2:a2:
c0:e8:6d:3d:75:e3:c0:f7:5a:f5:cd:28:74:4c:fb:
e1:28:77:47:ec:67:88:f7:aa:46:ba:d8:43:af:86:
ad:de:ca:ca:f7:9b:3e:16:48:0a:17:30:5b:a8:4a:
3d:79:70:30:0b:2c:93:de:65:e7:cb:55:15:50:88:
8c:a9:d6:e0:3e:8f:ef:a0:8b:8b:49:93:f5:0d:f2:
5e:bf:0a:a2:cc:41:7b:0a:3d:a0:8c:18:61:be:bd:
a3:a1:f7:7f:0d:34:d7:78:77:c3:48:73:d5:39:ea:
fd:11:34:27:1f:22:6c:c1:7b:af:ba:c7:70:52:81:
4a:77:0c:83:df:cc:fa:4f:0d:66:73:1f:e4:ea:f0:
96:cb:00:cb:3e:62:54:9b:72:5b:22:34:c1:7f:53:
f6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7A:A2:9D:34:8C:E2:14:C2:D2:DF:F8:3A:20:03:EA:BA:F2:34:05
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PXqinTSM4hTC0t_4OiAD6rryNAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.29.0/24
163.5.63.0-163.5.64.255
163.5.70.0/24
163.5.72.0/24
163.5.77.0-163.5.78.255
163.5.88.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:1a:7b:e0:03:47:93:60:cc:0a:1f:5c:ea:f7:89:82:42:96:
e0:19:fa:85:cc:21:71:98:f5:bf:19:23:de:73:08:e9:7c:de:
ca:87:be:c3:7c:3d:ef:7b:e1:7a:82:2a:a8:c3:29:50:ec:f7:
4a:5f:d8:08:a0:c3:23:79:36:68:cd:65:29:14:31:14:e2:5e:
7b:0d:88:46:a5:30:be:35:1f:01:84:7f:3b:03:a7:3f:78:72:
b1:59:1d:58:4d:a0:e7:44:74:c7:ba:aa:a9:52:81:8e:7a:c6:
7c:cc:15:38:6d:33:de:2a:2a:f9:12:b5:93:ba:2f:24:2d:50:
13:df:7f:52:d9:ab:5f:88:05:1b:2a:ce:b5:cd:70:e3:f9:f2:
90:db:c8:e6:59:2a:b2:a2:56:ad:a2:5b:18:d9:19:3a:41:27:
db:59:3d:6a:1f:18:7d:3b:7a:97:8e:68:80:5d:32:17:79:4f:
8c:57:e3:01:d6:6b:69:d5:cf:36:eb:b2:d7:d4:22:81:fe:cc:
52:7c:98:7b:ea:a2:85:9e:ec:c3:15:78:db:16:47:eb:97:66:
ce:aa:46:0c:1b:d0:1f:4f:49:d8:45:e2:20:97:ef:b5:27:7c:
0b:f2:a7:79:20:12:fb:e7:3b:56:e8:98:61:13:80:e3:9b:6e:
8d:74:7e:4f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYdkPcWJ7jam+e6HHDdieKj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDA5MDQxOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDdhYTI5ZDM0OGNlMjE0YzJkMmRmZjgzYTIwMDNlYWJhZjIzNDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ4PDdukxD8JlF50oUnLx59KMHJF
MwCn/ZmYGVJIWz27Rg65bpMWpOlCfIuMwlUAc2njSPEz0Eik0fQrBuWRKSRW20QV
uelvlrwPLSwm/RkXTZZ8f4Ndgqhoap6jQ9hqpFkCfXQp0qLA6G09dePA91r1zSh0
TPvhKHdH7GeI96pGuthDr4at3srK95s+FkgKFzBbqEo9eXAwCyyT3mXny1UVUIiM
qdbgPo/voIuLSZP1DfJevwqizEF7Cj2gjBhhvr2jofd/DTTXeHfDSHPVOer9ETQn
HyJswXuvusdwUoFKdwyD38z6Tw1mcx/k6vCWywDLPmJUm3JbIjTBf1P2owIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFD16op00jOIUwtLf+DogA+q68jQFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUFhxaW5UU000aFRDMHRfNE9pQUQ2cnJ5TkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAowUdMAwD
BACjBT8DBACjBUADBACjBUYDBACjBUgwDAMEAKMFTQMEAKMFTgMEAaMFWDANBgkq
hkiG9w0BAQsFAAOCAQEAqRp74ANHk2DMCh9c6veJgkKW4Bn6hcwhcZj1vxkj3nMI
6Xzeyoe+w3w973vheoIqqMMpUOz3Sl/YCKDDI3k2aM1lKRQxFOJeew2IRqUwvjUf
AYR/OwOnP3hysVkdWE2g50R0x7qqqVKBjnrGfMwVOG0z3ioq+RK1k7ovJC1QE99/
UtmrX4gFGyrOtc1w4/nykNvI5lkqsqJWraJbGNkZOkEn21k9ah8YfTt6l45ogF0y
F3lPjFfjAdZradXPNuuy19Qigf7MUnyYe+qihZ7swxV42xZH65dmzqpGDBvQH09J
2EXiIJfvtSd8C/KneSAS++c7VuiYYROA45tujXR+Tw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org