Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Q0Difw7H_80qGa0BbsDUERjBftM.roa
File: Q0Difw7H_80qGa0BbsDUERjBftM.roa (raw, json)
Hash identifier: POmO6VVqk3dPjoG4ZMPMqEEv87tfUucNRRi+7fz9fsQ=
Subject key identifier: 43:40:E2:7F:0E:C7:FF:CD:2A:19:AD:01:6E:C0:D4:11:18:C1:7E:D3
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018FB9433EDA38685AB882D90016BC9FCEE1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Q0Difw7H_80qGa0BbsDUERjBftM.roa
Signing time: Mon 27 May 2024 08:55:43 +0000
ROA not before: Mon 27 May 2024 08:55:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Jun 2024 15:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:43:3e:da:38:68:5a:b8:82:d9:00:16:bc:9f:ce:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 27 08:55:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4340e27f0ec7ffcd2a19ad016ec0d41118c17ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:23:96:f4:bb:27:8f:9c:6f:3d:3a:13:ad:2d:
4c:54:e3:59:70:d7:ed:8d:41:98:7b:47:01:52:b5:
46:f2:eb:60:fa:bf:5f:19:5a:24:11:69:9d:9b:48:
ee:29:7e:5f:6e:29:6b:87:33:0a:52:4f:0e:25:5c:
4d:b0:3b:a5:8d:23:8a:f2:e4:5d:71:25:5f:bc:1d:
be:31:1b:32:c6:c3:1f:cb:65:fb:f2:7d:d5:0a:c2:
d2:7d:40:70:84:d6:1e:37:89:46:6e:c8:68:2d:0f:
b1:31:21:29:77:e6:db:f2:78:08:26:7b:ed:de:f3:
dc:f4:98:06:34:1b:b7:8c:6f:dd:1f:cb:ca:d6:1f:
71:f0:37:68:cb:c3:ef:37:82:ce:f7:8a:24:6a:b3:
13:50:89:48:bf:e3:71:ff:d3:6d:9a:e5:44:33:9f:
26:04:ee:eb:24:54:f1:29:3e:24:a4:59:d3:e5:69:
3d:14:6d:1f:c1:23:01:21:6e:d8:f2:ad:8a:66:52:
ef:55:ac:ed:88:85:fc:35:96:c7:d8:76:8c:c0:3b:
02:26:46:ae:46:ee:42:b0:d1:20:a5:da:fd:07:88:
c4:40:43:99:c8:80:bf:f4:f9:f2:a8:a3:b9:1e:c3:
80:50:17:1b:22:40:c4:2d:b5:5a:e1:55:89:23:d5:
d7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:40:E2:7F:0E:C7:FF:CD:2A:19:AD:01:6E:C0:D4:11:18:C1:7E:D3
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Q0Difw7H_80qGa0BbsDUERjBftM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.110.0/23
163.5.126.0/24
163.5.128.0/24
163.5.145.0/24
163.5.162.0/24
163.5.212.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
28:c0:14:b2:f0:19:fb:e1:89:a7:24:39:b9:7c:7f:f3:75:dc:
11:7b:e7:91:08:1c:52:72:d9:3d:77:06:dc:c0:32:1a:a2:a1:
d0:7d:48:a0:cc:7c:b5:17:b9:66:8e:32:e5:53:e6:3b:f9:cd:
f8:6e:72:03:90:a2:06:3d:80:69:67:e3:a8:21:df:c0:52:8d:
00:e6:72:fd:02:3f:a5:48:a8:cb:e7:8b:28:93:6c:11:fc:90:
ba:bc:fe:df:bd:3b:db:3b:d3:d7:cc:a5:e5:9f:79:92:64:a9:
73:17:21:b2:bf:49:91:e0:72:f3:7a:35:14:89:84:9e:ec:15:
e8:2f:89:a9:36:34:35:34:48:87:e4:34:c2:77:2f:7a:b7:7a:
4f:dd:d6:bb:69:13:75:a4:61:1c:4c:2e:ca:61:fe:8a:7f:29:
71:7b:27:6c:05:93:e3:79:f9:40:fd:15:0b:14:a4:ab:17:58:
cb:f2:11:3e:bd:03:a3:60:0b:a6:76:85:6c:b8:19:c1:a6:e1:
6a:2c:39:df:27:49:50:cf:7a:49:cf:5f:87:d4:c5:a4:e5:4b:
79:27:cf:9d:c4:76:f2:14:93:8d:db:3f:c0:8e:1c:b1:9b:1b:
f3:9d:ea:7c:74:c9:31:b1:50:6e:47:ac:72:65:8f:6a:6a:7c:
61:7b:38:20
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY+5Qz7aOGhauILZABa8n87hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTI3MDg1NTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzQwZTI3ZjBlYzdmZmNkMmExOWFkMDE2ZWMwZDQxMTE4YzE3ZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCOW9Lsnj5xvPToTrS1MVONZcNft
jUGYe0cBUrVG8utg+r9fGVokEWmdm0juKX5fbilrhzMKUk8OJVxNsDuljSOK8uRd
cSVfvB2+MRsyxsMfy2X78n3VCsLSfUBwhNYeN4lGbshoLQ+xMSEpd+bb8ngIJnvt
3vPc9JgGNBu3jG/dH8vK1h9x8Ddoy8PvN4LO94okarMTUIlIv+Nx/9NtmuVEM58m
BO7rJFTxKT4kpFnT5Wk9FG0fwSMBIW7Y8q2KZlLvVaztiIX8NZbH2HaMwDsCJkau
Ru5CsNEgpdr9B4jEQEOZyIC/9PnyqKO5HsOAUBcbIkDELbVa4VWJI9XXCwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFENA4n8Ox//NKhmtAW7A1BEYwX7TMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUTBEaWZ3N0hfODBxR2EwQmJzRFVFUmpCZnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBowVuAwQA
owV+AwQAowWAAwQAowWRAwQAowWiAwQAowXUAwQAowX6AwQAowX9MA0GCSqGSIb3
DQEBCwUAA4IBAQAowBSy8Bn74YmnJDm5fH/zddwRe+eRCBxSctk9dwbcwDIaoqHQ
fUigzHy1F7lmjjLlU+Y7+c34bnIDkKIGPYBpZ+OoId/AUo0A5nL9Aj+lSKjL54so
k2wR/JC6vP7fvTvbO9PXzKXln3mSZKlzFyGyv0mR4HLzejUUiYSe7BXoL4mpNjQ1
NEiH5DTCdy96t3pP3da7aRN1pGEcTC7KYf6KfylxeydsBZPjeflA/RULFKSrF1jL
8hE+vQOjYAumdoVsuBnBpuFqLDnfJ0lQz3pJz1+H1MWk5Ut5J8+dxHbyFJON2z/A
jhyxmxvznep8dMkxsVBuR6xyZY9qanxhezgg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:31 2024 by rpki-client on console-ams.rpki-client.org