Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Q9YonBkPblIQW4IivD65hwPK9qU.roa
File: Q9YonBkPblIQW4IivD65hwPK9qU.roa (raw, json)
Hash identifier: scGOloxOFi0VrTQdB4ZOSkxct2uomfb5YpDo8O3jj2U=
Subject key identifier: 43:D6:28:9C:19:0F:6E:52:10:5B:82:22:BC:3E:B9:87:03:CA:F6:A5
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018FC065B777DDCFD2B310BBCE903277FE44
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Q9YonBkPblIQW4IivD65hwPK9qU.roa
Signing time: Tue 28 May 2024 18:10:42 +0000
ROA not before: Tue 28 May 2024 18:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 163.5.29.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jun 2024 18:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c0:65:b7:77:dd:cf:d2:b3:10:bb:ce:90:32:77:fe:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 28 18:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43d6289c190f6e52105b8222bc3eb98703caf6a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1c:3d:6d:c3:8e:49:bb:99:77:65:bb:4c:c2:
35:24:5f:61:00:5c:38:f0:12:82:54:87:79:2b:71:
22:9d:85:22:da:57:f0:87:0a:d1:67:dd:2d:be:c2:
a7:b4:a3:97:ef:76:40:26:51:ed:f2:2e:9e:14:5c:
da:13:72:47:92:7d:96:ef:42:a9:a0:dc:f0:97:11:
4d:b3:fe:6b:f6:8a:f3:73:2f:9e:71:37:4f:53:89:
d0:c3:1c:57:d2:52:24:16:d0:8d:8c:d6:b4:d5:81:
a2:8f:fd:ac:b5:d2:cf:64:7d:1f:04:cc:55:fa:a9:
d8:12:cb:88:78:89:52:2a:17:8f:4a:4e:43:e5:40:
b6:ae:3d:f5:03:b6:4e:01:89:da:97:6e:f0:56:4f:
0a:f4:34:46:ca:0f:6b:82:61:81:b0:af:c1:da:fe:
cd:ef:78:fa:fe:51:1d:c1:f4:35:92:38:73:b2:96:
61:63:23:84:01:41:0f:88:5f:48:4d:13:08:1b:91:
3b:06:fe:f8:71:ba:8c:52:c6:49:97:d5:7b:27:b2:
d8:1f:09:c9:2a:bb:02:7b:f8:28:20:bb:93:75:af:
22:d9:a3:d7:8c:ba:67:99:8d:72:62:b1:0a:5b:d6:
82:35:ce:84:af:95:ce:21:c4:df:81:5f:b0:3a:8a:
63:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D6:28:9C:19:0F:6E:52:10:5B:82:22:BC:3E:B9:87:03:CA:F6:A5
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Q9YonBkPblIQW4IivD65hwPK9qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.29.0/24
163.5.132.0/24
163.5.158.0/24
163.5.173.0/24
163.5.200.0/24
163.5.206.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:11:0f:d6:75:11:a9:12:26:d9:47:39:7f:de:e8:94:f7:b0:
d4:7d:ea:45:74:15:08:cc:b7:0d:26:57:41:f9:fa:3b:47:f1:
ce:08:ee:8d:62:3a:62:b8:79:a8:b1:00:f4:97:cb:cb:46:3f:
bc:60:b2:8c:ef:5a:c9:6e:54:c3:42:f9:1c:1b:64:79:57:8c:
9a:4d:25:c6:81:49:60:9c:18:61:6d:a4:15:66:ab:60:cb:a7:
fb:2c:dd:0c:ff:99:bb:48:b9:d0:d6:ba:e5:b7:bf:95:84:c0:
71:ca:02:b1:1a:dc:0d:f7:6c:7f:2c:5a:f6:55:50:dd:04:1b:
76:06:ee:8d:db:1a:2a:90:4c:80:cf:2d:50:37:3c:07:f6:70:
69:87:44:fc:cd:a5:09:b9:46:d0:49:fc:c0:61:33:07:15:1d:
44:15:da:59:26:0d:fe:46:13:a9:d0:aa:e7:2f:11:de:19:29:
52:44:df:88:cb:fe:94:3e:7a:f2:92:25:23:c5:9a:b2:34:f9:
a4:a7:7c:81:cd:39:8b:52:cd:d2:89:e1:3a:bb:79:81:66:18:
a1:54:8e:45:6e:fa:dc:16:31:ed:b8:b0:51:e2:1f:ca:80:86:
54:2c:93:f1:64:1c:6d:74:99:d5:2c:24:60:45:11:05:f9:a1:
79:37:19:7e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY/AZbd33c/SsxC7zpAyd/5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTI4MTgxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Q2Mjg5YzE5MGY2ZTUyMTA1YjgyMjJiYzNlYjk4NzAzY2FmNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxw9bcOOSbuZd2W7TMI1JF9hAFw4
8BKCVId5K3EinYUi2lfwhwrRZ90tvsKntKOX73ZAJlHt8i6eFFzaE3JHkn2W70Kp
oNzwlxFNs/5r9orzcy+ecTdPU4nQwxxX0lIkFtCNjNa01YGij/2stdLPZH0fBMxV
+qnYEsuIeIlSKhePSk5D5UC2rj31A7ZOAYnal27wVk8K9DRGyg9rgmGBsK/B2v7N
73j6/lEdwfQ1kjhzspZhYyOEAUEPiF9ITRMIG5E7Bv74cbqMUsZJl9V7J7LYHwnJ
KrsCe/goILuTda8i2aPXjLpnmY1yYrEKW9aCNc6Er5XOIcTfgV+wOopjhQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEPWKJwZD25SEFuCIrw+uYcDyvalMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUTlZb25Ca1BibElRVzRJaXZENjVod1BLOXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowUdAwQA
owWEAwQAowWeAwQAowWtAwQAowXIAwQAowXOMA0GCSqGSIb3DQEBCwUAA4IBAQBc
EQ/WdRGpEibZRzl/3uiU97DUfepFdBUIzLcNJldB+fo7R/HOCO6NYjpiuHmosQD0
l8vLRj+8YLKM71rJblTDQvkcG2R5V4yaTSXGgUlgnBhhbaQVZqtgy6f7LN0M/5m7
SLnQ1rrlt7+VhMBxygKxGtwN92x/LFr2VVDdBBt2Bu6N2xoqkEyAzy1QNzwH9nBp
h0T8zaUJuUbQSfzAYTMHFR1EFdpZJg3+RhOp0KrnLxHeGSlSRN+Iy/6UPnrykiUj
xZqyNPmkp3yBzTmLUs3SieE6u3mBZhihVI5FbvrcFjHtuLBR4h/KgIZULJPxZBxt
dJnVLCRgRREF+aF5Nxl+
-----END CERTIFICATE-----
Generated at Wed Jun 12 19:06:58 2024 by rpki-client on console-fra.rpki-client.org