Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/R5BQOxRCEWH8jRQcgb0DbTsRMOo.roa
File: R5BQOxRCEWH8jRQcgb0DbTsRMOo.roa (raw, json)
Hash identifier: 5PQUChK65aM7EAIfDfKdh3Wwd/Cfby77sbRGcp4cKHQ=
Subject key identifier: 47:90:50:3B:14:42:11:61:FC:8D:14:1C:81:BD:03:6D:3B:11:30:EA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D183CC32F0F58B9E9A3028D4DF54B4697
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/R5BQOxRCEWH8jRQcgb0DbTsRMOo.roa
Signing time: Wed 17 Jan 2024 16:24:11 +0000
ROA not before: Wed 17 Jan 2024 16:24:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 163.5.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 20:43:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:3c:c3:2f:0f:58:b9:e9:a3:02:8d:4d:f5:4b:46:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 17 16:24:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4790503b14421161fc8d141c81bd036d3b1130ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:31:8d:c6:1f:01:c0:1d:1c:be:41:0c:59:d9:
15:58:ba:35:91:99:38:bc:ea:72:14:c9:d9:2c:63:
a2:97:f0:98:59:8c:79:a8:50:a9:dd:29:6e:f0:a9:
43:df:6b:bb:fe:1e:b7:9a:75:92:d2:9d:f0:40:28:
98:3c:2d:de:b9:a9:04:c0:ce:7a:69:78:e6:6d:69:
37:2f:6d:70:fa:db:7a:7f:ce:1a:84:25:4a:36:02:
f3:34:1e:06:ed:5c:2e:40:4c:c9:d4:20:73:40:ec:
4d:3e:65:77:3d:c2:ba:10:21:e8:7e:19:16:3e:01:
8c:19:c9:ae:6e:e7:69:50:de:01:97:2d:c0:e9:bf:
b8:50:d1:aa:62:ba:ff:99:e6:e2:78:37:d3:5a:9a:
1b:b5:4a:5a:40:3d:40:9c:30:48:94:8e:a0:70:f9:
58:10:70:66:55:fc:32:b9:21:9a:3f:d0:84:69:58:
9c:85:77:51:ec:e1:58:92:93:0c:0f:c6:46:59:0b:
e6:91:8f:e3:5e:09:79:7d:2b:79:95:eb:ff:01:0f:
58:77:45:2a:bc:03:d6:d4:01:6b:95:ac:96:6d:3a:
ce:bd:17:cf:0d:2b:be:ae:4d:69:e5:8b:85:40:26:
f9:cb:c8:5a:aa:35:21:01:3f:c3:91:e2:b7:7f:df:
a1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:90:50:3B:14:42:11:61:FC:8D:14:1C:81:BD:03:6D:3B:11:30:EA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/R5BQOxRCEWH8jRQcgb0DbTsRMOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.176.0/24
Signature Algorithm: sha256WithRSAEncryption
87:45:9c:a3:a5:22:33:7d:cb:85:b9:24:2a:c6:f0:54:12:b2:
fa:cb:b2:ed:c3:f6:b2:2b:65:8d:ad:6d:ac:e1:2b:34:26:8c:
aa:ff:b6:1c:84:f2:04:f0:6c:22:2e:c8:40:42:e5:b6:26:1d:
18:05:cb:d9:d9:29:3a:49:ac:f6:f0:de:fa:e8:77:27:73:3f:
59:52:cf:7b:33:a0:1b:e3:84:65:b9:6d:54:54:38:c5:b2:ca:
be:5a:c8:35:8e:09:b9:14:43:2d:ee:73:4f:01:91:37:a1:8a:
d9:cd:fa:42:2a:2b:ca:87:e5:35:ce:ec:3c:e2:91:9b:1c:8f:
c1:7c:47:66:17:63:ad:79:a5:dc:63:0f:8c:07:37:49:58:e4:
8e:8d:9b:e9:91:74:71:46:1a:79:03:a5:85:6a:2e:e1:bd:58:
6e:10:2a:c2:7e:37:9b:99:a3:8c:0d:8f:73:73:04:fd:62:e2:
6f:4e:2c:3e:58:08:8e:f6:d1:12:51:f9:aa:46:33:fe:b9:f3:
06:22:bf:ea:8b:d6:42:b0:d7:dd:bf:1d:81:8d:71:bd:de:bc:
03:4b:4d:58:04:0b:4f:de:16:ce:be:8e:0f:f1:fa:d2:35:91:
5e:7c:03:e2:d2:12:85:e3:6c:aa:a6:f7:0b:76:a7:49:64:a3:
e9:61:b1:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0YPMMvD1i56aMCjU31S0aXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTE3MTYyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzkwNTAzYjE0NDIxMTYxZmM4ZDE0MWM4MWJkMDM2ZDNiMTEzMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjGNxh8BwB0cvkEMWdkVWLo1kZk4
vOpyFMnZLGOil/CYWYx5qFCp3Slu8KlD32u7/h63mnWS0p3wQCiYPC3euakEwM56
aXjmbWk3L21w+tt6f84ahCVKNgLzNB4G7VwuQEzJ1CBzQOxNPmV3PcK6ECHofhkW
PgGMGcmubudpUN4Bly3A6b+4UNGqYrr/mebieDfTWpobtUpaQD1AnDBIlI6gcPlY
EHBmVfwyuSGaP9CEaVichXdR7OFYkpMMD8ZGWQvmkY/jXgl5fSt5lev/AQ9Yd0Uq
vAPW1AFrlayWbTrOvRfPDSu+rk1p5YuFQCb5y8haqjUhAT/DkeK3f9+hFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeQUDsUQhFh/I0UHIG9A207ETDqMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUjVCUU94UkNFV0g4alJRY2diMERiVHNSTU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWwMA0G
CSqGSIb3DQEBCwUAA4IBAQCHRZyjpSIzfcuFuSQqxvBUErL6y7Ltw/ayK2WNrW2s
4Ss0Joyq/7YchPIE8GwiLshAQuW2Jh0YBcvZ2Sk6Saz28N766Hcncz9ZUs97M6Ab
44RluW1UVDjFssq+Wsg1jgm5FEMt7nNPAZE3oYrZzfpCKivKh+U1zuw84pGbHI/B
fEdmF2OteaXcYw+MBzdJWOSOjZvpkXRxRhp5A6WFai7hvVhuECrCfjebmaOMDY9z
cwT9YuJvTiw+WAiO9tESUfmqRjP+ufMGIr/qi9ZCsNfdvx2BjXG93rwDS01YBAtP
3hbOvo4P8frSNZFefAPi0hKF42yqpvcLdqdJZKPpYbFK
-----END CERTIFICATE-----
Generated at Fri Feb 2 00:26:12 2024 by rpki-client on console-fra.rpki-client.org