Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RS3ewf0tLeNkNwo2FZ1wr1Qp9WI.roa
File: RS3ewf0tLeNkNwo2FZ1wr1Qp9WI.roa (raw, json)
Hash identifier: dqqbZmZFrur4qJnHTfGvGs8eDbEQrtXAcvZAsLeggrc=
Subject key identifier: 45:2D:DE:C1:FD:2D:2D:E3:64:37:0A:36:15:9D:70:AF:54:29:F5:62
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018E9DD06BEA9318C916D8ED6BCCC9026002
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RS3ewf0tLeNkNwo2FZ1wr1Qp9WI.roa
Signing time: Tue 02 Apr 2024 07:57:45 +0000
ROA not before: Tue 02 Apr 2024 07:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206505
IP address blocks: 163.5.125.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 10:22:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:d0:6b:ea:93:18:c9:16:d8:ed:6b:cc:c9:02:60:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 2 07:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=452ddec1fd2d2de364370a36159d70af5429f562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ea:66:7f:af:f9:85:3f:98:cc:cf:c0:fb:4f:
83:9a:bc:ef:a1:66:33:45:33:66:89:c5:5c:75:b6:
de:62:05:8a:2e:25:86:a9:92:70:db:fa:d7:a1:e9:
1d:c8:7d:a2:e2:ad:a8:9b:6b:d1:6d:64:cd:7e:3d:
a6:85:d9:51:ce:f2:8b:23:fc:7a:1a:52:61:c2:bf:
c4:21:b1:98:f1:c5:13:42:69:6c:b5:59:9c:4c:33:
f9:ef:4e:93:19:f3:8e:a7:02:08:81:a9:e5:80:37:
82:f7:bd:2d:23:c9:5a:a0:91:27:b4:a7:ed:ef:d1:
0b:bd:92:f1:6d:a7:9c:31:1c:91:b7:e6:cb:74:eb:
0a:9b:40:55:08:bd:97:dc:a1:e3:0b:1e:87:5b:e6:
31:c6:d9:39:4e:13:5d:56:1e:16:06:98:01:9c:f1:
f7:9d:e8:70:14:ed:51:ff:9f:c4:e5:b1:dd:1e:52:
10:4c:6c:5e:ac:f9:c2:17:53:7a:cb:81:19:10:83:
97:7e:ae:23:d7:f1:9d:2b:83:99:62:7f:26:10:cb:
3b:fb:8f:fd:b6:cd:80:5e:16:67:3e:da:31:0a:e2:
42:64:0f:32:cd:39:2a:af:df:26:c4:8d:22:3b:f5:
a5:d1:37:2a:47:ab:35:e7:48:34:a3:71:fa:46:eb:
66:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2D:DE:C1:FD:2D:2D:E3:64:37:0A:36:15:9D:70:AF:54:29:F5:62
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RS3ewf0tLeNkNwo2FZ1wr1Qp9WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.125.0/24
163.5.164.0/24
163.5.166.0/24
Signature Algorithm: sha256WithRSAEncryption
58:72:79:b5:98:99:a4:1a:85:27:7b:c8:4e:30:af:dd:9f:e1:
34:94:44:53:80:15:57:cc:3d:c7:81:98:e1:0b:32:c8:73:d8:
13:65:b5:23:fc:18:0d:ff:ed:15:7d:71:e1:89:6e:a7:93:51:
53:17:53:e7:f7:c2:98:c1:7f:cf:02:c1:64:ea:a1:67:c8:59:
d3:77:e6:dc:d3:49:33:6d:04:42:5d:eb:23:e7:f8:aa:b1:8e:
5b:88:e0:7d:b6:93:35:94:10:17:d5:fb:dc:f9:32:aa:1b:53:
58:cb:c4:85:d8:bf:06:21:60:b1:eb:aa:58:21:fb:e0:eb:6a:
ea:f8:bb:30:65:ff:f2:93:8c:d2:c5:48:8c:c6:0d:71:a4:78:
07:f2:7b:6b:1d:a5:d7:17:fb:0c:a6:b1:d5:c0:b9:27:87:84:
65:70:45:06:bd:ce:0a:30:77:a2:e0:99:66:ff:8a:4f:c4:9d:
8d:27:98:a1:d8:d1:d1:81:ed:d3:21:ce:bc:11:78:50:b5:9d:
76:c5:13:91:ed:73:e2:58:6e:36:79:9d:04:d0:d6:f4:dc:8c:
aa:21:ab:d7:05:27:ef:65:fc:2f:d5:f2:9c:02:3c:4d:e1:79:
e8:8b:5a:ad:a1:63:f8:82:30:08:44:3a:9c:6c:7e:fa:bf:f5:
98:72:3c:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6d0GvqkxjJFtjta8zJAmACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDAyMDc1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTJkZGVjMWZkMmQyZGUzNjQzNzBhMzYxNTlkNzBhZjU0MjlmNTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1epmf6/5hT+YzM/A+0+DmrzvoWYz
RTNmicVcdbbeYgWKLiWGqZJw2/rXoekdyH2i4q2om2vRbWTNfj2mhdlRzvKLI/x6
GlJhwr/EIbGY8cUTQmlstVmcTDP5706TGfOOpwIIganlgDeC970tI8laoJEntKft
79ELvZLxbaecMRyRt+bLdOsKm0BVCL2X3KHjCx6HW+Yxxtk5ThNdVh4WBpgBnPH3
nehwFO1R/5/E5bHdHlIQTGxerPnCF1N6y4EZEIOXfq4j1/GdK4OZYn8mEMs7+4/9
ts2AXhZnPtoxCuJCZA8yzTkqr98mxI0iO/Wl0TcqR6s150g0o3H6RutmZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEUt3sH9LS3jZDcKNhWdcK9UKfViMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUlMzZXdmMHRMZU5rTndvMkZaMXdyMVFwOVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowV9AwQA
owWkAwQAowWmMA0GCSqGSIb3DQEBCwUAA4IBAQBYcnm1mJmkGoUne8hOMK/dn+E0
lERTgBVXzD3HgZjhCzLIc9gTZbUj/BgN/+0VfXHhiW6nk1FTF1Pn98KYwX/PAsFk
6qFnyFnTd+bc00kzbQRCXesj5/iqsY5biOB9tpM1lBAX1fvc+TKqG1NYy8SF2L8G
IWCx66pYIfvg62rq+LswZf/yk4zSxUiMxg1xpHgH8ntrHaXXF/sMprHVwLknh4Rl
cEUGvc4KMHei4Jlm/4pPxJ2NJ5ih2NHRge3TIc68EXhQtZ12xROR7XPiWG42eZ0E
0Nb03IyqIavXBSfvZfwv1fKcAjxN4Xnoi1qtoWP4gjAIRDqcbH76v/WYcjzc
-----END CERTIFICATE-----
Generated at Wed May 1 15:29:51 2024 by rpki-client on console-fra.rpki-client.org