Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Rl5Imp8QpAgmSqA1UuBlHfKR-3E.roa
File: Rl5Imp8QpAgmSqA1UuBlHfKR-3E.roa (raw, json)
Hash identifier: rpGRHoi60dVSidHU+2+5uaQ42Sq+95xdmkUVpl3TW4c=
Subject key identifier: 46:5E:48:9A:9F:10:A4:08:26:4A:A0:35:52:E0:65:1D:F2:91:FB:71
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC42553CEC1B2475C93F0ABD6DCE331FD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Rl5Imp8QpAgmSqA1UuBlHfKR-3E.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.177.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:53:ce:c1:b2:47:5c:93:f0:ab:d6:dc:e3:31:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=465e489a9f10a408264aa03552e0651df291fb71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:10:77:2b:f6:46:a9:e5:5c:d9:eb:3d:08:7c:
6b:cc:9b:66:59:eb:38:d3:8f:9b:b4:7f:79:5f:a8:
5d:05:ee:e0:8e:f7:4d:eb:8b:2f:4c:06:07:62:61:
09:fe:87:1b:6f:f1:ff:54:d8:1e:a3:61:72:80:73:
04:d1:77:88:63:d2:17:4c:6a:8e:04:1f:4d:a0:8e:
89:1a:1a:01:c8:10:21:c5:dc:35:81:c5:81:e4:46:
2b:87:74:86:8b:ea:94:fb:8c:b7:dc:08:fd:b7:5e:
c0:29:39:93:32:7b:95:b6:63:b3:28:59:1c:cb:55:
e7:b3:0b:65:d2:1b:3b:00:63:67:6b:5f:cd:02:a2:
7e:12:15:e9:dd:17:5e:2b:f2:5c:a9:7d:b0:54:e4:
29:63:9c:57:47:d8:b6:2e:04:de:db:14:91:c4:da:
61:87:ab:4e:b3:e3:d4:42:3d:46:45:93:63:dc:a1:
53:89:12:4d:a1:80:69:61:45:c5:f4:c0:5e:99:ca:
71:f8:47:8b:ef:82:36:be:2d:32:f5:06:3a:87:53:
f5:9b:16:fe:44:64:0f:e2:cd:d9:20:13:47:e4:2c:
14:b0:67:47:1a:4e:ab:aa:34:87:d0:fb:31:5f:5e:
bc:8e:97:70:7e:27:9b:64:dc:b6:30:73:55:85:02:
19:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:5E:48:9A:9F:10:A4:08:26:4A:A0:35:52:E0:65:1D:F2:91:FB:71
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Rl5Imp8QpAgmSqA1UuBlHfKR-3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.118.0/24
163.5.153.0/24
163.5.177.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:7d:ac:c7:d1:a1:f6:7a:5e:35:26:ba:39:d9:b0:47:ee:4f:
46:d6:69:49:15:3a:29:e6:0b:e7:58:df:ae:19:23:9d:00:b6:
e3:63:34:e8:39:a4:63:33:dd:56:17:b3:5e:39:e1:82:2f:83:
e4:b9:92:ec:29:9c:a5:dd:92:d7:38:f7:63:1b:53:9d:63:a3:
44:3c:70:2f:1f:ae:f7:2c:f4:e1:e7:4d:4b:b4:7e:45:47:c1:
09:2a:55:5c:26:49:4c:1b:9d:85:6b:84:f8:ad:63:2d:5a:10:
11:54:a8:51:33:35:aa:d0:95:7b:d0:6a:09:0e:ca:c0:7a:50:
4a:1e:4e:bf:8e:d9:1d:02:83:13:e6:e5:a6:c8:36:01:32:3d:
dc:54:4a:e9:dc:f8:ae:6c:07:75:5c:51:e2:01:a2:15:69:4a:
34:02:d3:0b:58:8d:d3:9c:8f:0d:94:c8:a8:ea:ad:5c:3b:35:
19:99:f6:29:2c:f2:bf:37:34:cf:ec:5f:32:6b:0e:bf:34:5a:
eb:9a:62:e0:87:fe:12:aa:96:41:44:44:d2:7a:a9:97:ea:d7:
d8:ca:4e:63:20:68:1e:3c:db:85:61:f6:5e:82:4b:7c:c4:99:
f8:ae:65:2b:50:01:23:c1:fd:cc:c3:5a:31:4d:01:f5:b4:d7:
5c:fb:93:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJVPOwbJHXJPwq9bc4zH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjVlNDg5YTlmMTBhNDA4MjY0YWEwMzU1MmUwNjUxZGYyOTFmYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshB3K/ZGqeVc2es9CHxrzJtmWes4
04+btH95X6hdBe7gjvdN64svTAYHYmEJ/ocbb/H/VNgeo2FygHME0XeIY9IXTGqO
BB9NoI6JGhoByBAhxdw1gcWB5EYrh3SGi+qU+4y33Aj9t17AKTmTMnuVtmOzKFkc
y1Xnswtl0hs7AGNna1/NAqJ+EhXp3RdeK/JcqX2wVOQpY5xXR9i2LgTe2xSRxNph
h6tOs+PUQj1GRZNj3KFTiRJNoYBpYUXF9MBemcpx+EeL74I2vi0y9QY6h1P1mxb+
RGQP4s3ZIBNH5CwUsGdHGk6rqjSH0PsxX168jpdwfiebZNy2MHNVhQIZOQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEZeSJqfEKQIJkqgNVLgZR3ykftxMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUmw1SW1wOFFwQWdtU3FBMVV1QmxIZktSLTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUiAwQA
owV2AwQAowWZAwQAowWxAwQAowX8MA0GCSqGSIb3DQEBCwUAA4IBAQAvfazH0aH2
el41Jro52bBH7k9G1mlJFTop5gvnWN+uGSOdALbjYzToOaRjM91WF7NeOeGCL4Pk
uZLsKZyl3ZLXOPdjG1OdY6NEPHAvH673LPTh501LtH5FR8EJKlVcJklMG52Fa4T4
rWMtWhARVKhRMzWq0JV70GoJDsrAelBKHk6/jtkdAoMT5uWmyDYBMj3cVErp3Piu
bAd1XFHiAaIVaUo0AtMLWI3TnI8NlMio6q1cOzUZmfYpLPK/NzTP7F8yaw6/NFrr
mmLgh/4SqpZBRETSeqmX6tfYyk5jIGgePNuFYfZegkt8xJn4rmUrUAEjwf3Mw1ox
TQH1tNdc+5OZ
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:22 2024 by rpki-client on console-fra.rpki-client.org