Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TFNHXGia7auk8i6v6MQ2rPHaHcw.roa
File: TFNHXGia7auk8i6v6MQ2rPHaHcw.roa (raw, json)
Hash identifier: 4SjeO1+VRA4hQIWmPWtOqyige+VvTu7/RVHlGIS3VT4=
Subject key identifier: 4C:53:47:5C:68:9A:ED:AB:A4:F2:2E:AF:E8:C4:36:AC:F1:DA:1D:CC
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01909ADE3F00935CE1ABC60B161201AB7A79
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TFNHXGia7auk8i6v6MQ2rPHaHcw.roa
Signing time: Wed 10 Jul 2024 04:19:34 +0000
ROA not before: Wed 10 Jul 2024 04:19:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 163.5.73.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 10:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9a:de:3f:00:93:5c:e1:ab:c6:0b:16:12:01:ab:7a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 10 04:19:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c53475c689aedaba4f22eafe8c436acf1da1dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:93:d2:bd:1d:30:93:86:75:44:26:c4:e5:f4:
c5:4d:4e:ed:b4:8c:77:e2:e7:bf:a7:96:50:4b:c7:
a4:fb:09:b9:9d:0c:98:43:a3:91:91:8e:6b:0b:c3:
4f:df:5a:a6:57:e6:e1:3e:4c:f0:80:f4:3f:08:5d:
48:32:5b:6d:72:e7:88:bd:97:a8:41:e1:3f:74:28:
3c:ec:40:be:0b:dc:a4:7f:95:ac:fb:26:5f:ba:01:
98:e2:b5:1c:08:05:b7:15:56:ec:44:e3:9a:6f:4d:
11:f9:bb:01:5b:89:3e:3c:09:03:fa:d4:6f:8e:f3:
6c:5d:4a:2a:5a:c1:03:d8:92:f0:20:07:d5:02:a4:
e4:8e:34:2b:c3:5f:50:8f:53:42:8d:0f:69:76:d7:
60:7b:eb:ae:a8:df:80:86:0f:5a:91:ed:1f:0c:84:
fb:2d:78:b5:e0:ef:ae:7b:e7:18:5d:42:fc:92:98:
a5:f5:89:66:8e:98:c2:c0:a0:f7:4f:aa:58:d6:0c:
bc:28:33:9a:8d:44:4e:f0:01:11:e5:16:d7:23:60:
d1:f6:86:64:2f:ac:3f:d2:ec:ab:46:68:88:cd:ae:
b3:73:b8:48:bf:84:1c:83:7b:07:d6:54:cf:59:91:
1d:87:9e:0c:d0:cf:4e:ce:46:fd:93:dd:e6:13:ea:
c2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:53:47:5C:68:9A:ED:AB:A4:F2:2E:AF:E8:C4:36:AC:F1:DA:1D:CC
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TFNHXGia7auk8i6v6MQ2rPHaHcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.73.0/24
163.5.192.0/23
163.5.195.0/24
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
28:17:15:b7:d9:18:c9:2f:0c:2a:80:9d:07:f3:30:6c:63:f4:
b7:7b:c5:a6:10:b5:5f:59:e9:19:45:6c:95:3c:67:c4:18:93:
72:fc:29:cd:7f:62:79:70:07:63:17:50:cc:1a:f1:d8:01:36:
2a:7a:2a:13:52:83:a1:24:d6:29:48:5b:9a:1a:ac:9b:28:ee:
5a:4d:bc:b2:e2:f3:bc:c9:72:b4:dd:8a:47:ce:69:af:52:fe:
b4:3e:22:fb:b4:f8:d6:b9:23:65:84:88:e4:d0:7f:cd:0e:fe:
90:2b:36:cf:cb:78:23:10:e1:b1:c3:ba:ee:9a:1f:91:68:8c:
10:a9:20:89:46:4f:94:d1:ef:9e:d7:21:b1:04:d4:05:36:31:
0c:e4:fe:b4:57:23:5e:4a:be:cc:7f:5c:af:21:5f:4a:87:98:
06:07:d7:b8:51:7b:5c:7e:ad:3b:99:6c:a3:83:e3:76:8d:95:
fc:10:03:f4:05:0e:2a:e6:2d:a3:6d:77:1a:b7:40:3d:01:d7:
dd:6c:2d:72:48:ef:f0:a1:f9:f0:c4:b6:5b:f2:97:19:bf:87:
cc:0f:4b:27:2a:de:67:f2:25:01:27:c0:fa:61:15:98:eb:1f:
45:cd:a7:fb:04:d1:cc:0b:b1:99:13:76:a2:ad:6d:d7:04:0a:
20:c2:1b:a4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZCa3j8Ak1zhq8YLFhIBq3p5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzEwMDQxOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzUzNDc1YzY4OWFlZGFiYTRmMjJlYWZlOGM0MzZhY2YxZGExZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZPSvR0wk4Z1RCbE5fTFTU7ttIx3
4ue/p5ZQS8ek+wm5nQyYQ6ORkY5rC8NP31qmV+bhPkzwgPQ/CF1IMlttcueIvZeo
QeE/dCg87EC+C9ykf5Ws+yZfugGY4rUcCAW3FVbsROOab00R+bsBW4k+PAkD+tRv
jvNsXUoqWsED2JLwIAfVAqTkjjQrw19Qj1NCjQ9pdtdge+uuqN+Ahg9ake0fDIT7
LXi14O+ue+cYXUL8kpil9YlmjpjCwKD3T6pY1gy8KDOajURO8AER5RbXI2DR9oZk
L6w/0uyrRmiIza6zc7hIv4Qcg3sH1lTPWZEdh54M0M9Ozkb9k93mE+rCzQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFExTR1xomu2rpPIur+jENqzx2h3MMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVEZOSFhHaWE3YXVrOGk2djZNUTJyUEhhSGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowVJAwQB
owXAAwQAowXDMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBACgXFbfZ
GMkvDCqAnQfzMGxj9Ld7xaYQtV9Z6RlFbJU8Z8QYk3L8Kc1/YnlwB2MXUMwa8dgB
Nip6KhNSg6Ek1ilIW5oarJso7lpNvLLi87zJcrTdikfOaa9S/rQ+Ivu0+Na5I2WE
iOTQf80O/pArNs/LeCMQ4bHDuu6aH5FojBCpIIlGT5TR757XIbEE1AU2MQzk/rRX
I15Kvsx/XK8hX0qHmAYH17hRe1x+rTuZbKOD43aNlfwQA/QFDirmLaNtdxq3QD0B
191sLXJI7/Ch+fDEtlvylxm/h8wPSycq3mfyJQEnwPphFZjrH0XNp/sE0cwLsZkT
dqKtbdcECiDCG6Q=
-----END CERTIFICATE-----
Generated at Mon Sep 9 12:52:54 2024 by rpki-client on console-ams.rpki-client.org