Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TqO48L3KeIs1ukC0rkvtKY8JEk0.roa
File: TqO48L3KeIs1ukC0rkvtKY8JEk0.roa (raw, json)
Hash identifier: +LOeAsToGn+YDNszn3c4rSEFZyFrOxO+BT8mSELqPIo=
Subject key identifier: 4E:A3:B8:F0:BD:CA:78:8B:35:BA:40:B4:AE:4B:ED:29:8F:09:12:4D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D31BC79BF9806D52367D7A7F53B206926
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TqO48L3KeIs1ukC0rkvtKY8JEk0.roa
Signing time: Mon 22 Jan 2024 15:14:11 +0000
ROA not before: Mon 22 Jan 2024 15:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 163.5.145.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.219.0/24 maxlen: 24
163.5.232.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 12:46:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:bc:79:bf:98:06:d5:23:67:d7:a7:f5:3b:20:69:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 22 15:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ea3b8f0bdca788b35ba40b4ae4bed298f09124d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:77:7a:04:7b:a2:e6:d0:d8:3c:29:a3:99:d5:
70:b6:b2:b5:c3:87:d6:12:8d:38:49:64:b3:cc:8e:
42:b4:e2:6d:0d:22:87:41:d8:30:d3:77:59:aa:75:
9c:f8:b8:c1:7e:4c:e0:39:d3:d1:e5:cf:98:21:33:
eb:2c:1c:68:80:c4:68:84:98:a3:fd:1e:c7:32:81:
28:c3:88:e3:fd:2e:3a:f1:43:f6:d4:5c:9e:60:62:
79:72:42:18:b9:cb:d2:b0:cb:8d:f7:3c:72:c4:a2:
97:3f:4f:88:44:d3:19:36:82:c7:91:f0:dc:0a:35:
1a:e3:b9:7d:10:5d:5b:56:8e:3f:75:be:4e:5c:75:
24:fc:7b:8c:a3:43:66:67:50:5d:39:70:1a:63:94:
9d:4d:55:c9:73:08:ec:04:27:d7:b2:6e:8c:7a:8c:
db:4f:5f:6f:55:11:b9:4b:1a:36:60:e7:cd:50:07:
1f:c1:d1:ce:57:65:b0:f8:93:46:7a:e8:10:e5:b3:
ad:db:11:63:38:6a:3d:1c:c5:e6:b6:04:be:d9:18:
38:ff:39:7f:d4:ca:a2:23:e3:cb:f6:aa:77:9f:30:
b0:20:76:0d:d1:2b:04:f8:79:02:f9:aa:9a:e4:22:
8b:63:ed:be:03:df:36:09:e9:f3:05:51:39:0f:5e:
4d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A3:B8:F0:BD:CA:78:8B:35:BA:40:B4:AE:4B:ED:29:8F:09:12:4D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TqO48L3KeIs1ukC0rkvtKY8JEk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.145.0/24
163.5.199.0/24
163.5.202.0/24
163.5.212.0/24
163.5.219.0/24
163.5.232.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
98:35:4a:74:49:89:39:d2:a3:ec:0c:db:69:e8:4a:0b:92:c6:
7e:d6:14:c0:24:f7:10:59:c9:38:ce:c5:ca:1b:5a:43:a4:0f:
77:02:da:51:87:a8:fc:e9:63:b0:08:0d:f1:47:2f:7f:a1:f9:
0e:f4:fc:0a:04:3c:e7:c6:be:8d:e5:3e:96:20:bc:34:d3:cc:
90:d2:d4:8d:6e:31:6c:aa:c4:53:df:65:30:3f:ad:3e:8f:a8:
e9:1a:df:af:1d:aa:a7:63:2b:ce:ea:c3:7b:2d:0a:0a:3e:2c:
de:0c:23:d3:56:1f:3f:34:56:fd:0d:3a:d2:0d:14:ba:aa:6a:
40:b9:11:0a:db:3c:09:f4:23:00:4c:41:75:ce:35:22:03:e6:
55:02:59:0c:99:d1:f4:7b:9f:59:1d:fb:06:a6:d9:42:81:b1:
6e:45:7b:0f:20:39:09:77:ca:d0:53:ac:17:5f:11:db:1d:44:
94:76:02:d8:1e:8e:2f:a8:24:4a:47:65:0d:da:28:ea:bc:3b:
97:ce:8b:c5:c5:60:e4:04:01:f7:7f:a9:3d:62:f9:a9:ca:e5:
1b:54:db:b8:5c:f4:33:36:ca:f0:0c:8c:d2:71:28:1d:e5:8f:
1f:dc:1c:e3:59:59:a0:6f:c0:6b:14:30:da:18:59:0b:40:5c:
96:37:13:be
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0xvHm/mAbVI2fXp/U7IGkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTIyMTUxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWEzYjhmMGJkY2E3ODhiMzViYTQwYjRhZTRiZWQyOThmMDkxMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXd6BHui5tDYPCmjmdVwtrK1w4fW
Eo04SWSzzI5CtOJtDSKHQdgw03dZqnWc+LjBfkzgOdPR5c+YITPrLBxogMRohJij
/R7HMoEow4jj/S468UP21FyeYGJ5ckIYucvSsMuN9zxyxKKXP0+IRNMZNoLHkfDc
CjUa47l9EF1bVo4/db5OXHUk/HuMo0NmZ1BdOXAaY5SdTVXJcwjsBCfXsm6Meozb
T19vVRG5Sxo2YOfNUAcfwdHOV2Ww+JNGeugQ5bOt2xFjOGo9HMXmtgS+2Rg4/zl/
1MqiI+PL9qp3nzCwIHYN0SsE+HkC+aqa5CKLY+2+A982CenzBVE5D15NQwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFE6juPC9yniLNbpAtK5L7SmPCRJNMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVHFPNDhMM0tlSXMxdWtDMHJrdnRLWThKRWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowWRAwQA
owXHAwQAowXKAwQAowXUAwQAowXbAwQAowXoAwQAowX4MA0GCSqGSIb3DQEBCwUA
A4IBAQCYNUp0SYk50qPsDNtp6EoLksZ+1hTAJPcQWck4zsXKG1pDpA93AtpRh6j8
6WOwCA3xRy9/ofkO9PwKBDznxr6N5T6WILw008yQ0tSNbjFsqsRT32UwP60+j6jp
Gt+vHaqnYyvO6sN7LQoKPizeDCPTVh8/NFb9DTrSDRS6qmpAuREK2zwJ9CMATEF1
zjUiA+ZVAlkMmdH0e59ZHfsGptlCgbFuRXsPIDkJd8rQU6wXXxHbHUSUdgLYHo4v
qCRKR2UN2ijqvDuXzovFxWDkBAH3f6k9YvmpyuUbVNu4XPQzNsrwDIzScSgd5Y8f
3BzjWVmgb8BrFDDaGFkLQFyWNxO+
-----END CERTIFICATE-----
Generated at Tue Feb 6 18:09:33 2024 by rpki-client on console-ams.rpki-client.org