Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UFcWbS9WIfS-GWJe887STkJ7qU0.roa
File: UFcWbS9WIfS-GWJe887STkJ7qU0.roa (raw, json)
Hash identifier: BAUdNLL5730mOk6wyBeg63slDXI9n2eWci/d93EKigM=
Subject key identifier: 50:57:16:6D:2F:56:21:F4:BE:19:62:5E:F3:CE:D2:4E:42:7B:A9:4D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A3A59F6A1B0C385AC4A8D10EC4840
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UFcWbS9WIfS-GWJe887STkJ7qU0.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197537
IP address blocks: 163.5.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Jan 2025 07:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3a:59:f6:a1:b0:c3:85:ac:4a:8d:10:ec:48:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5057166d2f5621f4be19625ef3ced24e427ba94d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fc:f8:92:1a:14:d4:0f:7a:c2:65:52:51:2d:
17:3c:8b:fd:11:71:b4:76:e2:fd:11:f7:af:65:e7:
b3:2f:18:51:f5:eb:90:52:cc:32:aa:bd:26:4b:c1:
c7:37:99:18:5b:33:31:54:d8:fa:9a:6a:52:95:d4:
16:37:65:c2:ec:cd:4d:3e:38:0d:12:d0:61:54:70:
f4:3c:bf:d9:fb:aa:3d:a0:79:f8:00:98:20:13:7d:
21:a4:9f:c4:f8:71:04:9a:99:4a:20:18:b8:9f:56:
1e:f6:58:33:7c:e8:b7:7b:a2:a3:3e:17:a0:38:73:
4f:6a:61:14:45:0e:63:77:45:d5:bd:d2:e6:11:b5:
99:6d:4f:13:6d:9e:1d:47:07:0d:e5:a7:5b:d3:c9:
de:0f:0e:58:c9:d1:ab:69:34:0a:66:b8:f4:b9:da:
d2:8f:b2:00:97:a1:20:b5:e2:a0:c7:a5:bf:71:c6:
c8:4e:6c:81:b7:3a:57:d2:bd:96:4e:b7:15:f5:80:
f9:a4:13:8a:d5:c6:ff:2d:94:0a:22:fc:be:9c:cd:
ec:fa:27:7b:ef:79:a2:74:5c:60:ac:f6:1b:23:ac:
82:ec:9a:3a:96:a3:16:29:8e:18:f1:42:1c:59:ec:
24:36:f6:02:e8:46:44:2a:8c:f4:20:e6:e3:71:91:
09:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:57:16:6D:2F:56:21:F4:BE:19:62:5E:F3:CE:D2:4E:42:7B:A9:4D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UFcWbS9WIfS-GWJe887STkJ7qU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.230.0/24
Signature Algorithm: sha256WithRSAEncryption
08:bf:f1:0e:f8:62:60:86:c4:19:4e:32:25:6e:dd:87:aa:da:
1b:fd:47:2a:63:8e:b9:2d:78:f4:3a:18:fc:71:69:54:64:6e:
38:a8:43:a7:26:17:40:f3:a9:63:85:af:39:bd:c4:6f:de:46:
7a:e7:81:58:8b:a6:71:08:5d:bd:fb:b4:b9:fe:ec:0d:9e:84:
6d:36:59:e3:66:c0:c9:87:4e:78:ac:07:63:df:08:da:03:3d:
3c:36:d6:e5:aa:35:42:71:cc:e1:d9:86:73:b0:9b:51:32:98:
67:76:6b:da:f6:e2:0d:3e:49:42:15:14:66:96:af:fb:03:4f:
71:c4:86:bf:4d:b9:71:49:72:7d:c5:9b:ac:54:0e:87:38:63:
72:3d:66:4c:0c:35:af:3d:90:ec:49:e5:01:7c:b0:5b:80:49:
97:f0:67:0d:ae:7f:51:96:b7:17:bb:74:ee:ae:36:83:1a:b6:
d4:be:c3:9f:80:42:10:71:97:cb:4f:14:5f:4a:b7:f8:47:95:
38:76:45:f9:2d:c6:b3:7c:cf:c9:0c:8d:45:81:f4:3d:88:89:
e5:d3:f4:8a:e5:cd:80:0c:95:48:bc:83:d4:61:d9:f9:62:b4:
c8:1e:8c:8d:cb:cd:40:4d:88:96:cc:3b:56:04:c7:67:4c:a3:
07:bb:38:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajpZ9qGww4WsSo0Q7EhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDU3MTY2ZDJmNTYyMWY0YmUxOTYyNWVmM2NlZDI0ZTQyN2JhOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/z4khoU1A96wmVSUS0XPIv9EXG0
duL9EfevZeezLxhR9euQUswyqr0mS8HHN5kYWzMxVNj6mmpSldQWN2XC7M1NPjgN
EtBhVHD0PL/Z+6o9oHn4AJggE30hpJ/E+HEEmplKIBi4n1Ye9lgzfOi3e6KjPheg
OHNPamEURQ5jd0XVvdLmEbWZbU8TbZ4dRwcN5adb08neDw5YydGraTQKZrj0udrS
j7IAl6EgteKgx6W/ccbITmyBtzpX0r2WTrcV9YD5pBOK1cb/LZQKIvy+nM3s+id7
73midFxgrPYbI6yC7Jo6lqMWKY4Y8UIcWewkNvYC6EZEKoz0IObjcZEJgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBXFm0vViH0vhliXvPO0k5Ce6lNMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVUZjV2JTOVdJZlMtR1dKZTg4N1NUa0o3cVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXmMA0G
CSqGSIb3DQEBCwUAA4IBAQAIv/EO+GJghsQZTjIlbt2Hqtob/UcqY465LXj0Ohj8
cWlUZG44qEOnJhdA86ljha85vcRv3kZ654FYi6ZxCF29+7S5/uwNnoRtNlnjZsDJ
h054rAdj3wjaAz08NtblqjVCcczh2YZzsJtRMphndmva9uINPklCFRRmlq/7A09x
xIa/TblxSXJ9xZusVA6HOGNyPWZMDDWvPZDsSeUBfLBbgEmX8GcNrn9RlrcXu3Tu
rjaDGrbUvsOfgEIQcZfLTxRfSrf4R5U4dkX5LcazfM/JDI1FgfQ9iInl0/SK5c2A
DJVIvIPUYdn5YrTIHoyNy81ATYiWzDtWBMdnTKMHuzhe
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:42:04 2025 by rpki-client