Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UbHp5lCSzV7eUlHsCadNiMhuqeA.roa
File: UbHp5lCSzV7eUlHsCadNiMhuqeA.roa (raw, json)
Hash identifier: IiHpDruCTT6vJe247fLqbPI/Dxd8ct6sL6WNVPIC2Ak=
Subject key identifier: 51:B1:E9:E6:50:92:CD:5E:DE:52:51:EC:09:A7:4D:88:C8:6E:A9:E0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC4254FD9A4DBFC962DDFF1DD259F6C97
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UbHp5lCSzV7eUlHsCadNiMhuqeA.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.111.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 15:40:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4f:d9:a4:db:fc:96:2d:df:f1:dd:25:9f:6c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51b1e9e65092cd5ede5251ec09a74d88c86ea9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:46:74:55:cf:94:9b:eb:b8:75:be:fb:28:df:
2d:a8:63:ff:de:0b:c0:b2:70:4b:5c:39:69:b0:55:
b8:df:8c:30:75:3b:e5:65:a0:ef:2f:13:14:f2:7a:
20:96:5d:ef:de:ae:d8:c8:a6:92:c5:da:66:d5:7e:
a6:5a:b0:6c:94:ff:65:4c:94:ae:47:2b:3b:8d:9e:
ad:a8:b3:8d:cd:09:f0:2a:46:b1:0f:5d:e9:94:ee:
60:c6:d3:ed:42:6e:3b:9c:87:eb:15:ba:6c:fe:bd:
c8:28:c4:fc:f3:ad:04:7a:e4:4a:72:48:bc:6f:cd:
32:db:cb:88:0d:8f:41:24:fa:c8:44:a6:50:eb:bf:
ef:93:1c:e3:64:d7:b8:2b:b7:9d:1e:0b:6a:75:a5:
f4:5d:56:9b:ca:57:d5:cc:9a:f0:d2:d8:fa:bb:ca:
28:c7:4c:99:a4:48:99:4d:3d:cc:52:b0:5e:b4:0a:
2e:f2:60:0b:a5:90:d0:aa:3a:01:d4:29:2f:84:0b:
86:7c:ac:c7:0d:e2:10:60:c9:d1:3e:e5:b7:00:94:
c8:1b:49:33:e9:70:65:d0:37:50:88:d9:c8:d2:2d:
40:a6:31:28:51:ea:d3:e4:e3:93:d6:6d:49:dd:d2:
eb:2d:d8:67:64:f1:3c:4f:8e:b1:91:90:96:7f:94:
7a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B1:E9:E6:50:92:CD:5E:DE:52:51:EC:09:A7:4D:88:C8:6E:A9:E0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UbHp5lCSzV7eUlHsCadNiMhuqeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.110.0/23
163.5.126.0/24
163.5.128.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
95:d6:51:7d:fb:b8:77:65:94:ef:22:24:f3:a2:1d:57:bc:32:
a3:e6:f1:93:78:ad:a9:89:1c:b7:38:f8:6e:04:15:c6:e9:1c:
70:36:ae:b1:d1:68:26:61:1b:90:89:0f:0a:aa:d5:bf:fe:9a:
c0:2f:2e:7c:b9:0f:48:10:f4:ed:d5:3b:94:f2:41:59:70:22:
af:ea:e7:76:23:ca:94:f9:59:b0:c4:be:9c:ec:91:ec:03:78:
81:76:97:93:e7:b0:52:32:d0:71:dc:cb:12:f5:9c:0e:eb:ff:
24:05:93:bf:8f:c5:21:a9:c5:08:9d:38:9b:51:f8:76:96:e9:
05:89:47:ed:b2:e8:dc:e6:ac:b8:c3:4a:b4:4a:cd:83:e7:be:
6a:95:ac:9e:e3:c9:38:15:6e:0f:5a:a6:d5:12:df:89:d3:3b:
5b:75:4c:d6:8d:71:02:ba:7f:f1:33:a6:13:ef:57:20:cc:4e:
85:88:65:66:5a:67:b7:e8:67:16:db:2a:96:e7:dc:9f:dd:72:
b4:40:4a:bf:c6:c2:51:45:e4:c3:0e:f0:0b:96:ee:f8:9b:6e:
0b:9e:e6:ec:ca:b8:40:20:b7:cc:ea:33:bd:4a:6a:93:4c:a3:
be:6a:37:11:3e:d8:e3:76:3c:ca:f7:bc:bd:de:db:be:6b:16:
d5:db:d8:8b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJU/ZpNv8li3f8d0ln2yXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWIxZTllNjUwOTJjZDVlZGU1MjUxZWMwOWE3NGQ4OGM4NmVhOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkZ0Vc+Um+u4db77KN8tqGP/3gvA
snBLXDlpsFW434wwdTvlZaDvLxMU8nogll3v3q7YyKaSxdpm1X6mWrBslP9lTJSu
Rys7jZ6tqLONzQnwKkaxD13plO5gxtPtQm47nIfrFbps/r3IKMT8860EeuRKcki8
b80y28uIDY9BJPrIRKZQ67/vkxzjZNe4K7edHgtqdaX0XVabylfVzJrw0tj6u8oo
x0yZpEiZTT3MUrBetAou8mALpZDQqjoB1CkvhAuGfKzHDeIQYMnRPuW3AJTIG0kz
6XBl0DdQiNnI0i1ApjEoUerT5OOT1m1J3dLrLdhnZPE8T46xkZCWf5R6yQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFGx6eZQks1e3lJR7AmnTYjIbqngMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVWJIcDVsQ1N6VjdlVWxIc0NhZE5pTWh1cWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBowVuAwQA
owV+AwQAowWAAwQAowX6AwQAowX9MA0GCSqGSIb3DQEBCwUAA4IBAQCV1lF9+7h3
ZZTvIiTzoh1XvDKj5vGTeK2piRy3OPhuBBXG6RxwNq6x0WgmYRuQiQ8KqtW//prA
Ly58uQ9IEPTt1TuU8kFZcCKv6ud2I8qU+VmwxL6c7JHsA3iBdpeT57BSMtBx3MsS
9ZwO6/8kBZO/j8UhqcUInTibUfh2lukFiUftsujc5qy4w0q0Ss2D575qlaye48k4
FW4PWqbVEt+J0ztbdUzWjXECun/xM6YT71cgzE6FiGVmWme36GcW2yqW59yf3XK0
QEq/xsJRReTDDvALlu74m24LnubsyrhAILfM6jO9SmqTTKO+ajcRPtjjdjzK97y9
3tu+axbV29iL
-----END CERTIFICATE-----
Generated at Wed Feb 14 21:15:54 2024 by rpki-client on console-ams.rpki-client.org