Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WOzThfmWqDyklakN9IccPKn8tn0.roa
File: WOzThfmWqDyklakN9IccPKn8tn0.roa (raw, json)
Hash identifier: 4frNPneL5tExdQ/nHvYPPRP35tB13kl/EbTtaR/8nKw=
Subject key identifier: 58:EC:D3:85:F9:96:A8:3C:A4:95:A9:0D:F4:87:1C:3C:A9:FC:B6:7D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01893A53A6C8F485E22534820BE07A1B3D62
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WOzThfmWqDyklakN9IccPKn8tn0.roa
Signing time: Sun 09 Jul 2023 11:05:07 +0000
ROA not before: Sun 09 Jul 2023 11:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.111.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.242.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Sep 2023 11:13:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3a:53:a6:c8:f4:85:e2:25:34:82:0b:e0:7a:1b:3d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 9 11:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58ecd385f996a83ca495a90df4871c3ca9fcb67d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:aa:fe:f1:b3:83:15:18:d3:3f:f3:ad:7d:9b:
bc:b2:18:fe:f2:42:8d:e5:20:84:82:c6:55:ba:5d:
43:1d:b0:38:b8:d2:5e:1b:02:b2:56:e8:16:43:d5:
75:64:e1:82:e7:f7:5a:8f:0a:62:9c:28:65:43:4f:
21:c6:02:75:09:06:02:2a:25:d4:d3:05:53:ab:14:
67:f2:fe:42:2d:f5:7a:bf:a1:03:d6:d9:1f:23:e5:
26:e1:25:0a:b6:a0:da:42:53:f1:4f:33:cd:41:5e:
4b:21:54:e8:68:88:4c:87:26:9b:83:10:d0:ac:e5:
b0:95:fa:13:a4:3e:06:33:56:6d:b9:cb:3f:fb:3c:
69:11:3c:bb:07:bc:89:c0:f8:bb:e0:20:ed:87:3a:
99:37:91:3f:23:aa:94:64:58:d0:52:27:88:d0:7a:
3e:48:a8:51:b4:3b:05:7c:cb:8f:af:fa:4d:1d:4c:
f4:59:e2:49:af:5c:d9:db:28:09:50:d4:e1:96:20:
86:d8:4c:c3:ab:0b:b5:73:de:0e:65:b3:18:22:e2:
0b:a6:a9:e8:98:16:92:99:14:06:a1:d1:eb:f3:b7:
77:be:34:a0:17:74:25:f1:c3:b3:46:b7:02:78:d5:
02:7b:c9:81:16:62:57:fb:e0:b7:9b:13:d7:7a:fe:
bc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:EC:D3:85:F9:96:A8:3C:A4:95:A9:0D:F4:87:1C:3C:A9:FC:B6:7D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WOzThfmWqDyklakN9IccPKn8tn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.110.0/23
163.5.126.0/24
163.5.128.0/24
163.5.242.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b6:d8:4d:1c:df:e1:fd:f9:b9:82:27:71:24:7b:74:75:de:
f4:20:a0:70:d0:03:b6:0d:67:4c:1b:3b:1e:ee:19:84:b0:f1:
62:1b:40:c0:24:2f:27:e1:07:9d:f5:f4:b8:8c:7d:dd:c7:3e:
35:11:7a:12:8d:77:ab:c0:49:d2:82:ba:e7:af:6e:07:c0:c6:
73:a9:ec:e5:43:fe:4b:da:65:a5:01:46:8c:02:f3:ec:c4:48:
8c:13:98:44:3d:9d:aa:77:14:27:60:84:62:f5:f1:c3:3f:6a:
aa:b8:8c:04:f5:73:ae:82:7a:35:bd:a2:bc:8e:cc:02:53:95:
92:6d:df:b3:f8:a5:b5:36:6c:ce:08:51:ef:ce:43:7d:c3:09:
39:6c:3e:68:c1:2e:12:93:86:11:05:2b:a8:6c:96:af:fe:ef:
17:ba:1e:1f:f7:fb:f7:bd:58:40:39:53:1b:cb:81:55:a4:e0:
2d:49:d8:cd:ed:b7:a6:5d:78:04:41:4e:c2:a4:32:dc:84:43:
85:8f:40:4a:19:0a:3a:dd:69:5c:14:98:c1:db:3f:04:1b:7a:
9e:4a:77:79:f4:7d:5a:5f:9e:d3:53:42:37:51:f8:b3:57:4b:
39:53:fb:fe:08:6d:22:1c:f2:da:94:0e:70:45:cb:3c:46:3e:
af:27:93:ee
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYk6U6bI9IXiJTSCC+B6Gz1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzA5MTEwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGVjZDM4NWY5OTZhODNjYTQ5NWE5MGRmNDg3MWMzY2E5ZmNiNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqar+8bODFRjTP/OtfZu8shj+8kKN
5SCEgsZVul1DHbA4uNJeGwKyVugWQ9V1ZOGC5/dajwpinChlQ08hxgJ1CQYCKiXU
0wVTqxRn8v5CLfV6v6ED1tkfI+Um4SUKtqDaQlPxTzPNQV5LIVToaIhMhyabgxDQ
rOWwlfoTpD4GM1Ztucs/+zxpETy7B7yJwPi74CDthzqZN5E/I6qUZFjQUieI0Ho+
SKhRtDsFfMuPr/pNHUz0WeJJr1zZ2ygJUNThliCG2EzDqwu1c94OZbMYIuILpqno
mBaSmRQGodHr87d3vjSgF3Ql8cOzRrcCeNUCe8mBFmJX++C3mxPXev68TwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFjs04X5lqg8pJWpDfSHHDyp/LZ9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvV096VGhmbVdxRHlrbGFrTjlJY2NQS244dG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBowVuAwQA
owV+AwQAowWAAwQAowXyAwQAowX6AwQAowX9MA0GCSqGSIb3DQEBCwUAA4IBAQB+
tthNHN/h/fm5gidxJHt0dd70IKBw0AO2DWdMGzse7hmEsPFiG0DAJC8n4Qed9fS4
jH3dxz41EXoSjXerwEnSgrrnr24HwMZzqezlQ/5L2mWlAUaMAvPsxEiME5hEPZ2q
dxQnYIRi9fHDP2qquIwE9XOugno1vaK8jswCU5WSbd+z+KW1NmzOCFHvzkN9wwk5
bD5owS4Sk4YRBSuobJav/u8Xuh4f9/v3vVhAOVMby4FVpOAtSdjN7bemXXgEQU7C
pDLchEOFj0BKGQo63WlcFJjB2z8EG3qeSnd59H1aX57TU0I3UfizV0s5U/v+CG0i
HPLalA5wRcs8Rj6vJ5Pu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org