Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WWsqC9C4rPy0Pht6ooey4NNLnUc.roa
File: WWsqC9C4rPy0Pht6ooey4NNLnUc.roa (raw, json)
Hash identifier: MqpIVTLB1i7OR4EDiUc37cPYlzf78nE+61NvtUDIF7g=
Subject key identifier: 59:6B:2A:0B:D0:B8:AC:FC:B4:3E:1B:7A:A2:87:B2:E0:D3:4B:9D:47
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0192FD328E08E3908AEF15E4BC2ADE1D3299
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WWsqC9C4rPy0Pht6ooey4NNLnUc.roa
Signing time: Tue 05 Nov 2024 16:40:01 +0000
ROA not before: Tue 05 Nov 2024 16:40:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 11:08:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:32:8e:08:e3:90:8a:ef:15:e4:bc:2a:de:1d:32:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 5 16:40:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=596b2a0bd0b8acfcb43e1b7aa287b2e0d34b9d47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:65:a7:d4:5b:cc:90:c4:87:d0:1b:d3:09:d5:
4e:bf:2e:92:49:e0:6a:01:9a:97:84:ee:c5:be:9e:
de:f8:f0:83:34:d5:e7:da:37:f8:47:92:3c:8c:9c:
fd:4c:5b:b4:28:b7:e4:df:da:42:58:43:aa:2d:fd:
ae:6a:e8:87:ac:06:45:14:45:59:b7:66:9f:b6:bb:
90:af:ea:61:bf:86:7e:bd:c1:76:ca:6c:a7:85:f4:
a6:3c:23:b0:f0:8a:44:8e:b6:d0:a3:3c:cd:25:e6:
ab:de:7b:6d:95:e6:aa:c8:76:70:cd:ed:a4:45:c3:
93:6e:d9:84:52:a0:6f:2b:4d:1a:0b:e0:2f:d3:2a:
f9:0a:d4:51:82:63:e9:3e:b7:2f:e9:fe:73:2e:15:
7c:3d:aa:31:54:e5:31:4b:6c:fa:d9:d5:37:1e:dc:
00:e7:6d:c3:68:71:3a:98:fb:39:06:45:45:ba:3b:
ad:7e:42:a5:19:ab:da:8e:49:d4:af:22:9f:88:19:
7c:30:c2:07:0b:e1:d0:b0:34:b4:fd:c8:db:23:2f:
56:b2:9f:7d:19:97:9c:0a:37:bc:ee:6b:72:04:9e:
bc:cd:01:8f:2c:c0:15:1b:a8:ba:c3:45:a8:97:e1:
9b:59:08:aa:a1:b3:44:7e:66:a8:02:88:93:7e:c2:
e1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:6B:2A:0B:D0:B8:AC:FC:B4:3E:1B:7A:A2:87:B2:E0:D3:4B:9D:47
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WWsqC9C4rPy0Pht6ooey4NNLnUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.86.0/24
163.5.97.0/24
163.5.175.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
17:7d:98:93:83:b7:7b:aa:2d:9e:06:73:9f:aa:fb:2b:2d:5e:
70:d0:2c:cf:32:2d:02:1e:6c:22:2b:61:e7:0f:a8:86:92:8a:
e5:f8:2d:e0:d6:27:ab:96:79:c3:2a:12:d0:9b:15:5f:a7:01:
3a:78:5b:e3:a5:7e:a8:9e:a8:52:a9:0e:21:01:a6:65:93:ca:
f4:f4:0b:67:24:8a:ec:c0:b1:7b:48:39:43:75:6b:18:6f:f4:
67:04:8a:7f:35:fd:c1:4e:6a:59:e9:ca:23:71:27:ac:69:7f:
1a:9f:ab:52:24:84:e7:f9:a3:24:c2:d6:be:6d:8b:68:ea:31:
9e:c5:2d:04:23:28:a6:b6:a4:5e:d5:77:d6:2a:23:03:9f:62:
18:20:75:46:c7:84:9a:d6:26:3b:cb:d7:09:90:a4:69:0a:fe:
4b:93:45:d4:87:c0:7c:be:9f:98:e0:e0:5f:6a:b5:f0:41:ad:
a6:77:87:ac:a8:eb:e7:2b:98:bc:bb:2b:6c:72:44:d0:fc:7b:
9d:0a:e8:c9:94:8f:be:46:33:45:72:ef:33:98:e0:c5:1c:c0:
69:8d:bd:c4:bc:0e:fe:e0:d6:67:26:d7:4e:42:dd:b0:bf:f4:
51:39:36:71:b6:25:e2:1f:e4:86:e2:ab:9c:dc:1f:6e:47:3a:
da:37:e0:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZL9Mo4I45CK7xXkvCreHTKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTA1MTY0MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTZiMmEwYmQwYjhhY2ZjYjQzZTFiN2FhMjg3YjJlMGQzNGI5ZDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGWn1FvMkMSH0BvTCdVOvy6SSeBq
AZqXhO7Fvp7e+PCDNNXn2jf4R5I8jJz9TFu0KLfk39pCWEOqLf2uauiHrAZFFEVZ
t2aftruQr+phv4Z+vcF2ymynhfSmPCOw8IpEjrbQozzNJear3nttleaqyHZwze2k
RcOTbtmEUqBvK00aC+Av0yr5CtRRgmPpPrcv6f5zLhV8PaoxVOUxS2z62dU3HtwA
523DaHE6mPs5BkVFujutfkKlGavajknUryKfiBl8MMIHC+HQsDS0/cjbIy9Wsp99
GZecCje87mtyBJ68zQGPLMAVG6i6w0Wol+GbWQiqobNEfmaoAoiTfsLhXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFlrKgvQuKz8tD4beqKHsuDTS51HMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvV1dzcUM5QzRyUHkwUGh0Nm9vZXk0Tk5MblVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVWAwQA
owVhAwQAowWvAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQAXfZiTg7d7qi2eBnOf
qvsrLV5w0CzPMi0CHmwiK2HnD6iGkorl+C3g1ierlnnDKhLQmxVfpwE6eFvjpX6o
nqhSqQ4hAaZlk8r09AtnJIrswLF7SDlDdWsYb/RnBIp/Nf3BTmpZ6cojcSesaX8a
n6tSJITn+aMkwta+bYto6jGexS0EIyimtqRe1XfWKiMDn2IYIHVGx4Sa1iY7y9cJ
kKRpCv5Lk0XUh8B8vp+Y4OBfarXwQa2md4esqOvnK5i8uytsckTQ/HudCujJlI++
RjNFcu8zmODFHMBpjb3EvA7+4NZnJtdOQt2wv/RROTZxtiXiH+SG4quc3B9uRzra
N+Ct
-----END CERTIFICATE-----
Generated at Wed Nov 13 14:06:16 2024 by rpki-client on console-ams.rpki-client.org