Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/X3pIy_mTm7R7LOfFPt7-ecEjmHE.roa
File: X3pIy_mTm7R7LOfFPt7-ecEjmHE.roa (raw, json)
Hash identifier: 45hXwac9ro90x2dUQ8ajI6YvOSlxnf640jeicnjXiXs=
Subject key identifier: 5F:7A:48:CB:F9:93:9B:B4:7B:2C:E7:C5:3E:DE:FE:79:C1:23:98:71
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019027093AB5CE3500250AD656EB95705BA1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/X3pIy_mTm7R7LOfFPt7-ecEjmHE.roa
Signing time: Mon 17 Jun 2024 16:30:34 +0000
ROA not before: Mon 17 Jun 2024 16:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jul 2024 04:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:27:09:3a:b5:ce:35:00:25:0a:d6:56:eb:95:70:5b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 17 16:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f7a48cbf9939bb47b2ce7c53edefe79c1239871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d4:56:0d:86:45:81:fa:18:cd:77:83:5d:80:
62:91:e1:bc:97:34:38:48:91:49:d0:85:4b:94:7a:
d1:11:f1:b9:01:d5:e6:2b:c5:e1:06:7a:1f:db:13:
ba:e4:73:9f:b8:2b:41:a4:f4:c6:fd:a3:c8:9a:a4:
b7:16:40:14:99:76:70:09:0d:22:2d:a1:0e:64:73:
66:db:7b:11:8d:57:21:0b:a0:85:37:96:8b:7e:10:
54:cc:8b:ba:3b:17:d6:74:96:38:cd:50:06:2c:d4:
38:a9:6e:3c:e7:6f:d0:c3:84:e9:d8:90:cc:a8:33:
83:70:f7:23:8a:cd:3d:1e:99:a3:36:0c:4b:b4:f5:
46:47:cb:6f:27:df:cd:10:bc:b2:87:5c:4b:ab:30:
c9:3f:d4:b5:90:f9:e1:8c:44:8b:5f:60:a8:0e:7a:
aa:fa:ea:3c:4d:de:df:f4:2b:ff:24:47:a9:07:47:
eb:17:ed:19:fe:ff:f8:cf:e4:da:47:2b:2f:52:f9:
75:25:60:f9:5a:8b:30:f4:2a:0e:90:93:d5:70:34:
9e:6f:97:2d:d6:38:66:09:06:ad:98:b4:1b:0f:b5:
5f:8e:58:75:5d:83:97:4d:39:26:de:47:62:ba:92:
04:25:42:66:af:89:66:6b:90:24:0e:3e:a8:a3:d9:
da:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:7A:48:CB:F9:93:9B:B4:7B:2C:E7:C5:3E:DE:FE:79:C1:23:98:71
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/X3pIy_mTm7R7LOfFPt7-ecEjmHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.124.0/23
163.5.134.0/24
163.5.136.0/24
163.5.162.0/23
163.5.166.0/24
163.5.173.0/24
163.5.185.0/24
Signature Algorithm: sha256WithRSAEncryption
79:b2:2e:8c:8e:7f:9d:9b:9f:33:5a:1b:52:03:d2:99:77:92:
86:5d:0e:ba:dc:93:2d:4e:c2:d7:4c:13:b4:e5:b7:d1:ed:f2:
fa:d2:ee:76:2b:cb:5d:35:4c:14:18:7d:e7:b5:92:d7:98:f1:
a5:2c:d1:b7:c3:88:c5:a3:28:5f:36:95:e2:e3:81:93:d5:aa:
62:45:33:54:53:38:f1:74:4c:75:e0:3b:3b:2c:35:8c:d9:4a:
f6:b6:13:43:a0:8e:c2:2f:2a:9e:2c:11:69:0b:2b:53:8c:e1:
44:31:8d:55:30:c7:da:f6:d8:3c:7c:74:4e:1a:06:08:ff:ea:
f3:7d:ed:c8:63:6f:c0:c8:71:cf:53:f8:21:38:09:ad:51:16:
3a:e1:6f:76:3f:cd:30:3f:a6:68:a0:9d:6e:d9:d2:b1:35:e6:
0b:5b:7e:ce:a5:62:61:04:e9:ce:d1:d5:67:d7:f7:08:5a:8d:
7a:58:77:07:1d:25:74:b0:c5:50:da:24:d5:59:e2:a5:9d:9f:
47:dc:16:88:77:00:df:b0:a9:ad:7d:2d:11:82:9a:0f:75:68:
cf:17:1b:d0:76:c4:06:92:cb:40:b5:0f:ad:d8:79:69:e6:72:
a0:82:9f:56:06:8c:99:e5:9c:70:56:9d:12:40:06:00:00:5e:
b8:5d:dd:68
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZAnCTq1zjUAJQrWVuuVcFuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNjE3MTYzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjdhNDhjYmY5OTM5YmI0N2IyY2U3YzUzZWRlZmU3OWMxMjM5ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dRWDYZFgfoYzXeDXYBikeG8lzQ4
SJFJ0IVLlHrREfG5AdXmK8XhBnof2xO65HOfuCtBpPTG/aPImqS3FkAUmXZwCQ0i
LaEOZHNm23sRjVchC6CFN5aLfhBUzIu6OxfWdJY4zVAGLNQ4qW4852/Qw4Tp2JDM
qDODcPcjis09HpmjNgxLtPVGR8tvJ9/NELyyh1xLqzDJP9S1kPnhjESLX2CoDnqq
+uo8Td7f9Cv/JEepB0frF+0Z/v/4z+TaRysvUvl1JWD5Wosw9CoOkJPVcDSeb5ct
1jhmCQatmLQbD7Vfjlh1XYOXTTkm3kdiupIEJUJmr4lma5AkDj6oo9naTQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF96SMv5k5u0eyznxT7e/nnBI5hxMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWDNwSXlfbVRtN1I3TE9mRlB0Ny1lY0VqbUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBowV8AwQA
owWGAwQAowWIAwQBowWiAwQAowWmAwQAowWtAwQAowW5MA0GCSqGSIb3DQEBCwUA
A4IBAQB5si6Mjn+dm58zWhtSA9KZd5KGXQ663JMtTsLXTBO05bfR7fL60u52K8td
NUwUGH3ntZLXmPGlLNG3w4jFoyhfNpXi44GT1apiRTNUUzjxdEx14Ds7LDWM2Ur2
thNDoI7CLyqeLBFpCytTjOFEMY1VMMfa9tg8fHROGgYI/+rzfe3IY2/AyHHPU/gh
OAmtURY64W92P80wP6ZooJ1u2dKxNeYLW37OpWJhBOnO0dVn1/cIWo16WHcHHSV0
sMVQ2iTVWeKlnZ9H3BaIdwDfsKmtfS0RgpoPdWjPFxvQdsQGkstAtQ+t2Hlp5nKg
gp9WBoyZ5ZxwVp0SQAYAAF64Xd1o
-----END CERTIFICATE-----
Generated at Wed Jul 10 05:45:14 2024 by rpki-client on console-fra.rpki-client.org