Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XPzsX_poemmzmA9AnIebF4iFjVM.roa
File: XPzsX_poemmzmA9AnIebF4iFjVM.roa (raw, json)
Hash identifier: wOg7K/x7Z/2bsbVnOWlv0oPE3rgiR2bw5YgVR9tv+0A=
Subject key identifier: 5C:FC:EC:5F:FA:68:7A:69:B3:98:0F:40:9C:87:9B:17:88:85:8D:53
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A2005642DC9AF50DBD40785A0A33B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XPzsX_poemmzmA9AnIebF4iFjVM.roa
Signing time: Wed 01 Jan 2025 19:49:05 +0000
ROA not before: Wed 01 Jan 2025 19:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 163.5.7.0/24 maxlen: 24
163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 13:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:20:05:64:2d:c9:af:50:db:d4:07:85:a0:a3:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cfcec5ffa687a69b3980f409c879b1788858d53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5c:a2:d6:58:02:e7:03:7e:ab:6b:81:49:39:
c0:59:c0:63:d8:7c:94:24:da:e8:0c:74:ee:fe:52:
2c:43:dc:d2:5d:35:36:d9:40:2f:13:c3:53:fb:40:
87:61:f4:52:12:6a:a9:14:11:cd:e9:f8:d4:41:fb:
65:49:f2:54:ff:bf:31:88:dc:16:b5:09:a4:90:fd:
5d:5d:00:89:81:4e:61:30:24:73:2d:87:97:f0:96:
b6:6b:ff:cc:55:ca:31:10:81:f2:20:40:e4:d8:6a:
fa:0b:bd:f2:d7:c9:a2:15:c7:07:65:69:4d:2f:ef:
39:e9:57:d2:66:54:2a:40:ea:14:8c:d3:ed:82:e7:
1d:e7:ea:82:7a:d5:3f:46:60:79:7c:a6:34:5f:0c:
63:81:cf:75:c0:65:6d:a4:ad:65:0e:18:41:3d:4c:
2a:fe:f5:22:6b:cc:3e:81:91:8f:99:3e:34:af:91:
12:ea:c0:a5:3e:8a:51:5e:0d:8f:87:1f:99:fa:ab:
ea:e7:75:9a:ff:b9:d9:42:63:15:2f:fd:d2:42:aa:
56:4e:a2:43:0d:9d:5b:49:a4:8c:72:0e:30:bb:8e:
01:34:65:8d:95:39:97:ba:4d:52:50:72:92:5b:3b:
21:64:1f:fb:aa:47:87:3f:e2:fb:62:b7:d0:eb:f4:
c7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FC:EC:5F:FA:68:7A:69:B3:98:0F:40:9C:87:9B:17:88:85:8D:53
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XPzsX_poemmzmA9AnIebF4iFjVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.7.0-163.5.9.255
163.5.13.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:1a:9f:39:6d:77:6e:42:bf:a4:bc:fc:a0:30:6e:d1:87:93:
ac:75:66:7b:5a:14:df:07:ab:73:07:47:12:cb:a1:23:b5:7d:
21:13:7e:22:59:92:c8:d5:d9:98:b2:e4:26:7d:a8:13:73:36:
c5:69:d5:45:d6:05:e9:1a:14:43:92:e5:e5:a6:03:10:ae:98:
95:39:57:7d:ad:ae:bb:2e:cc:19:64:41:19:78:86:34:93:7a:
d7:2d:33:1c:14:d1:61:5b:90:68:8c:d4:70:ef:ba:6c:9e:fa:
e5:bf:6e:75:8e:15:07:5b:6c:3a:10:ea:29:35:36:41:c2:71:
06:a2:55:df:6a:dd:f6:ae:fc:a1:73:10:bd:19:51:82:de:50:
30:28:af:db:f4:06:0d:d2:f4:16:f0:ee:f9:70:d8:38:62:95:
b5:7a:9e:15:08:a0:be:b3:1b:b3:2f:16:f1:62:ea:83:28:92:
9a:8b:bb:3f:8f:ab:dc:fc:c5:8f:55:a9:be:59:33:5a:ad:4d:
03:b6:83:90:76:ca:57:09:09:68:c0:4b:dc:8b:4a:fd:fb:7b:
3c:e2:5b:21:ba:89:8f:c2:40:94:7f:dc:01:32:44:25:53:54:
f0:df:ef:c2:ac:16:da:19:24:0a:61:f1:28:0a:d7:ad:05:69:
7b:b5:d7:54
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQjaiAFZC3Jr1Db1AeFoKM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ZjZWM1ZmZhNjg3YTY5YjM5ODBmNDA5Yzg3OWIxNzg4ODU4ZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVyi1lgC5wN+q2uBSTnAWcBj2HyU
JNroDHTu/lIsQ9zSXTU22UAvE8NT+0CHYfRSEmqpFBHN6fjUQftlSfJU/78xiNwW
tQmkkP1dXQCJgU5hMCRzLYeX8Ja2a//MVcoxEIHyIEDk2Gr6C73y18miFccHZWlN
L+856VfSZlQqQOoUjNPtgucd5+qCetU/RmB5fKY0Xwxjgc91wGVtpK1lDhhBPUwq
/vUia8w+gZGPmT40r5ES6sClPopRXg2Phx+Z+qvq53Wa/7nZQmMVL/3SQqpWTqJD
DZ1bSaSMcg4wu44BNGWNlTmXuk1SUHKSWzshZB/7qkeHP+L7YrfQ6/THhQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFz87F/6aHpps5gPQJyHmxeIhY1TMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWFB6c1hfcG9lbW16bUE5QW5JZWJGNGlGalZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACjBQcD
BAGjBQgDBACjBQ0wDQYJKoZIhvcNAQELBQADggEBAJ4anzltd25Cv6S8/KAwbtGH
k6x1ZntaFN8Hq3MHRxLLoSO1fSETfiJZksjV2Ziy5CZ9qBNzNsVp1UXWBekaFEOS
5eWmAxCumJU5V32trrsuzBlkQRl4hjSTetctMxwU0WFbkGiM1HDvumye+uW/bnWO
FQdbbDoQ6ik1NkHCcQaiVd9q3fau/KFzEL0ZUYLeUDAor9v0Bg3S9Bbw7vlw2Dhi
lbV6nhUIoL6zG7MvFvFi6oMokpqLuz+Pq9z8xY9Vqb5ZM1qtTQO2g5B2ylcJCWjA
S9yLSv37ezziWyG6iY/CQJR/3AEyRCVTVPDf78KsFtoZJAph8SgK160FaXu111Q=
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:55:41 2025 by rpki-client