Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Za0z76Cfan52JY1yURZLswvvIDc.roa
File: Za0z76Cfan52JY1yURZLswvvIDc.roa (raw, json)
Hash identifier: d/NZ9FSw8Rixd2wR7xGPwr26Y08RbYwIPuONwWUu62U=
Subject key identifier: 65:AD:33:EF:A0:9F:6A:7E:76:25:8D:72:51:16:4B:B3:0B:EF:20:37
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D412DB912E028A10E311FDF189B0F4BBF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Za0z76Cfan52JY1yURZLswvvIDc.roa
Signing time: Thu 25 Jan 2024 15:12:11 +0000
ROA not before: Thu 25 Jan 2024 15:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 18:16:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:2d:b9:12:e0:28:a1:0e:31:1f:df:18:9b:0f:4b:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 25 15:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65ad33efa09f6a7e76258d7251164bb30bef2037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7f:36:b0:db:c7:62:13:5c:30:0b:67:b9:ba:
08:64:fa:66:f8:79:42:9d:7a:57:35:35:f3:b0:32:
7c:97:1f:04:d8:8b:1a:98:c1:3c:85:22:41:7e:3c:
48:2c:5e:17:4b:44:ff:a5:04:da:ca:88:eb:f6:07:
3b:f9:51:eb:26:3b:f8:e1:8a:fe:a7:4f:81:e3:ae:
5a:4d:ad:5c:5a:9a:df:6f:58:78:30:05:1f:60:31:
1c:d6:c5:2c:a9:ee:14:68:33:d0:5a:d5:4d:e7:0e:
f7:46:70:40:da:40:2c:8b:1e:c3:be:65:d2:cc:83:
3f:a4:1b:8e:66:b5:be:63:3d:f4:7a:e5:d1:28:33:
d2:89:b9:b2:ba:1f:27:fa:6e:e3:a9:8a:ba:88:94:
fc:d2:df:b9:20:ef:1c:40:d5:ff:a8:20:e6:fd:25:
7b:2f:33:2e:7a:ef:cd:2e:a9:7b:7a:cd:a0:4c:5d:
c6:2b:48:ec:1a:28:26:56:2b:96:cd:f8:05:57:e2:
1c:34:fb:ae:51:3c:15:c9:1a:69:15:8a:b3:56:76:
38:e8:1e:05:d1:db:ae:b0:19:7e:e6:91:6e:85:3d:
62:c8:c6:a8:fd:6c:5e:13:af:c9:86:8e:b8:77:05:
86:5b:05:c1:bd:2f:20:18:10:3e:7a:90:9f:13:f5:
0a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AD:33:EF:A0:9F:6A:7E:76:25:8D:72:51:16:4B:B3:0B:EF:20:37
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Za0z76Cfan52JY1yURZLswvvIDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.86.0/24
163.5.97.0/24
163.5.136.0/24
163.5.211.0/24
Signature Algorithm: sha256WithRSAEncryption
86:39:e7:6a:e1:fd:9b:90:a3:37:72:b2:b5:2a:ff:f3:b5:52:
5a:78:91:32:5a:7c:cf:af:47:94:b8:4e:16:cd:a4:cc:b8:a0:
ae:1b:83:16:6b:78:da:cf:6e:c9:3b:01:84:9d:7a:6a:2c:a3:
5e:ae:a5:9e:35:87:14:2d:b4:bc:2e:9a:7d:41:4e:71:00:d9:
73:57:07:f7:12:c3:cb:e9:d6:75:72:f0:2e:ec:e9:56:68:09:
3c:07:d7:60:ad:91:f3:89:d1:87:0b:fe:5a:b3:35:ae:ff:b6:
10:05:aa:fd:ea:04:55:d4:2a:c9:b0:c5:90:77:ab:33:09:e6:
a8:d8:b0:ae:fe:f3:96:97:70:f7:c2:7c:d0:be:c8:b6:6d:19:
06:f2:d0:30:46:ab:4d:c5:d7:cd:4f:fd:59:dd:f9:45:82:2a:
8c:eb:3e:73:5e:24:2b:9e:bb:8d:c4:af:99:01:fe:00:05:c6:
b1:91:b8:d1:7d:8b:d8:cd:4c:85:e1:1d:ff:f0:c4:40:96:d6:
38:16:e7:d0:c9:d8:e5:5e:f2:83:5e:ba:8e:9b:86:6f:74:54:
eb:29:31:e8:d2:51:80:b9:be:6e:32:9e:61:ef:a9:89:34:bb:
1e:b8:7a:31:50:2d:48:21:d6:89:d5:b2:42:c1:6d:7b:bd:af:
08:00:75:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1BLbkS4CihDjEf3xibD0u/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTI1MTUxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWFkMzNlZmEwOWY2YTdlNzYyNThkNzI1MTE2NGJiMzBiZWYyMDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH82sNvHYhNcMAtnuboIZPpm+HlC
nXpXNTXzsDJ8lx8E2IsamME8hSJBfjxILF4XS0T/pQTayojr9gc7+VHrJjv44Yr+
p0+B465aTa1cWprfb1h4MAUfYDEc1sUsqe4UaDPQWtVN5w73RnBA2kAsix7DvmXS
zIM/pBuOZrW+Yz30euXRKDPSibmyuh8n+m7jqYq6iJT80t+5IO8cQNX/qCDm/SV7
LzMueu/NLql7es2gTF3GK0jsGigmViuWzfgFV+IcNPuuUTwVyRppFYqzVnY46B4F
0duusBl+5pFuhT1iyMao/WxeE6/Jho64dwWGWwXBvS8gGBA+epCfE/UKtQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGWtM++gn2p+diWNclEWS7ML7yA3MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWmEwejc2Q2ZhbjUySlkxeVVSWkxzd3Z2SURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVWAwQA
owVhAwQAowWIAwQAowXTMA0GCSqGSIb3DQEBCwUAA4IBAQCGOedq4f2bkKM3crK1
Kv/ztVJaeJEyWnzPr0eUuE4WzaTMuKCuG4MWa3jaz27JOwGEnXpqLKNerqWeNYcU
LbS8Lpp9QU5xANlzVwf3EsPL6dZ1cvAu7OlWaAk8B9dgrZHzidGHC/5aszWu/7YQ
Bar96gRV1CrJsMWQd6szCeao2LCu/vOWl3D3wnzQvsi2bRkG8tAwRqtNxdfNT/1Z
3flFgiqM6z5zXiQrnruNxK+ZAf4ABcaxkbjRfYvYzUyF4R3/8MRAltY4FufQydjl
XvKDXrqOm4ZvdFTrKTHo0lGAub5uMp5h76mJNLseuHoxUC1IIdaJ1bJCwW17va8I
AHXK
-----END CERTIFICATE-----
Generated at Wed Mar 13 22:33:06 2024 by rpki-client on console-ams.rpki-client.org