Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_XpgOB3WREwH1wN3_0cF87jmOD0.roa
File: _XpgOB3WREwH1wN3_0cF87jmOD0.roa (raw, json)
Hash identifier: ykQsfh4/CSk9/F+k9Snen+/Rlf7WjFDDcF9HHmU9W9s=
Subject key identifier: FD:7A:60:38:1D:D6:44:4C:07:D7:03:77:FF:47:05:F3:B8:E6:38:3D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01929AFBA95F2B72BED07E71EE9B877F6064
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_XpgOB3WREwH1wN3_0cF87jmOD0.roa
Signing time: Thu 17 Oct 2024 14:57:17 +0000
ROA not before: Thu 17 Oct 2024 14:57:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56339
IP address blocks: 163.5.2.0/24 maxlen: 24
163.5.5.0/24 maxlen: 24
163.5.10.0/24 maxlen: 24
163.5.11.0/24 maxlen: 24
163.5.12.0/24 maxlen: 24
163.5.20.0/24 maxlen: 24
163.5.21.0/24 maxlen: 24
163.5.23.0/24 maxlen: 24
163.5.24.0/24 maxlen: 24
163.5.40.0/24 maxlen: 24
163.5.41.0/24 maxlen: 24
163.5.42.0/24 maxlen: 24
163.5.43.0/24 maxlen: 24
163.5.45.0/24 maxlen: 24
163.5.48.0/24 maxlen: 24
163.5.50.0/24 maxlen: 24
163.5.52.0/24 maxlen: 24
163.5.55.0/24 maxlen: 24
163.5.57.0/24 maxlen: 24
163.5.68.0/24 maxlen: 24
163.5.69.0/24 maxlen: 24
163.5.80.0/24 maxlen: 24
163.5.81.0/24 maxlen: 24
163.5.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 16:21:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:fb:a9:5f:2b:72:be:d0:7e:71:ee:9b:87:7f:60:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 17 14:57:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd7a60381dd6444c07d70377ff4705f3b8e6383d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8a:4c:cc:76:fa:d5:95:ab:c1:1c:00:cb:53:
76:28:b0:d6:91:a6:84:ab:ab:8e:fd:c7:e0:b7:c5:
27:4c:24:68:5d:e1:99:54:11:3c:d9:56:d7:3e:e3:
d6:e4:88:5e:fb:a4:4e:b1:40:d4:dc:3a:3c:28:ba:
0d:c0:04:ab:f0:0f:ba:94:6d:57:12:0f:2b:f5:4c:
eb:6e:e7:f8:81:c0:57:95:40:33:c0:46:2f:3c:2a:
b7:c0:e6:b6:18:4d:53:2f:8d:d5:62:cf:85:95:c9:
53:b5:e5:de:9f:ad:38:d1:9d:c2:ba:6d:31:ca:8b:
6a:d0:0d:e1:e1:74:f1:33:12:12:f9:e9:84:57:59:
95:80:8d:87:1f:3a:73:33:cd:c0:b4:c6:7e:b6:f8:
0f:60:81:20:3a:6b:1a:c1:6e:aa:fe:f3:cd:f2:26:
b0:f0:5a:d2:9b:eb:a4:cd:1c:05:f7:68:d5:a7:1c:
9a:2a:dc:b1:67:73:47:39:d2:3a:e4:76:dd:38:d5:
ea:ce:b3:19:1d:93:e7:eb:b3:ad:b7:d8:36:b3:4f:
9d:e8:a0:09:f2:41:66:f5:1a:a2:31:8e:f1:7b:19:
d6:05:d6:21:0b:9d:bc:40:8c:71:b9:80:e0:6c:86:
6c:4f:8a:19:23:cf:12:cd:3e:f4:8f:e2:a0:ae:03:
52:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7A:60:38:1D:D6:44:4C:07:D7:03:77:FF:47:05:F3:B8:E6:38:3D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_XpgOB3WREwH1wN3_0cF87jmOD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.2.0/24
163.5.5.0/24
163.5.10.0-163.5.12.255
163.5.20.0/23
163.5.23.0-163.5.24.255
163.5.40.0/22
163.5.45.0/24
163.5.48.0/24
163.5.50.0/24
163.5.52.0/24
163.5.55.0/24
163.5.57.0/24
163.5.68.0/23
163.5.80.0/23
163.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:60:da:93:87:57:cc:7e:27:83:a1:d6:0f:5a:ba:22:72:df:
a8:67:8e:1d:32:59:53:77:89:8b:e0:fa:17:84:ce:a6:36:9d:
6c:fc:e4:8d:5d:3a:87:c9:1b:8b:29:69:f5:9b:11:07:43:b8:
de:2d:2a:5c:d9:77:b9:d3:ff:f7:93:09:25:85:c4:22:fa:a3:
de:d9:12:67:a0:10:c8:b6:77:f2:23:92:7d:62:77:fc:5c:ab:
9b:d7:73:f5:43:89:c8:60:33:44:6f:90:11:88:14:f2:2a:45:
19:15:61:f1:0f:c8:69:7c:76:a9:ef:70:2b:fe:73:fa:ef:d1:
8c:81:40:f5:25:89:40:45:68:ad:0b:b0:c3:e7:aa:c6:21:6c:
08:54:13:ae:0e:20:c0:d2:cf:81:33:22:36:5f:cd:3c:52:0a:
6b:58:e8:21:20:17:48:34:ea:54:bd:7a:5a:9d:dd:4b:e9:67:
35:b8:b0:fe:9a:1e:6e:a6:b4:70:a8:15:89:3e:23:99:a6:b9:
f4:f7:30:df:01:10:af:7a:5f:e5:61:bc:78:d0:14:30:a1:5e:
ff:ea:eb:84:18:e1:70:d9:c1:8b:03:a1:74:ff:18:0d:fb:42:
5b:5b:be:83:32:6a:10:7b:d5:d6:e4:22:3e:dc:3b:02:8b:ad:
0d:58:5f:9c
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZKa+6lfK3K+0H5x7puHf2BkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMDE3MTQ1NzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdhNjAzODFkZDY0NDRjMDdkNzAzNzdmZjQ3MDVmM2I4ZTYzODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsopMzHb61ZWrwRwAy1N2KLDWkaaE
q6uO/cfgt8UnTCRoXeGZVBE82VbXPuPW5Ihe+6ROsUDU3Do8KLoNwASr8A+6lG1X
Eg8r9Uzrbuf4gcBXlUAzwEYvPCq3wOa2GE1TL43VYs+FlclTteXen6040Z3Cum0x
yotq0A3h4XTxMxIS+emEV1mVgI2HHzpzM83AtMZ+tvgPYIEgOmsawW6q/vPN8iaw
8FrSm+ukzRwF92jVpxyaKtyxZ3NHOdI65HbdONXqzrMZHZPn67Ott9g2s0+d6KAJ
8kFm9RqiMY7xexnWBdYhC528QIxxuYDgbIZsT4oZI88SzT70j+KgrgNSIwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFP16YDgd1kRMB9cDd/9HBfO45jg9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvX1hwZ09CM1dSRXdIMXdOM18wY0Y4N2ptT0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAKMFAgME
AKMFBTAMAwQBowUKAwQAowUMAwQBowUUMAwDBACjBRcDBACjBRgDBAKjBSgDBACj
BS0DBACjBTADBACjBTIDBACjBTQDBACjBTcDBACjBTkDBAGjBUQDBAGjBVADBACj
BVUwDQYJKoZIhvcNAQELBQADggEBAG5g2pOHV8x+J4Oh1g9auiJy36hnjh0yWVN3
iYvg+heEzqY2nWz85I1dOofJG4spafWbEQdDuN4tKlzZd7nT//eTCSWFxCL6o97Z
EmegEMi2d/Ijkn1id/xcq5vXc/VDichgM0RvkBGIFPIqRRkVYfEPyGl8dqnvcCv+
c/rv0YyBQPUliUBFaK0LsMPnqsYhbAhUE64OIMDSz4EzIjZfzTxSCmtY6CEgF0g0
6lS9elqd3UvpZzW4sP6aHm6mtHCoFYk+I5mmufT3MN8BEK96X+VhvHjQFDChXv/q
64QY4XDZwYsDoXT/GA37QltbvoMyahB71dbkIj7cOwKLrQ1YX5w=
-----END CERTIFICATE-----
Generated at Tue Nov 5 19:27:10 2024 by rpki-client on console-ams.rpki-client.org