Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/atIF-PcL7VTrtwAORS_qTMKBLtg.roa
File: atIF-PcL7VTrtwAORS_qTMKBLtg.roa (raw, json)
Hash identifier: Jz+jwsPsPpvYr5k3qpgE/CAeHfzV9UvHcCGMIN/5YGo=
Subject key identifier: 6A:D2:05:F8:F7:0B:ED:54:EB:B7:00:0E:45:2F:EA:4C:C2:81:2E:D8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0190C4B06B88BA2DB696A2E783629BB0237C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/atIF-PcL7VTrtwAORS_qTMKBLtg.roa
Signing time: Thu 18 Jul 2024 07:13:34 +0000
ROA not before: Thu 18 Jul 2024 07:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 163.5.124.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jul 2024 15:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c4:b0:6b:88:ba:2d:b6:96:a2:e7:83:62:9b:b0:23:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 18 07:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ad205f8f70bed54ebb7000e452fea4cc2812ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f1:2a:b4:ef:a5:0a:15:d2:31:16:2c:67:69:
d3:1b:36:ca:c4:ba:06:b7:39:df:2b:0e:a8:f0:26:
1b:7a:72:d2:10:23:3a:30:7c:b5:02:3a:96:8e:99:
96:03:c5:d5:1f:7d:e7:36:a5:cd:2f:6a:3e:1f:d6:
58:8b:90:62:fb:fd:58:da:c5:16:d3:31:03:2e:73:
07:74:10:ea:60:96:82:c0:06:43:1f:3f:2e:06:7e:
00:41:8a:84:9a:b6:d9:32:a7:0c:71:ab:1f:ad:a5:
46:7f:f5:7a:af:d4:1c:5e:89:b5:56:df:e7:e6:f0:
84:ff:e7:b7:15:59:00:d9:5c:b2:6b:75:2e:4e:d8:
0c:2e:d9:25:c8:03:60:08:7d:82:61:60:e2:52:4f:
7c:7b:e6:5b:eb:0c:78:a6:63:2e:1c:cf:04:07:ea:
90:01:cd:ce:87:e6:de:bd:78:0c:e9:f5:ae:ef:9f:
b8:41:24:54:5e:14:79:16:84:83:41:85:eb:55:78:
19:24:9a:17:f1:0b:17:32:f3:74:6a:97:36:05:a1:
39:b0:26:2e:e9:f1:2b:7c:60:df:81:d6:1c:65:26:
2e:9d:cb:1e:de:f0:fd:05:32:b6:8f:bb:27:dd:7f:
4e:19:c3:a5:32:fe:4f:3b:0d:bb:d7:31:8e:39:b9:
de:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D2:05:F8:F7:0B:ED:54:EB:B7:00:0E:45:2F:EA:4C:C2:81:2E:D8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/atIF-PcL7VTrtwAORS_qTMKBLtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.124.0/24
163.5.134.0/24
163.5.136.0/24
163.5.163.0/24
163.5.166.0/24
163.5.173.0/24
Signature Algorithm: sha256WithRSAEncryption
02:a3:99:6f:27:9e:28:ef:f6:d2:33:bf:d6:e1:16:43:78:b9:
28:44:af:e4:1f:aa:2b:6c:18:87:92:40:e2:23:25:92:ce:aa:
6d:9f:ed:6a:02:1d:af:77:b5:1c:1b:74:c7:d6:a2:0c:ee:80:
ca:6f:9a:f5:17:da:e2:a6:1c:f6:3a:eb:cd:4d:33:4e:4d:68:
c9:02:86:61:3a:ac:2b:42:36:dc:54:01:1c:65:10:de:15:dc:
5a:18:37:1e:29:d3:62:a7:58:58:34:46:81:80:c3:d6:87:90:
ce:ef:31:c3:89:ca:0f:4f:df:36:6e:c1:20:c0:a5:42:56:18:
2e:47:59:7d:9b:ad:83:1c:0f:8c:89:97:7f:1c:3a:10:3d:dc:
cc:ab:00:15:b2:52:8f:63:7c:9b:2d:8b:d0:ce:83:82:2f:f6:
c1:0e:bb:41:2b:b2:ff:e5:cd:af:c0:14:7a:50:e2:9f:74:2e:
97:2c:5c:d4:e3:45:e3:14:71:5e:48:0a:61:c0:0b:48:07:7e:
29:24:68:ea:68:9b:9b:b1:38:fd:95:f2:75:f2:7f:b3:26:0e:
32:49:f6:18:d0:58:8e:d8:16:7c:e9:9f:ff:1f:09:02:bb:1d:
41:b4:2a:33:9d:38:5c:86:28:db:27:2a:ea:c3:8f:56:a5:6c:
03:a7:f6:70
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZDEsGuIui22lqLng2KbsCN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzE4MDcxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQyMDVmOGY3MGJlZDU0ZWJiNzAwMGU0NTJmZWE0Y2MyODEyZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvEqtO+lChXSMRYsZ2nTGzbKxLoG
tznfKw6o8CYbenLSECM6MHy1AjqWjpmWA8XVH33nNqXNL2o+H9ZYi5Bi+/1Y2sUW
0zEDLnMHdBDqYJaCwAZDHz8uBn4AQYqEmrbZMqcMcasfraVGf/V6r9QcXom1Vt/n
5vCE/+e3FVkA2Vyya3UuTtgMLtklyANgCH2CYWDiUk98e+Zb6wx4pmMuHM8EB+qQ
Ac3Oh+bevXgM6fWu75+4QSRUXhR5FoSDQYXrVXgZJJoX8QsXMvN0apc2BaE5sCYu
6fErfGDfgdYcZSYuncse3vD9BTK2j7sn3X9OGcOlMv5POw271zGOObne+QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGrSBfj3C+1U67cADkUv6kzCgS7YMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYXRJRi1QY0w3VlRydHdBT1JTX3FUTUtCTHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowV8AwQA
owWGAwQAowWIAwQAowWjAwQAowWmAwQAowWtMA0GCSqGSIb3DQEBCwUAA4IBAQAC
o5lvJ54o7/bSM7/W4RZDeLkoRK/kH6orbBiHkkDiIyWSzqptn+1qAh2vd7UcG3TH
1qIM7oDKb5r1F9riphz2OuvNTTNOTWjJAoZhOqwrQjbcVAEcZRDeFdxaGDceKdNi
p1hYNEaBgMPWh5DO7zHDicoPT982bsEgwKVCVhguR1l9m62DHA+MiZd/HDoQPdzM
qwAVslKPY3ybLYvQzoOCL/bBDrtBK7L/5c2vwBR6UOKfdC6XLFzU40XjFHFeSAph
wAtIB34pJGjqaJubsTj9lfJ18n+zJg4ySfYY0FiO2BZ86Z//HwkCux1BtCoznThc
hijbJyrqw49WpWwDp/Zw
-----END CERTIFICATE-----
Generated at Sat Jul 20 18:20:49 2024 by rpki-client on console-ams.rpki-client.org