Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/axNAmyUqhZIk2V4az7Kz6W4NQfY.roa
File: axNAmyUqhZIk2V4az7Kz6W4NQfY.roa (raw, json)
Hash identifier: CcECmj9SoCUVG6XZ7d/YqzliknjBY/ChwZ79WagemCI=
Subject key identifier: 6B:13:40:9B:25:2A:85:92:24:D9:5E:1A:CF:B2:B3:E9:6E:0D:41:F6
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018EC2EA1B5090120FF8CF0C2A1729CD7AE4
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/axNAmyUqhZIk2V4az7Kz6W4NQfY.roa
Signing time: Tue 09 Apr 2024 12:51:46 +0000
ROA not before: Tue 09 Apr 2024 12:51:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 163.5.82.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Apr 2024 15:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:ea:1b:50:90:12:0f:f8:cf:0c:2a:17:29:cd:7a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 9 12:51:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b13409b252a859224d95e1acfb2b3e96e0d41f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:19:76:5c:2a:bf:36:5e:74:5b:a5:90:06:64:
4c:4a:18:78:ec:cb:ac:73:cf:8c:aa:49:5a:53:e1:
7c:70:1d:69:07:33:0a:85:92:f3:a6:42:43:28:79:
16:eb:83:42:55:ee:30:bd:24:bd:1c:0f:3e:b9:0a:
e8:91:4d:65:36:95:4a:8b:fc:2c:26:0c:a7:a9:91:
e8:4a:c7:07:19:66:01:81:53:6b:35:e0:dd:8b:31:
3e:9a:34:6a:0e:0c:88:b2:0b:f5:a7:73:2c:b8:04:
ae:55:bd:a7:8a:7f:28:77:02:5e:24:67:91:b8:08:
89:98:e2:eb:62:71:ee:0f:4d:74:4e:55:c7:10:12:
09:04:11:95:e2:0e:b3:19:1e:f5:00:de:6f:39:cb:
96:27:d1:00:c9:a7:79:b7:5c:76:d2:62:49:ff:d8:
d1:62:24:c8:dd:6b:95:62:bc:a9:5c:71:e0:0d:0e:
c7:a4:29:dc:8b:e1:13:46:7e:b2:67:a3:ac:de:73:
8c:ef:a2:ec:f0:20:71:f1:6f:d8:d3:a2:2c:a4:5a:
c8:61:6d:4c:97:d6:8c:b7:fe:77:0a:61:2f:3d:6e:
5b:d2:fc:cc:55:9a:62:69:81:e2:f9:ee:e6:9d:2d:
85:cb:2e:36:fb:a2:26:66:bd:a8:20:cd:a9:8d:16:
37:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:13:40:9B:25:2A:85:92:24:D9:5E:1A:CF:B2:B3:E9:6E:0D:41:F6
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/axNAmyUqhZIk2V4az7Kz6W4NQfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.82.0/24
163.5.99.0/24
163.5.127.0/24
163.5.202.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
56:3c:a8:7e:0f:f6:f1:c9:cf:77:cf:fd:fb:48:b7:cf:2a:74:
79:fa:96:54:5d:cc:bd:6f:92:27:da:1d:fe:df:09:4b:78:f1:
28:6b:50:c8:7a:33:10:12:ea:aa:49:e8:59:fe:bf:ab:95:68:
63:da:ed:0d:c5:bf:50:39:68:40:d8:d4:86:fa:f1:44:c9:ba:
0a:90:8f:a8:ec:8b:cf:1b:21:4d:a3:37:aa:63:af:d6:31:75:
88:d6:d8:63:c7:6e:74:ce:4a:ac:4b:c9:b8:d3:81:54:b9:c9:
25:17:b4:84:d2:4e:5d:dc:6d:57:15:82:71:96:af:f8:27:c6:
7a:f6:3f:f2:e6:1a:59:bb:3b:76:c9:5c:90:2b:f4:22:77:ca:
be:f1:e1:ad:da:9f:ef:f8:b2:9c:2c:79:9a:88:ca:a6:96:a0:
11:3a:cc:39:bb:bc:d1:35:10:68:eb:23:32:42:9d:08:68:ee:
25:9f:0d:b8:ab:3d:6f:49:08:2c:2c:a6:72:e7:72:8b:95:20:
d0:3b:e7:d3:cb:15:ce:14:25:2f:e1:75:62:d5:35:6b:72:a1:
e8:a4:6b:cc:ff:2a:46:84:0a:c8:7c:a8:2f:a3:d0:e5:20:15:
b7:9f:c1:1d:1c:e8:96:01:a9:c9:ef:81:f9:6f:fe:18:ae:72:
ec:be:8d:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7C6htQkBIP+M8MKhcpzXrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDA5MTI1MTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjEzNDA5YjI1MmE4NTkyMjRkOTVlMWFjZmIyYjNlOTZlMGQ0MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRl2XCq/Nl50W6WQBmRMShh47Mus
c8+MqklaU+F8cB1pBzMKhZLzpkJDKHkW64NCVe4wvSS9HA8+uQrokU1lNpVKi/ws
JgynqZHoSscHGWYBgVNrNeDdizE+mjRqDgyIsgv1p3MsuASuVb2nin8odwJeJGeR
uAiJmOLrYnHuD010TlXHEBIJBBGV4g6zGR71AN5vOcuWJ9EAyad5t1x20mJJ/9jR
YiTI3WuVYrypXHHgDQ7HpCnci+ETRn6yZ6Os3nOM76Ls8CBx8W/Y06IspFrIYW1M
l9aMt/53CmEvPW5b0vzMVZpiaYHi+e7mnS2Fyy42+6ImZr2oIM2pjRY3eQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGsTQJslKoWSJNleGs+ys+luDUH2MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYXhOQW15VXFoWklrMlY0YXo3S3o2VzROUWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowVSAwQA
owVjAwQAowV/AwQAowXKAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQBWPKh+D/bx
yc93z/37SLfPKnR5+pZUXcy9b5In2h3+3wlLePEoa1DIejMQEuqqSehZ/r+rlWhj
2u0Nxb9QOWhA2NSG+vFEyboKkI+o7IvPGyFNozeqY6/WMXWI1thjx250zkqsS8m4
04FUucklF7SE0k5d3G1XFYJxlq/4J8Z69j/y5hpZuzt2yVyQK/Qid8q+8eGt2p/v
+LKcLHmaiMqmlqAROsw5u7zRNRBo6yMyQp0IaO4lnw24qz1vSQgsLKZy53KLlSDQ
O+fTyxXOFCUv4XVi1TVrcqHopGvM/ypGhArIfKgvo9DlIBW3n8EdHOiWAanJ74H5
b/4YrnLsvo3w
-----END CERTIFICATE-----
Generated at Sun Apr 28 19:21:22 2024 by rpki-client on console-fra.rpki-client.org