Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bLy3U8ww2JzcS_voDnfYT5H3rto.roa
File: bLy3U8ww2JzcS_voDnfYT5H3rto.roa (raw, json)
Hash identifier: 4HhRfEneRxp5QG+t3VDlcIOyHqSOzeN5DrTmJ1snDqM=
Subject key identifier: 6C:BC:B7:53:CC:30:D8:9C:DC:4B:FB:E8:0E:77:D8:4F:91:F7:AE:DA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019473CE4A11EAC487848267CADDFE3A36DF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bLy3U8ww2JzcS_voDnfYT5H3rto.roa
Signing time: Fri 17 Jan 2025 10:28:06 +0000
ROA not before: Fri 17 Jan 2025 10:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 163.5.22.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 10:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:ce:4a:11:ea:c4:87:84:82:67:ca:dd:fe:3a:36:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 17 10:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cbcb753cc30d89cdc4bfbe80e77d84f91f7aeda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e2:1f:e8:40:5a:76:11:02:22:4a:2b:f7:23:
d9:79:3f:b4:7a:a1:af:43:8b:80:63:2f:cd:f8:0e:
3c:07:f6:ad:0b:90:9f:22:32:dd:8f:02:62:c8:4b:
49:ce:c0:0a:b6:6a:00:a1:14:9c:e4:e2:73:74:85:
75:0f:25:d9:25:a7:11:0b:f9:fd:3e:10:29:2f:9e:
01:88:cc:e2:25:9b:36:8c:69:24:4b:43:ed:7f:3e:
ab:8f:34:60:31:8e:31:82:97:cd:f6:dc:e1:ce:b2:
e2:78:e0:26:5e:94:c7:39:5c:9e:00:d2:42:7e:bf:
46:86:26:25:d8:4a:2a:54:f0:ce:b8:98:3a:70:70:
8c:2b:bb:1e:94:1a:9f:bc:09:1c:b8:d8:a1:1a:82:
da:a8:27:8d:10:d1:80:2a:d8:58:2e:05:88:cd:a3:
8d:41:9e:5a:43:9c:0f:30:b9:4f:20:3f:41:50:64:
e3:bd:08:fb:54:1f:74:94:7b:2e:e2:98:52:15:2e:
93:cb:b6:8a:8a:3c:b0:fd:34:e1:84:30:27:1b:b2:
d2:53:88:2b:f9:a3:87:55:bf:8f:73:a2:51:dd:e9:
13:5c:14:c8:35:3d:90:59:eb:45:9d:b3:2e:e7:16:
17:06:48:77:82:98:3c:a7:45:87:42:dd:22:3e:db:
6a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BC:B7:53:CC:30:D8:9C:DC:4B:FB:E8:0E:77:D8:4F:91:F7:AE:DA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bLy3U8ww2JzcS_voDnfYT5H3rto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.22.0/24
163.5.31.0/24
163.5.46.0/24
163.5.62.0/24
163.5.144.0/24
163.5.149.0/24
163.5.187.0/24
163.5.209.0/24
163.5.247.0/24
Signature Algorithm: sha256WithRSAEncryption
01:28:1b:95:36:00:a9:ba:df:44:4d:d8:db:7a:66:e1:37:2f:
5c:06:ae:9a:6e:fd:d5:bd:8e:e4:0f:2e:fb:0d:55:d0:b1:94:
fb:76:86:7c:ea:fa:ab:a4:68:8d:2d:ba:be:09:05:56:69:a7:
7a:2f:f9:91:03:62:c7:8b:41:c7:dc:0e:f4:e9:cf:cb:9b:1c:
f6:60:fe:5e:c7:d6:db:e2:39:d8:ad:75:73:4e:1c:63:80:bd:
d2:a4:a5:8c:e3:b3:37:20:ca:b0:45:c6:55:9b:5f:0d:69:f5:
aa:31:3b:aa:f9:57:07:a3:3f:7b:eb:23:01:90:54:a8:62:34:
77:ba:65:4f:da:55:e2:14:db:f1:9f:3f:56:e6:d3:bf:9f:a1:
c8:f8:d5:db:c2:f7:73:da:f1:58:8c:87:7a:3d:bb:d4:b1:a0:
33:ca:fa:c3:f4:d3:66:d3:3c:17:dd:fa:95:f2:c5:01:94:fc:
fd:bf:c2:ba:d6:d9:50:f8:52:ad:25:d7:2e:f2:bf:02:d3:5d:
61:68:52:f9:10:17:35:fa:ab:a0:95:de:ae:1f:f6:68:9b:65:
83:31:48:fc:57:64:3d:cc:f6:8e:3d:04:df:de:ad:ce:b7:a8:
49:f5:fb:b8:bc:ad:64:9e:e1:65:e6:0a:4f:75:da:37:d3:7d:
14:84:b3:7f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZRzzkoR6sSHhIJnyt3+OjbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTE3MTAyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JjYjc1M2NjMzBkODljZGM0YmZiZTgwZTc3ZDg0ZjkxZjdhZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+If6EBadhECIkor9yPZeT+0eqGv
Q4uAYy/N+A48B/atC5CfIjLdjwJiyEtJzsAKtmoAoRSc5OJzdIV1DyXZJacRC/n9
PhApL54BiMziJZs2jGkkS0Ptfz6rjzRgMY4xgpfN9tzhzrLieOAmXpTHOVyeANJC
fr9GhiYl2EoqVPDOuJg6cHCMK7selBqfvAkcuNihGoLaqCeNENGAKthYLgWIzaON
QZ5aQ5wPMLlPID9BUGTjvQj7VB90lHsu4phSFS6Ty7aKijyw/TThhDAnG7LSU4gr
+aOHVb+Pc6JR3ekTXBTINT2QWetFnbMu5xYXBkh3gpg8p0WHQt0iPttqQwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGy8t1PMMNic3Ev76A532E+R967aMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYkx5M1U4d3cySnpjU192b0RuZllUNUgzcnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAowUWAwQA
owUfAwQAowUuAwQAowU+AwQAowWQAwQAowWVAwQAowW7AwQAowXRAwQAowX3MA0G
CSqGSIb3DQEBCwUAA4IBAQABKBuVNgCput9ETdjbembhNy9cBq6abv3VvY7kDy77
DVXQsZT7doZ86vqrpGiNLbq+CQVWaad6L/mRA2LHi0HH3A706c/Lmxz2YP5ex9bb
4jnYrXVzThxjgL3SpKWM47M3IMqwRcZVm18NafWqMTuq+VcHoz976yMBkFSoYjR3
umVP2lXiFNvxnz9W5tO/n6HI+NXbwvdz2vFYjId6PbvUsaAzyvrD9NNm0zwX3fqV
8sUBlPz9v8K61tlQ+FKtJdcu8r8C011haFL5EBc1+qugld6uH/Zom2WDMUj8V2Q9
zPaOPQTf3q3Ot6hJ9fu4vK1knuFl5gpPddo3030UhLN/
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:57:53 2025 by rpki-client