Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bZTyndJ5OMmWpRW8bAxY_xCtBG0.roa
File: bZTyndJ5OMmWpRW8bAxY_xCtBG0.roa (raw, json)
Hash identifier: NRV1sjfg//eDOUORXi7XOKajIXaxZeku+rOFtExe/JQ=
Subject key identifier: 6D:94:F2:9D:D2:79:38:C9:96:A5:15:BC:6C:0C:58:FF:10:AD:04:6D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018E2D411B680BCD19E7FA60CA0F1DC54960
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bZTyndJ5OMmWpRW8bAxY_xCtBG0.roa
Signing time: Mon 11 Mar 2024 11:23:45 +0000
ROA not before: Mon 11 Mar 2024 11:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 163.5.154.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 13:22:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:41:1b:68:0b:cd:19:e7:fa:60:ca:0f:1d:c5:49:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 11 11:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d94f29dd27938c996a515bc6c0c58ff10ad046d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e1:42:f8:17:83:f0:40:b4:3d:bd:d0:56:6b:
26:ab:20:9e:1c:ec:ce:08:a8:64:aa:39:41:5c:3c:
da:81:0c:45:fa:a0:95:fc:2b:80:08:26:84:c7:be:
06:74:c8:6f:c0:82:57:ae:6f:cd:b9:e6:93:d5:32:
04:61:fa:fb:d6:af:10:26:27:dd:b2:f3:4a:42:6b:
b6:03:7c:cd:ef:9e:23:64:96:0c:65:6d:46:7a:c7:
f4:dc:26:fe:38:28:78:36:0a:5b:a8:12:30:60:08:
32:cc:81:1a:af:1d:7b:7b:33:eb:98:00:42:09:9c:
b4:03:9a:23:db:bd:d1:36:90:71:fc:73:a1:14:c4:
d7:d7:7b:30:d9:7a:9b:4c:19:ba:a0:32:ee:20:aa:
c0:66:ed:66:aa:0d:ad:28:9c:f3:70:bf:81:5a:3e:
c1:fb:ab:bf:87:7a:8a:cd:87:68:8b:64:35:65:4f:
bb:62:b5:7d:84:ee:28:aa:cf:c8:de:ee:fe:9d:3d:
a0:d7:a0:63:94:15:5e:6a:2c:3f:f8:32:c4:fc:ac:
d1:32:7e:76:59:a1:ad:0b:b8:cb:4b:67:f4:03:97:
60:52:da:8f:82:50:8d:7c:7b:73:8f:ff:88:1c:70:
d0:1d:e4:9f:72:13:cc:2d:e7:da:ff:39:b8:ea:6d:
0f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:94:F2:9D:D2:79:38:C9:96:A5:15:BC:6C:0C:58:FF:10:AD:04:6D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bZTyndJ5OMmWpRW8bAxY_xCtBG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.154.0/24
163.5.192.0/23
163.5.195.0/24
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
24:63:40:57:dc:5f:41:af:f5:87:b3:b1:a7:74:e4:17:5b:05:
fc:72:9c:ed:27:9f:f4:4d:bc:13:f7:86:82:31:4c:36:23:0b:
6f:5b:68:1b:20:1d:dd:92:78:1f:ec:3c:32:9b:7a:63:cf:82:
f2:bc:57:3f:2e:c6:1d:24:c0:a9:49:03:6a:e8:f2:bd:5a:e2:
d5:de:c7:2d:e4:01:67:95:6e:dc:b6:09:05:e0:94:35:07:f4:
4d:ee:87:78:9d:63:1b:16:f2:84:f5:94:00:a6:ec:b8:8c:f0:
2a:16:14:e8:13:97:7a:0f:fc:ba:14:1f:2e:97:be:ea:ac:55:
24:48:b6:a0:6a:fa:b0:69:6e:e5:55:33:dd:fc:ca:11:4a:2b:
1b:3a:00:a7:43:3c:ce:cb:b9:fa:8c:2d:1d:15:03:4c:2c:ed:
d9:58:56:e5:a0:71:23:73:6d:7f:49:0a:6f:75:7c:ac:14:13:
cf:a2:65:63:b8:06:26:2c:7f:f2:a9:69:c5:64:e4:a5:6b:49:
cd:0b:68:5a:b2:29:53:bf:fe:ad:cc:b3:4b:10:f4:ff:79:0b:
8a:c2:af:e9:4f:53:31:e2:5a:81:03:29:75:57:4c:a8:5a:b6:
b7:e0:12:97:4f:d3:49:e1:5c:c7:14:1a:8c:8f:22:93:0f:8b:
82:ca:57:42
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY4tQRtoC80Z5/pgyg8dxUlgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMzExMTEyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk0ZjI5ZGQyNzkzOGM5OTZhNTE1YmM2YzBjNThmZjEwYWQwNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuFC+BeD8EC0Pb3QVmsmqyCeHOzO
CKhkqjlBXDzagQxF+qCV/CuACCaEx74GdMhvwIJXrm/NueaT1TIEYfr71q8QJifd
svNKQmu2A3zN754jZJYMZW1Gesf03Cb+OCh4NgpbqBIwYAgyzIEarx17ezPrmABC
CZy0A5oj273RNpBx/HOhFMTX13sw2XqbTBm6oDLuIKrAZu1mqg2tKJzzcL+BWj7B
+6u/h3qKzYdoi2Q1ZU+7YrV9hO4oqs/I3u7+nT2g16BjlBVeaiw/+DLE/KzRMn52
WaGtC7jLS2f0A5dgUtqPglCNfHtzj/+IHHDQHeSfchPMLefa/zm46m0PvQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFG2U8p3SeTjJlqUVvGwMWP8QrQRtMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYlpUeW5kSjVPTW1XcFJXOGJBeFlfeEN0QkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowWaAwQB
owXAAwQAowXDMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBACRjQFfc
X0Gv9Yezsad05BdbBfxynO0nn/RNvBP3hoIxTDYjC29baBsgHd2SeB/sPDKbemPP
gvK8Vz8uxh0kwKlJA2ro8r1a4tXexy3kAWeVbty2CQXglDUH9E3uh3idYxsW8oT1
lACm7LiM8CoWFOgTl3oP/LoUHy6XvuqsVSRItqBq+rBpbuVVM938yhFKKxs6AKdD
PM7LufqMLR0VA0ws7dlYVuWgcSNzbX9JCm91fKwUE8+iZWO4BiYsf/KpacVk5KVr
Sc0LaFqyKVO//q3Ms0sQ9P95C4rCr+lPUzHiWoEDKXVXTKhatrfgEpdP00nhXMcU
GoyPIpMPi4LKV0I=
-----END CERTIFICATE-----
Generated at Tue Apr 9 18:16:47 2024 by rpki-client on console-ams.rpki-client.org