Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/doDiJ165hqzXAr4_fyX2xJu_deE.roa
File: doDiJ165hqzXAr4_fyX2xJu_deE.roa (raw, json)
Hash identifier: VnhxB4o0hLFl5v0BUA61g1X4D7ftVEx/cZSTfpWb8JY=
Subject key identifier: 76:80:E2:27:5E:B9:86:AC:D7:02:BE:3F:7F:25:F6:C4:9B:BF:75:E1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019054FBAFDA81915E715356F3E774B4C37F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/doDiJ165hqzXAr4_fyX2xJu_deE.roa
Signing time: Wed 26 Jun 2024 14:38:19 +0000
ROA not before: Wed 26 Jun 2024 14:38:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63023
IP address blocks: 163.5.53.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 07:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:54:fb:af:da:81:91:5e:71:53:56:f3:e7:74:b4:c3:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 26 14:38:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7680e2275eb986acd702be3f7f25f6c49bbf75e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:00:7c:35:43:59:4f:5c:0c:f7:8e:af:62:3a:
c4:9b:28:d1:f9:dc:31:b1:ac:91:96:fd:b6:76:81:
d9:06:42:8f:97:d0:03:87:b1:81:46:52:f5:dc:82:
33:4e:97:9e:c5:b6:1e:57:71:a5:77:d4:54:f8:13:
00:fc:32:ad:9c:5e:2d:80:80:8f:63:e5:28:cd:f7:
59:53:b5:05:9e:b5:63:07:f3:5f:9b:60:f4:db:02:
26:4a:86:8f:c6:85:98:0f:ed:19:a9:e2:d0:e3:bd:
36:46:77:e2:e3:cc:2c:37:62:d2:e4:04:eb:06:ca:
90:b6:6a:d7:45:77:84:45:0f:3a:ed:72:b7:02:37:
64:fa:e6:ee:d0:92:3b:8e:c9:fb:13:28:95:ba:3e:
38:6f:a9:cf:fa:cb:72:d4:aa:a2:c4:8a:bc:2b:e4:
b2:57:15:7b:82:8b:40:be:8c:22:cf:df:48:80:c8:
50:3a:57:82:8f:20:2e:d7:30:36:c1:1b:d1:1e:54:
e3:48:dd:45:3c:8c:ac:0f:99:50:26:a3:e5:78:21:
81:54:55:1f:5c:70:97:b3:25:c6:c7:11:c0:79:3b:
ec:a8:54:95:cb:ac:72:b0:ca:26:e5:8a:8a:cc:d2:
e9:48:0e:a0:0d:cb:ef:f9:21:84:c1:88:b5:bf:25:
c1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:80:E2:27:5E:B9:86:AC:D7:02:BE:3F:7F:25:F6:C4:9B:BF:75:E1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/doDiJ165hqzXAr4_fyX2xJu_deE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.53.0/24
163.5.79.0/24
163.5.161.0/24
163.5.219.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c2:74:27:96:79:2b:3b:c3:2e:c9:3e:8f:a9:e9:81:1f:11:
4b:9e:83:5f:3a:37:bd:b0:08:84:a6:bb:43:b5:de:de:e2:fa:
55:01:56:e1:46:b7:9b:71:c9:ff:cc:7e:9a:18:00:7f:fb:8f:
96:17:99:53:fe:e7:5f:8a:0e:59:8d:91:05:14:20:41:f6:58:
c7:db:51:e8:e6:b6:ea:dd:b6:ff:ec:2b:e1:6e:5c:09:9f:81:
90:0c:df:04:4b:81:cc:5c:ad:b3:a2:40:b2:c9:54:25:72:ac:
36:9e:dc:27:c0:33:9b:51:f5:12:42:f2:cd:4e:7f:9c:b6:a8:
a5:e1:9f:46:02:48:61:5e:20:cf:b5:05:38:ca:e5:09:80:01:
af:6d:9e:84:76:b6:77:bf:9d:0c:7c:73:2e:7e:7f:d5:10:13:
69:0f:e9:17:88:22:ae:6c:36:26:c6:3e:bc:ec:c0:63:7f:cc:
04:5c:0e:06:62:08:02:0e:81:30:56:07:00:28:30:e8:01:ce:
44:04:89:46:59:8a:89:30:c5:da:a9:4a:3c:2b:7a:ae:0e:d6:
07:b3:8a:ae:0f:d7:6d:69:c8:7e:f2:f7:6c:6f:c8:f7:16:30:
a0:9d:7c:1c:ee:a2:bf:64:11:c4:e0:f0:be:8c:28:ee:ce:27:
cd:8d:0b:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZBU+6/agZFecVNW8+d0tMN/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNjI2MTQzODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjgwZTIyNzVlYjk4NmFjZDcwMmJlM2Y3ZjI1ZjZjNDliYmY3NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgB8NUNZT1wM946vYjrEmyjR+dwx
sayRlv22doHZBkKPl9ADh7GBRlL13IIzTpeexbYeV3Gld9RU+BMA/DKtnF4tgICP
Y+UozfdZU7UFnrVjB/Nfm2D02wImSoaPxoWYD+0ZqeLQ4702Rnfi48wsN2LS5ATr
BsqQtmrXRXeERQ867XK3Ajdk+ubu0JI7jsn7EyiVuj44b6nP+sty1KqixIq8K+Sy
VxV7gotAvowiz99IgMhQOleCjyAu1zA2wRvRHlTjSN1FPIysD5lQJqPleCGBVFUf
XHCXsyXGxxHAeTvsqFSVy6xysMom5YqKzNLpSA6gDcvv+SGEwYi1vyXBxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHaA4ideuYas1wK+P38l9sSbv3XhMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZG9EaUoxNjVocXpYQXI0X2Z5WDJ4SnVfZGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowU1AwQA
owVPAwQAowWhAwQAowXbMA0GCSqGSIb3DQEBCwUAA4IBAQBmwnQnlnkrO8MuyT6P
qemBHxFLnoNfOje9sAiEprtDtd7e4vpVAVbhRrebccn/zH6aGAB/+4+WF5lT/udf
ig5ZjZEFFCBB9ljH21Ho5rbq3bb/7CvhblwJn4GQDN8ES4HMXK2zokCyyVQlcqw2
ntwnwDObUfUSQvLNTn+ctqil4Z9GAkhhXiDPtQU4yuUJgAGvbZ6EdrZ3v50MfHMu
fn/VEBNpD+kXiCKubDYmxj687MBjf8wEXA4GYggCDoEwVgcAKDDoAc5EBIlGWYqJ
MMXaqUo8K3quDtYHs4quD9dtach+8vdsb8j3FjCgnXwc7qK/ZBHE4PC+jCjuzifN
jQsr
-----END CERTIFICATE-----
Generated at Wed Nov 27 10:50:50 2024 by rpki-client on console-fra.rpki-client.org