Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/e25uAvl2M4KPwGpo7v2EG8M09aQ.roa
File: e25uAvl2M4KPwGpo7v2EG8M09aQ.roa (raw, json)
Hash identifier: sGUuM8+obElz0z3qIHCzpwzq+B7HsDhBUg85BResAlw=
Subject key identifier: 7B:6E:6E:02:F9:76:33:82:8F:C0:6A:68:EE:FD:84:1B:C3:34:F5:A4
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188A07AA5DABFB0536972CA0BEC7E7A1C80
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/e25uAvl2M4KPwGpo7v2EG8M09aQ.roa
Signing time: Fri 09 Jun 2023 14:06:12 +0000
ROA not before: Fri 09 Jun 2023 14:06:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.105.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Jun 2023 21:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:7a:a5:da:bf:b0:53:69:72:ca:0b:ec:7e:7a:1c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 9 14:06:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b6e6e02f97633828fc06a68eefd841bc334f5a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:af:e7:32:c5:f4:fa:46:ff:ed:dc:52:e2:60:
7e:7d:20:da:4d:5f:da:fb:17:a1:66:99:9e:d1:eb:
09:c6:b0:dd:8a:43:98:80:b8:6a:a2:63:5d:37:19:
31:f0:5d:d4:e9:38:cd:b8:a9:76:a7:24:4a:af:e5:
46:cc:31:85:24:e3:d5:ec:f7:33:49:09:09:8c:6b:
a9:3e:4d:7d:21:1e:14:65:e7:b3:a3:67:90:a8:da:
73:aa:f5:75:b2:e3:81:a3:3c:d9:e8:09:15:27:33:
e6:8a:a9:38:ed:d7:c2:86:9b:d3:f9:dd:59:18:58:
e8:fe:8c:a6:6f:4e:d0:09:73:37:ae:8a:f6:f3:fe:
ed:93:28:ff:e3:3b:cf:84:e9:e5:5a:cf:17:ae:ce:
25:ab:78:5a:00:e8:c0:0c:c5:3f:57:3e:3d:44:89:
11:e3:32:5a:de:76:ee:e3:c9:fa:bd:b5:42:c0:76:
04:ee:b8:ab:85:2a:2e:e8:f0:e0:7c:f1:fc:d6:82:
a2:a1:6b:77:5d:13:ef:1d:40:f4:6f:5e:69:7f:d5:
08:6f:b8:67:62:1e:03:b9:7d:ed:aa:6d:a3:38:60:
84:8d:52:93:1e:f9:c6:53:39:b0:f5:68:1a:48:d1:
41:93:9c:55:18:42:49:8f:ad:70:3e:13:41:b7:81:
6a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:6E:6E:02:F9:76:33:82:8F:C0:6A:68:EE:FD:84:1B:C3:34:F5:A4
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/e25uAvl2M4KPwGpo7v2EG8M09aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.105.0-163.5.106.255
163.5.159.0/24
163.5.168.0/24
Signature Algorithm: sha256WithRSAEncryption
68:bb:42:cf:dc:08:5d:2a:29:a5:70:e8:11:fe:36:93:2c:09:
48:c4:7f:ea:cd:fb:60:69:76:c6:a4:bf:d6:27:52:a0:ed:5c:
f6:db:ab:3f:79:70:13:8c:64:78:12:e1:20:93:c1:b4:0e:07:
e5:f2:fc:33:08:c7:f0:14:7c:e8:45:a5:35:25:2b:b1:42:06:
f0:36:ed:6d:d3:f0:93:d3:15:7c:52:35:c2:00:f3:4c:c6:2c:
1f:1c:6a:4f:94:74:f5:5b:b2:10:11:f1:96:b4:53:e2:9b:4b:
ce:0c:69:00:94:ec:48:55:a2:23:6e:84:aa:f0:ca:4d:cf:e1:
37:18:d6:29:15:9c:17:74:83:82:92:f2:fc:47:72:a0:c8:3c:
53:86:d5:df:f7:fa:a3:b5:f8:c0:5b:6b:68:b3:c9:cf:1b:3d:
2a:9a:ae:8f:a0:fa:11:e5:fe:f4:7d:49:25:78:21:5e:28:43:
4e:36:d9:a3:11:76:21:8c:3f:3b:b7:51:ae:c6:c3:3b:e7:e5:
3a:8d:78:57:d9:17:3b:53:d0:f9:d3:18:9b:80:b1:e0:69:4b:
90:47:1d:60:08:3d:9b:13:04:a5:b7:01:c4:b3:79:bb:bf:d6:
20:99:98:e1:4a:9e:eb:54:1a:e6:76:ca:00:f3:a2:ba:58:25:
55:fa:b4:d9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYigeqXav7BTaXLKC+x+ehyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjA5MTQwNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjZlNmUwMmY5NzYzMzgyOGZjMDZhNjhlZWZkODQxYmMzMzRmNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6/nMsX0+kb/7dxS4mB+fSDaTV/a
+xehZpme0esJxrDdikOYgLhqomNdNxkx8F3U6TjNuKl2pyRKr+VGzDGFJOPV7Pcz
SQkJjGupPk19IR4UZeezo2eQqNpzqvV1suOBozzZ6AkVJzPmiqk47dfChpvT+d1Z
GFjo/oymb07QCXM3ror28/7tkyj/4zvPhOnlWs8Xrs4lq3haAOjADMU/Vz49RIkR
4zJa3nbu48n6vbVCwHYE7rirhSou6PDgfPH81oKioWt3XRPvHUD0b15pf9UIb7hn
Yh4DuX3tqm2jOGCEjVKTHvnGUzmw9WgaSNFBk5xVGEJJj61wPhNBt4Fq/QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHtubgL5djOCj8BqaO79hBvDNPWkMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZTI1dUF2bDJNNEtQd0dwbzd2MkVHOE0wOWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowUgMAwD
BACjBWkDBACjBWoDBACjBZ8DBACjBagwDQYJKoZIhvcNAQELBQADggEBAGi7Qs/c
CF0qKaVw6BH+NpMsCUjEf+rN+2Bpdsakv9YnUqDtXPbbqz95cBOMZHgS4SCTwbQO
B+Xy/DMIx/AUfOhFpTUlK7FCBvA27W3T8JPTFXxSNcIA80zGLB8cak+UdPVbshAR
8Za0U+KbS84MaQCU7EhVoiNuhKrwyk3P4TcY1ikVnBd0g4KS8vxHcqDIPFOG1d/3
+qO1+MBba2izyc8bPSqaro+g+hHl/vR9SSV4IV4oQ0422aMRdiGMPzu3Ua7Gwzvn
5TqNeFfZFztT0PnTGJuAseBpS5BHHWAIPZsTBKW3AcSzebu/1iCZmOFKnutUGuZ2
ygDzorpYJVX6tNk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org