Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fMZGSuGccIw7e9sLRA6Bd0HMLQU.roa
File: fMZGSuGccIw7e9sLRA6Bd0HMLQU.roa (raw, json)
Hash identifier: J8cqQTV/CXue1x5SmxV3xgXLSJ/zE8VzWE0Xod+cnjA=
Subject key identifier: 7C:C6:46:4A:E1:9C:70:8C:3B:7B:DB:0B:44:0E:81:77:41:CC:2D:05
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018A374ABE0DB119BCCAC7C113A065FE5713
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fMZGSuGccIw7e9sLRA6Bd0HMLQU.roa
Signing time: Sun 27 Aug 2023 13:59:19 +0000
ROA not before: Sun 27 Aug 2023 13:59:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.202.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:37:4a:be:0d:b1:19:bc:ca:c7:c1:13:a0:65:fe:57:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 27 13:59:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cc6464ae19c708c3b7bdb0b440e817741cc2d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cf:1b:a1:f1:0d:29:9e:ad:ea:8e:7e:e8:fc:
02:96:0a:d5:4e:d8:2f:b4:d1:02:0b:a6:c9:7e:c1:
2e:69:0b:bb:2c:10:12:c0:31:e2:60:9c:46:fb:ac:
74:21:41:48:e9:79:4f:a1:8e:70:92:c2:91:39:a7:
96:88:8b:5f:c9:47:e9:21:93:08:af:1e:26:39:08:
84:02:13:62:12:b3:74:b7:47:18:54:d5:31:27:65:
b8:8a:23:c4:d4:07:0e:34:56:a8:67:ca:2a:03:b9:
ec:94:f7:38:83:e5:14:90:65:59:99:e8:30:32:95:
89:dc:0b:b8:68:6a:de:90:37:2b:78:30:1e:14:2c:
38:2f:2c:77:cd:87:a7:40:4a:d8:35:ce:bb:22:21:
67:8d:f1:04:07:c9:9f:c1:70:a8:a5:83:9c:12:9c:
18:ae:b0:b7:b9:fd:33:ab:92:ca:29:43:3c:d3:e7:
40:3d:7c:20:73:56:cb:ac:40:b1:a0:33:4c:12:a0:
22:5d:87:99:9e:33:96:1f:40:fd:81:d6:eb:90:9d:
4c:2c:c9:8c:5f:7c:c5:c0:c8:15:c2:49:39:70:7f:
e2:24:79:b1:e2:a3:25:22:9a:f9:6e:c2:6b:85:71:
af:b0:10:c9:8a:ef:31:56:9d:86:3f:21:22:92:f5:
19:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C6:46:4A:E1:9C:70:8C:3B:7B:DB:0B:44:0E:81:77:41:CC:2D:05
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fMZGSuGccIw7e9sLRA6Bd0HMLQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.62.0/24
163.5.99.0/24
163.5.202.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
74:9a:fe:b8:9f:8b:a4:c5:92:b9:df:88:e4:16:f3:ca:a4:9c:
cf:44:d2:1b:4e:9d:fd:35:c4:15:f7:d9:0c:08:be:3c:44:01:
53:ae:37:a1:37:46:df:72:b5:3b:a4:d4:30:21:a9:87:dd:7a:
60:32:50:df:5d:b6:1b:de:79:2a:4c:83:f1:1c:f7:16:62:94:
4e:91:35:02:d8:6d:49:3b:fa:d1:6c:63:63:30:12:44:de:98:
da:2a:4f:ec:5a:60:61:d5:59:74:d9:67:48:f2:3a:05:79:06:
6b:7c:21:ba:ed:3e:0d:1e:55:23:98:ad:1d:9a:67:61:8d:c6:
f9:91:30:84:9a:8c:7b:ae:57:67:ed:8d:76:13:57:9d:29:fc:
69:0c:1b:d7:e6:29:67:01:c1:3d:b2:f4:36:da:73:5b:55:fc:
2d:0c:b1:6f:07:2a:cc:0d:40:b9:22:88:d2:9d:be:4a:bd:ec:
f0:11:4c:b6:c5:23:d7:17:c9:0c:52:c5:ad:8d:c2:bf:0c:40:
bb:6e:41:44:26:a1:aa:1f:00:d9:c3:2d:53:38:34:e7:60:13:
85:dc:55:fe:37:78:b4:37:bf:c3:4f:37:84:b3:2a:bb:c2:d0:
a0:98:27:dd:6c:a6:09:28:d0:11:46:57:ce:c3:05:d4:46:06:
3b:ed:27:32
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYo3Sr4NsRm8ysfBE6Bl/lcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwODI3MTM1OTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M2NDY0YWUxOWM3MDhjM2I3YmRiMGI0NDBlODE3NzQxY2MyZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA088bofENKZ6t6o5+6PwClgrVTtgv
tNECC6bJfsEuaQu7LBASwDHiYJxG+6x0IUFI6XlPoY5wksKROaeWiItfyUfpIZMI
rx4mOQiEAhNiErN0t0cYVNUxJ2W4iiPE1AcONFaoZ8oqA7nslPc4g+UUkGVZmegw
MpWJ3Au4aGrekDcreDAeFCw4Lyx3zYenQErYNc67IiFnjfEEB8mfwXCopYOcEpwY
rrC3uf0zq5LKKUM80+dAPXwgc1bLrECxoDNMEqAiXYeZnjOWH0D9gdbrkJ1MLMmM
X3zFwMgVwkk5cH/iJHmx4qMlIpr5bsJrhXGvsBDJiu8xVp2GPyEikvUZxwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHzGRkrhnHCMO3vbC0QOgXdBzC0FMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZk1aR1N1R2NjSXc3ZTlzTFJBNkJkMEhNTFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowUfAwQA
owUjAwQAowU+AwQAowVjAwQAowXKAwQAowXdMA0GCSqGSIb3DQEBCwUAA4IBAQB0
mv64n4ukxZK534jkFvPKpJzPRNIbTp39NcQV99kMCL48RAFTrjehN0bfcrU7pNQw
IamH3XpgMlDfXbYb3nkqTIPxHPcWYpROkTUC2G1JO/rRbGNjMBJE3pjaKk/sWmBh
1Vl02WdI8joFeQZrfCG67T4NHlUjmK0dmmdhjcb5kTCEmox7rldn7Y12E1edKfxp
DBvX5ilnAcE9svQ22nNbVfwtDLFvByrMDUC5IojSnb5KvezwEUy2xSPXF8kMUsWt
jcK/DEC7bkFEJqGqHwDZwy1TODTnYBOF3FX+N3i0N7/DTzeEsyq7wtCgmCfdbKYJ
KNARRlfOwwXURgY77Scy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org