Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fewYn1LSdjDFnpCAdUJXVOZLtOo.roa
File: fewYn1LSdjDFnpCAdUJXVOZLtOo.roa (raw, json)
Hash identifier: ltmgfPiTJN6QLxRvJgMnaFbt31CqmKtLaUQGiQvH0vs=
Subject key identifier: 7D:EC:18:9F:52:D2:76:30:C5:9E:90:80:75:42:57:54:E6:4B:B4:EA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01916C48996D78015EF52B0A7697994F8EDA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fewYn1LSdjDFnpCAdUJXVOZLtOo.roa
Signing time: Mon 19 Aug 2024 20:16:22 +0000
ROA not before: Mon 19 Aug 2024 20:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 163.5.34.0/24 maxlen: 24
163.5.58.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 13:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6c:48:99:6d:78:01:5e:f5:2b:0a:76:97:99:4f:8e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 19 20:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dec189f52d27630c59e908075425754e64bb4ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:12:30:ff:8a:89:5f:5d:dc:d4:e8:be:aa:bb:
70:31:94:be:73:c4:ed:76:b5:01:bb:23:78:cb:fd:
2b:5d:75:5f:b1:cc:c8:c2:dc:e9:52:19:10:3c:81:
0f:a0:6d:91:bf:23:8b:28:2a:cc:15:14:e1:b7:ae:
57:71:e5:c2:83:bf:02:01:9b:af:96:43:1c:1a:50:
49:d1:44:90:e5:10:1d:02:ef:71:a8:22:1e:f1:d4:
47:d9:e4:11:7a:2f:69:ac:1b:6d:29:92:f3:87:3d:
a0:cd:1a:8f:44:34:60:4b:b1:c8:e8:c1:f9:15:f1:
7c:60:b0:58:00:e6:14:60:a8:97:ce:c5:53:f0:c8:
3d:9c:48:b6:35:7a:17:57:ba:65:c7:c5:b9:ab:de:
44:ca:3a:2d:52:6f:16:2d:15:65:25:16:d5:d5:4e:
b4:e4:16:4a:2b:0d:ce:a2:f8:4d:44:04:1d:d7:5c:
c9:67:75:3d:78:39:08:07:11:08:a8:1a:55:94:4b:
5d:3d:23:da:19:68:3a:20:0e:27:97:b2:0f:80:56:
03:cd:f1:3f:ac:98:59:02:89:9b:08:54:5d:09:03:
13:60:92:48:df:be:b9:85:52:f1:ec:3d:4d:c4:83:
9c:5c:6d:a5:57:52:ce:c8:73:1c:9c:f0:9b:d9:f5:
26:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:EC:18:9F:52:D2:76:30:C5:9E:90:80:75:42:57:54:E6:4B:B4:EA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fewYn1LSdjDFnpCAdUJXVOZLtOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.58.0/24
163.5.211.0/24
163.5.245.0/24
163.5.247.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:6b:c7:62:ac:c5:b6:f2:e0:7d:67:25:69:40:21:d9:a5:52:
0d:f9:76:0b:20:70:61:0e:cc:1f:83:ad:2c:dd:58:3b:73:29:
a3:90:9a:86:98:17:a7:d9:8e:38:e3:86:0b:2a:8b:fc:6b:0c:
c9:57:b0:dd:b6:1b:63:09:36:01:44:43:88:75:9d:3f:b7:c6:
99:b4:7e:a1:a8:8b:56:ca:65:76:d3:02:c0:69:b3:ba:9e:36:
a7:68:e3:60:e5:1d:87:f8:95:2d:4a:03:37:c3:ae:11:55:53:
61:9b:1d:a7:a6:8e:50:44:7d:5d:4d:ca:b6:e9:ef:4c:b7:34:
aa:61:5b:10:02:41:cd:25:78:cb:e8:33:35:5b:68:cc:f9:ab:
93:a0:f0:6e:f5:2b:c2:9c:66:fb:46:81:db:96:a4:f8:35:7f:
9d:d8:44:06:67:97:4f:fa:d8:f9:d6:80:a3:b2:bb:e0:e7:73:
bc:3b:79:f1:25:09:b4:c9:59:65:b8:aa:51:c9:1c:43:17:cb:
27:02:5f:e5:c7:76:51:74:a5:f2:2c:8e:15:4c:cb:44:fa:1c:
91:66:53:4d:0d:8c:ca:2c:3f:c3:3c:39:cf:59:20:64:48:04:
d2:ec:20:0b:55:2e:57:69:6d:b1:1c:9d:13:0c:09:52:01:31:
02:70:be:3a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFsSJlteAFe9SsKdpeZT47aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwODE5MjAxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGVjMTg5ZjUyZDI3NjMwYzU5ZTkwODA3NTQyNTc1NGU2NGJiNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBIw/4qJX13c1Oi+qrtwMZS+c8Tt
drUBuyN4y/0rXXVfsczIwtzpUhkQPIEPoG2RvyOLKCrMFRTht65XceXCg78CAZuv
lkMcGlBJ0USQ5RAdAu9xqCIe8dRH2eQRei9prBttKZLzhz2gzRqPRDRgS7HI6MH5
FfF8YLBYAOYUYKiXzsVT8Mg9nEi2NXoXV7plx8W5q95EyjotUm8WLRVlJRbV1U60
5BZKKw3OovhNRAQd11zJZ3U9eDkIBxEIqBpVlEtdPSPaGWg6IA4nl7IPgFYDzfE/
rJhZAombCFRdCQMTYJJI3765hVLx7D1NxIOcXG2lV1LOyHMcnPCb2fUmOwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH3sGJ9S0nYwxZ6QgHVCV1TmS7TqMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZmV3WW4xTFNkakRGbnBDQWRVSlhWT1pMdE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUiAwQA
owU6AwQAowXTAwQAowX1AwQAowX3MA0GCSqGSIb3DQEBCwUAA4IBAQB7a8dirMW2
8uB9ZyVpQCHZpVIN+XYLIHBhDswfg60s3Vg7cymjkJqGmBen2Y4444YLKov8awzJ
V7DdthtjCTYBREOIdZ0/t8aZtH6hqItWymV20wLAabO6njanaONg5R2H+JUtSgM3
w64RVVNhmx2npo5QRH1dTcq26e9MtzSqYVsQAkHNJXjL6DM1W2jM+auToPBu9SvC
nGb7RoHblqT4NX+d2EQGZ5dP+tj51oCjsrvg53O8O3nxJQm0yVlluKpRyRxDF8sn
Al/lx3ZRdKXyLI4VTMtE+hyRZlNNDYzKLD/DPDnPWSBkSATS7CALVS5XaW2xHJ0T
DAlSATECcL46
-----END CERTIFICATE-----
Generated at Wed Aug 28 17:23:42 2024 by rpki-client on console-ams.rpki-client.org