Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/frYachwMzLrqgCckZdcV1lLakGg.roa
File: frYachwMzLrqgCckZdcV1lLakGg.roa (raw, json)
Hash identifier: n2YlE5iEVRp3HHjmYcFNqFTdQGWU7tZqp3VHwFv5uH4=
Subject key identifier: 7E:B6:1A:72:1C:0C:CC:BA:EA:80:27:24:65:D7:15:D6:52:DA:90:68
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191173303D66FF4381E18774F8C5473D186
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/frYachwMzLrqgCckZdcV1lLakGg.roa
Signing time: Sat 03 Aug 2024 07:45:04 +0000
ROA not before: Sat 03 Aug 2024 07:45:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 163.5.29.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 20:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:33:03:d6:6f:f4:38:1e:18:77:4f:8c:54:73:d1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 3 07:45:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7eb61a721c0cccbaea80272465d715d652da9068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d5:cb:4b:f2:c9:f2:e8:65:1e:6d:a8:44:d3:
cd:af:f5:5a:17:0f:51:c2:cb:0b:2d:29:7c:c2:36:
cd:96:dd:07:f3:e3:bf:e4:c5:73:d1:4f:e5:ac:f2:
9a:eb:9a:7d:b6:77:c1:0e:6a:e7:3d:68:ad:48:d1:
9e:ac:cd:9b:ef:a4:70:3d:f6:82:de:19:ce:a6:dd:
9a:42:ab:f1:8b:98:53:75:2b:52:8f:49:74:51:84:
0d:c2:5b:29:b6:1b:29:02:4a:ae:16:e4:a3:c7:eb:
18:f0:b4:27:40:59:49:59:13:dc:38:cc:eb:a9:8f:
3b:04:a1:45:db:f1:b2:c1:d9:ba:f7:71:ee:b4:f8:
6b:75:f3:c5:e9:86:e7:31:46:41:64:44:31:ea:37:
76:3a:fe:01:4b:ad:75:82:bc:fc:88:35:f1:3b:0b:
4b:21:d5:36:c3:93:60:dd:c9:b2:bf:f8:0a:38:a6:
1a:b3:86:0f:14:28:c7:eb:b4:71:f2:cc:16:c0:8c:
a2:ef:78:52:53:04:39:a4:d9:1d:6d:5c:c1:a2:94:
66:40:ea:a2:9a:3a:cd:37:ca:84:f3:dc:65:4d:e0:
e6:4c:23:b2:18:79:ad:25:d6:c7:35:34:f9:e2:ba:
31:b7:41:d3:b0:10:60:06:0a:04:50:91:34:6b:c8:
ea:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B6:1A:72:1C:0C:CC:BA:EA:80:27:24:65:D7:15:D6:52:DA:90:68
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/frYachwMzLrqgCckZdcV1lLakGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.29.0/24
163.5.158.0/24
163.5.200.0/24
163.5.206.0/24
Signature Algorithm: sha256WithRSAEncryption
19:da:84:35:77:f3:5c:98:08:90:8b:63:f3:db:6b:0b:8d:9e:
c4:15:4a:d4:a3:93:cd:27:f6:42:3c:5b:44:d2:47:f0:9f:6f:
c7:ad:6e:81:0b:f1:95:40:26:13:a6:c2:fb:16:2e:32:66:0b:
08:f5:d2:90:20:43:dd:98:98:48:72:37:f5:44:97:1c:d6:65:
3e:ce:9b:0c:54:63:5d:9e:a8:f6:3f:61:4c:7a:e5:96:25:44:
8d:89:2c:eb:4a:03:50:3b:b0:cc:f3:94:4f:6d:5b:c2:9e:79:
45:ae:6f:ce:71:c4:be:5c:a3:11:ad:50:13:47:01:cf:b2:5d:
58:13:ea:ff:2a:3d:01:1a:b9:f4:ef:ae:d7:2c:61:f1:0b:72:
9f:8d:78:69:59:db:34:35:10:f3:e4:8e:f1:aa:21:a8:7f:06:
6a:84:67:7f:a0:4d:ae:13:b4:31:7a:f0:bd:84:70:f4:54:03:
87:cc:d1:1d:ca:9e:6e:84:0e:71:94:f9:e3:bf:d8:9a:eb:ba:
51:8e:3b:a0:e5:c6:4d:5a:48:f4:b5:6e:15:6a:57:74:46:7d:
9f:59:42:f3:1c:a4:e0:98:03:b4:1f:c8:e1:07:a8:01:ec:b5:
38:6a:f0:0b:92:37:ce:10:45:9e:98:33:36:ba:85:eb:3f:7f:
06:95:9d:60
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZEXMwPWb/Q4Hhh3T4xUc9GGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwODAzMDc0NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWI2MWE3MjFjMGNjY2JhZWE4MDI3MjQ2NWQ3MTVkNjUyZGE5MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudXLS/LJ8uhlHm2oRNPNr/VaFw9R
wssLLSl8wjbNlt0H8+O/5MVz0U/lrPKa65p9tnfBDmrnPWitSNGerM2b76RwPfaC
3hnOpt2aQqvxi5hTdStSj0l0UYQNwlspthspAkquFuSjx+sY8LQnQFlJWRPcOMzr
qY87BKFF2/Gywdm693HutPhrdfPF6YbnMUZBZEQx6jd2Ov4BS611grz8iDXxOwtL
IdU2w5Ng3cmyv/gKOKYas4YPFCjH67Rx8swWwIyi73hSUwQ5pNkdbVzBopRmQOqi
mjrNN8qE89xlTeDmTCOyGHmtJdbHNTT54roxt0HTsBBgBgoEUJE0a8jqEQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH62GnIcDMy66oAnJGXXFdZS2pBoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZnJZYWNod016THJxZ0Nja1pkY1YxbExha0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUdAwQA
owWeAwQAowXIAwQAowXOMA0GCSqGSIb3DQEBCwUAA4IBAQAZ2oQ1d/NcmAiQi2Pz
22sLjZ7EFUrUo5PNJ/ZCPFtE0kfwn2/HrW6BC/GVQCYTpsL7Fi4yZgsI9dKQIEPd
mJhIcjf1RJcc1mU+zpsMVGNdnqj2P2FMeuWWJUSNiSzrSgNQO7DM85RPbVvCnnlF
rm/OccS+XKMRrVATRwHPsl1YE+r/Kj0BGrn0767XLGHxC3KfjXhpWds0NRDz5I7x
qiGofwZqhGd/oE2uE7QxevC9hHD0VAOHzNEdyp5uhA5xlPnjv9ia67pRjjug5cZN
Wkj0tW4Vald0Rn2fWULzHKTgmAO0H8jhB6gB7LU4avALkjfOEEWemDM2uoXrP38G
lZ1g
-----END CERTIFICATE-----
Generated at Mon Aug 26 21:46:39 2024 by rpki-client on console-fra.rpki-client.org