Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ghs7Hmhhac-Ck4TPp1hhw3U3dy4.roa
File: ghs7Hmhhac-Ck4TPp1hhw3U3dy4.roa (raw, json)
Hash identifier: j9TOpwLgYgMT2ZMseCuwIM92vK1CSo1wpdyJp8cuzeI=
Subject key identifier: 82:1B:3B:1E:68:61:69:CF:82:93:84:CF:A7:58:61:C3:75:37:77:2E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042CD1FE3B27E216752978A324401A8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ghs7Hmhhac-Ck4TPp1hhw3U3dy4.roa
Signing time: Mon 02 Jan 2023 02:15:04 +0000
ROA not before: Mon 02 Jan 2023 02:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 163.5.215.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jan 2023 10:31:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:cd:1f:e3:b2:7e:21:67:52:97:8a:32:44:01:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=821b3b1e686169cf829384cfa75861c37537772e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:99:d2:68:d7:19:06:22:b5:f4:ee:ff:5d:83:
d8:0c:31:ee:98:9e:60:e3:6c:5e:06:60:23:0f:d5:
a5:2d:ca:b3:84:6f:23:0d:d5:82:03:71:63:cb:10:
7d:86:52:07:d6:46:67:60:e3:44:b9:f3:25:1f:d9:
1a:58:21:3b:6b:e3:55:a7:0f:51:25:26:b1:e0:2a:
64:70:cc:89:45:12:af:93:6e:68:b0:b7:35:59:17:
f3:d3:6b:50:3a:ce:61:86:fc:b8:6f:e9:6f:67:da:
a8:d7:e8:0b:a8:6c:27:b5:91:9e:a6:88:87:06:e1:
00:be:f6:63:d2:62:b0:ad:fc:8d:a4:c9:38:20:33:
c5:c2:7c:4c:99:3e:20:1e:b3:96:7a:30:81:a3:59:
ca:ad:e8:ee:8e:11:70:3a:a8:b1:88:1e:3e:08:6f:
9f:26:7c:ef:88:bd:67:13:47:48:5e:7f:38:f1:f9:
c3:22:b5:e1:19:81:62:df:50:4d:e4:10:89:13:65:
51:97:0c:b5:6f:3e:fa:1b:4d:a0:6e:e7:b4:9a:91:
fd:d7:3e:3b:d5:18:c0:91:95:aa:fd:95:47:4f:f0:
0a:94:68:66:72:c2:db:63:0d:ae:c0:0a:8d:ee:ec:
62:bd:ef:a6:56:c2:41:ac:59:32:43:d1:77:bf:47:
d1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1B:3B:1E:68:61:69:CF:82:93:84:CF:A7:58:61:C3:75:37:77:2E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ghs7Hmhhac-Ck4TPp1hhw3U3dy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.106.0/24
163.5.118.0/23
163.5.121.0/24
163.5.159.0/24
163.5.215.0/24
163.5.225.0/24
163.5.229.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:3f:cf:a1:b2:45:01:91:51:f0:26:65:03:bd:eb:b2:be:df:
d3:d4:90:4f:a8:4e:ec:62:4e:9d:3f:a5:16:79:6a:ce:46:e1:
3e:6a:6c:53:14:00:ab:7d:b7:11:aa:44:ff:70:e2:8a:3c:9a:
0e:81:cc:5a:5f:9e:fc:85:0f:25:be:4f:c4:27:a1:ad:b8:8b:
32:2d:bc:85:32:9b:21:d3:52:80:ee:af:76:60:d3:74:86:e0:
bc:9e:c8:69:61:16:cd:67:22:fd:7b:47:6d:83:c8:fd:dc:17:
7a:3e:74:8e:4d:6d:5f:21:a6:f7:7a:2a:f2:8e:ab:27:42:2d:
d5:97:c1:15:90:02:9f:f5:c0:f6:9a:17:9d:7b:e0:60:cc:2f:
20:2e:41:ff:9a:90:b9:cc:1d:54:a7:44:4c:ed:1c:77:22:00:
69:3f:62:7e:5a:7e:5e:a3:08:63:16:69:54:96:b8:39:ad:ab:
87:0d:9c:3f:81:8e:f5:8b:52:90:bc:d1:ed:fd:d1:56:b6:3a:
5f:56:d4:f1:39:9e:f8:2e:0c:ae:85:bc:8f:b3:c4:d5:30:30:
34:51:53:bd:07:2a:f1:5a:36:6e:05:7f:02:11:c7:37:f2:7c:
45:25:00:a1:3e:73:cb:da:0a:99:69:12:eb:ca:20:4d:b2:b7:
28:f2:1b:3b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVwQs0f47J+IWdSl4oyRAGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFiM2IxZTY4NjE2OWNmODI5Mzg0Y2ZhNzU4NjFjMzc1Mzc3NzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJnSaNcZBiK19O7/XYPYDDHumJ5g
42xeBmAjD9WlLcqzhG8jDdWCA3FjyxB9hlIH1kZnYONEufMlH9kaWCE7a+NVpw9R
JSax4CpkcMyJRRKvk25osLc1WRfz02tQOs5hhvy4b+lvZ9qo1+gLqGwntZGepoiH
BuEAvvZj0mKwrfyNpMk4IDPFwnxMmT4gHrOWejCBo1nKrejujhFwOqixiB4+CG+f
JnzviL1nE0dIXn848fnDIrXhGYFi31BN5BCJE2VRlwy1bz76G02gbue0mpH91z47
1RjAkZWq/ZVHT/AKlGhmcsLbYw2uwAqN7uxive+mVsJBrFkyQ9F3v0fRxwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIIbOx5oYWnPgpOEz6dYYcN1N3cuMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZ2hzN0htaGhhYy1DazRUUHAxaGh3M1UzZHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowVqAwQB
owV2AwQAowV5AwQAowWfAwQAowXXAwQAowXhAwQAowXlMA0GCSqGSIb3DQEBCwUA
A4IBAQCpP8+hskUBkVHwJmUDveuyvt/T1JBPqE7sYk6dP6UWeWrORuE+amxTFACr
fbcRqkT/cOKKPJoOgcxaX578hQ8lvk/EJ6GtuIsyLbyFMpsh01KA7q92YNN0huC8
nshpYRbNZyL9e0dtg8j93Bd6PnSOTW1fIab3eiryjqsnQi3Vl8EVkAKf9cD2mhed
e+BgzC8gLkH/mpC5zB1Up0RM7Rx3IgBpP2J+Wn5eowhjFmlUlrg5rauHDZw/gY71
i1KQvNHt/dFWtjpfVtTxOZ74LgyuhbyPs8TVMDA0UVO9ByrxWjZuBX8CEcc38nxF
JQChPnPL2gqZaRLryiBNsrco8hs7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org