Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hCigNcx1VZvo6exUbTAYpQvUFRI.roa
File: hCigNcx1VZvo6exUbTAYpQvUFRI.roa (raw, json)
Hash identifier: lVAMC+Vc4VD1woMaSOw5KFrfy5j0GH26oP0TdPzfbqg=
Subject key identifier: 84:28:A0:35:CC:75:55:9B:E8:E9:EC:54:6D:30:18:A5:0B:D4:15:12
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191FA890356F55BF4A6ACD2A019E202149D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hCigNcx1VZvo6exUbTAYpQvUFRI.roa
Signing time: Mon 16 Sep 2024 11:12:48 +0000
ROA not before: Mon 16 Sep 2024 11:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 163.5.56.0/24 maxlen: 24
163.5.82.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 08:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fa:89:03:56:f5:5b:f4:a6:ac:d2:a0:19:e2:02:14:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 16 11:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8428a035cc75559be8e9ec546d3018a50bd41512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c3:cb:41:5b:26:cf:c4:f7:11:2f:42:33:b4:
56:c2:e5:8b:93:4f:1e:fb:c0:56:96:bf:13:a3:60:
bb:1c:2d:6d:c5:c3:ba:68:c6:de:3a:6c:9e:68:1a:
f9:a6:93:31:94:f8:85:14:a6:3f:62:2e:6c:bd:d2:
6b:0c:8a:09:a2:61:67:0f:04:36:8e:64:42:e1:2a:
e4:cb:0a:eb:47:43:67:9b:4e:dd:19:07:7d:af:0e:
73:8e:63:ba:79:73:ee:fc:dc:c2:87:cf:8f:ac:4b:
92:cd:93:0d:85:66:7c:b5:59:34:e4:10:9d:fc:2a:
d6:61:48:81:89:51:63:88:19:f1:db:72:94:c3:7e:
b2:02:c1:fe:44:d7:30:c3:a1:b0:db:0e:5e:96:da:
07:57:55:3b:7c:63:74:f9:6b:19:64:e6:fe:0d:dc:
af:2a:7c:2e:59:48:10:59:b2:22:59:98:6a:fa:53:
48:59:4c:14:6c:92:4b:25:4b:a4:a0:eb:34:76:4d:
f6:d0:4e:20:81:63:9b:5b:f7:54:a4:7a:ea:90:b9:
22:81:4a:24:60:d0:08:20:57:cf:e7:ed:28:1d:04:
33:b9:1c:3d:58:54:72:52:07:53:fc:f9:fa:1a:15:
32:26:65:ba:f7:7d:23:7a:bc:99:49:49:f0:1c:69:
cb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:28:A0:35:CC:75:55:9B:E8:E9:EC:54:6D:30:18:A5:0B:D4:15:12
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hCigNcx1VZvo6exUbTAYpQvUFRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.56.0/24
163.5.82.0/24
163.5.99.0/24
163.5.127.0/24
163.5.140.0/24
163.5.202.0/24
Signature Algorithm: sha256WithRSAEncryption
18:7c:ab:ad:4c:36:d2:a8:c9:a9:4f:29:62:2e:b0:ce:b4:98:
b0:69:57:82:68:ad:33:76:9e:03:37:0c:36:20:3c:e1:52:ac:
b4:13:be:76:08:22:10:5a:e3:e6:97:08:f2:58:4d:f0:e8:0b:
89:ed:ce:18:bc:83:cf:5c:cd:04:ea:84:5c:9a:7c:f5:ef:93:
a5:ad:d3:a3:4d:00:40:2f:1c:e7:b4:bd:b0:dd:0b:00:68:10:
41:0d:f6:68:79:09:e6:8a:17:c3:f4:10:3c:7a:a1:92:96:e2:
14:78:16:38:33:17:f3:9d:d3:2d:3e:94:42:78:b5:e5:35:86:
7a:a7:aa:f6:44:26:92:d0:2f:dc:5d:d7:68:ed:b0:f1:b3:50:
9d:2f:2d:82:4d:ee:a9:05:27:5e:ff:68:39:16:cc:f0:d1:38:
32:48:e4:8c:0c:16:26:45:54:44:c6:d3:35:2b:de:6a:a3:1e:
70:f7:d8:31:a4:43:6c:14:b5:86:b1:fa:cf:dc:2d:ee:e1:73:
b1:f9:23:11:99:4d:e8:a8:78:b7:24:82:dc:d4:ff:cf:2b:f5:
e5:8d:58:68:00:a2:1c:ca:08:9d:39:65:c0:18:f9:3b:b7:08:
83:b4:a0:1a:c5:f8:86:bd:ec:3a:61:51:95:21:16:28:ff:75:
19:6b:0d:80
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZH6iQNW9Vv0pqzSoBniAhSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTE2MTExMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDI4YTAzNWNjNzU1NTliZThlOWVjNTQ2ZDMwMThhNTBiZDQxNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58PLQVsmz8T3ES9CM7RWwuWLk08e
+8BWlr8To2C7HC1txcO6aMbeOmyeaBr5ppMxlPiFFKY/Yi5svdJrDIoJomFnDwQ2
jmRC4SrkywrrR0Nnm07dGQd9rw5zjmO6eXPu/NzCh8+PrEuSzZMNhWZ8tVk05BCd
/CrWYUiBiVFjiBnx23KUw36yAsH+RNcww6Gw2w5eltoHV1U7fGN0+WsZZOb+Ddyv
KnwuWUgQWbIiWZhq+lNIWUwUbJJLJUukoOs0dk320E4ggWObW/dUpHrqkLkigUok
YNAIIFfP5+0oHQQzuRw9WFRyUgdT/Pn6GhUyJmW6930jeryZSUnwHGnL9wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIQooDXMdVWb6OnsVG0wGKUL1BUSMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaENpZ05jeDFWWnZvNmV4VWJUQVlwUXZVRlJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowU4AwQA
owVSAwQAowVjAwQAowV/AwQAowWMAwQAowXKMA0GCSqGSIb3DQEBCwUAA4IBAQAY
fKutTDbSqMmpTyliLrDOtJiwaVeCaK0zdp4DNww2IDzhUqy0E752CCIQWuPmlwjy
WE3w6AuJ7c4YvIPPXM0E6oRcmnz175OlrdOjTQBALxzntL2w3QsAaBBBDfZoeQnm
ihfD9BA8eqGSluIUeBY4MxfzndMtPpRCeLXlNYZ6p6r2RCaS0C/cXddo7bDxs1Cd
Ly2CTe6pBSde/2g5Fszw0TgySOSMDBYmRVRExtM1K95qox5w99gxpENsFLWGsfrP
3C3u4XOx+SMRmU3oqHi3JILc1P/PK/XljVhoAKIcygidOWXAGPk7twiDtKAaxfiG
vew6YVGVIRYo/3UZaw2A
-----END CERTIFICATE-----
Generated at Mon Sep 30 11:06:50 2024 by rpki-client on console-ams.rpki-client.org