Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iEcTm6w3ZV0oNcDJvzPkD5WCdbQ.roa
File: iEcTm6w3ZV0oNcDJvzPkD5WCdbQ.roa (raw, json)
Hash identifier: riEmHShv/ia01hOre7WDHWZn7PPORO2s9slQl3c4+IU=
Subject key identifier: 88:47:13:9B:AC:37:65:5D:28:35:C0:C9:BF:33:E4:0F:95:82:75:B4
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194DAF21AF310DB3DE7169EC898EF28AEC1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iEcTm6w3ZV0oNcDJvzPkD5WCdbQ.roa
Signing time: Thu 06 Feb 2025 11:08:07 +0000
ROA not before: Thu 06 Feb 2025 11:08:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47741
IP address blocks: 163.5.92.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 18:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:da:f2:1a:f3:10:db:3d:e7:16:9e:c8:98:ef:28:ae:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 6 11:08:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8847139bac37655d2835c0c9bf33e40f958275b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:13:ea:bc:32:27:2b:42:2a:c2:43:d5:ce:9b:
8d:fd:36:ff:94:32:79:ac:6e:95:8e:7e:de:5c:58:
cd:4c:b3:ac:ec:ad:db:04:a4:36:35:80:87:5f:c0:
52:47:74:3a:17:0b:dc:3b:4e:5a:ef:cf:bd:64:4d:
27:ed:6c:91:38:70:91:13:11:0b:21:0f:0c:49:d6:
ba:a1:9f:73:ab:ee:68:46:51:46:1f:42:97:9b:81:
2a:27:17:43:81:09:2d:3b:3d:70:00:94:2d:00:a3:
64:ba:64:fe:44:40:df:70:24:36:85:21:01:d2:52:
21:83:23:de:3e:b1:07:5b:11:f6:ad:9e:32:59:7f:
d2:d3:d0:f0:28:1f:fc:32:34:8b:2a:a2:7d:67:dd:
21:67:08:0a:74:40:b2:2a:45:b8:81:0e:4d:06:cf:
d4:82:bc:90:29:14:68:37:a6:64:1c:29:38:99:02:
57:93:20:77:60:e8:73:d6:a7:36:d1:e1:92:54:47:
3a:2d:97:ec:a7:b5:05:c7:c0:ca:5e:12:6d:46:fe:
d5:88:4c:2c:0e:d7:96:97:94:88:fd:c9:88:f2:cf:
e6:2a:75:8b:9e:12:1e:a2:31:de:c1:55:91:0e:1d:
57:c1:d4:13:41:e6:92:99:14:ea:ad:ed:e8:5e:a5:
9f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:47:13:9B:AC:37:65:5D:28:35:C0:C9:BF:33:E4:0F:95:82:75:B4
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iEcTm6w3ZV0oNcDJvzPkD5WCdbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.92.0/24
163.5.233.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
85:c2:5e:24:2c:3c:f3:48:f3:0a:ce:f3:04:cb:76:ed:0b:52:
3d:28:7e:12:af:2c:50:03:39:4b:a0:55:9c:6b:f2:33:78:d7:
5d:80:ff:6d:23:bf:49:76:0c:97:71:40:3b:ee:47:42:f9:1b:
76:59:1e:ed:5f:d8:a3:0e:71:75:a6:a7:95:39:f7:5c:43:66:
b3:8b:80:48:13:21:b1:98:3b:e9:13:37:e8:a4:d8:99:e7:1c:
24:d0:ec:2a:7e:27:10:35:08:24:04:1a:90:b6:77:47:50:fe:
b7:26:29:22:93:64:6c:ca:44:a9:b2:b6:4d:e5:54:58:20:3e:
0b:e0:49:4a:48:31:a0:47:9e:f9:4f:10:3e:53:54:d2:80:e4:
6e:ff:65:73:c2:c8:b2:b0:eb:2d:9b:e5:14:d6:81:c4:34:01:
21:3d:a8:2d:b3:4a:ca:c7:3e:cf:9c:17:11:f9:99:36:d1:ea:
05:f5:38:3b:ba:45:00:67:a7:bd:dd:aa:55:dc:b6:74:a1:09:
36:a0:7d:1f:a6:4e:4f:50:b0:d4:bc:c6:23:e0:91:8b:b2:7b:
80:72:7e:67:c5:e7:09:9e:3f:10:95:90:59:eb:5c:8e:1c:6a:
c1:c5:52:bb:f4:3a:30:71:a7:32:d4:f2:99:68:c4:1f:9e:c0:
c6:2b:d5:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTa8hrzENs95xaeyJjvKK7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMjA2MTEwODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODQ3MTM5YmFjMzc2NTVkMjgzNWMwYzliZjMzZTQwZjk1ODI3NWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxPqvDInK0IqwkPVzpuN/Tb/lDJ5
rG6Vjn7eXFjNTLOs7K3bBKQ2NYCHX8BSR3Q6FwvcO05a78+9ZE0n7WyROHCRExEL
IQ8MSda6oZ9zq+5oRlFGH0KXm4EqJxdDgQktOz1wAJQtAKNkumT+REDfcCQ2hSEB
0lIhgyPePrEHWxH2rZ4yWX/S09DwKB/8MjSLKqJ9Z90hZwgKdECyKkW4gQ5NBs/U
gryQKRRoN6ZkHCk4mQJXkyB3YOhz1qc20eGSVEc6LZfsp7UFx8DKXhJtRv7ViEws
DteWl5SI/cmI8s/mKnWLnhIeojHewVWRDh1XwdQTQeaSmRTqre3oXqWf5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIhHE5usN2VdKDXAyb8z5A+VgnW0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaUVjVG02dzNaVjBvTmNESnZ6UGtENVdDZGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowVcAwQA
owXpAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQCFwl4kLDzzSPMKzvMEy3btC1I9
KH4SryxQAzlLoFWca/IzeNddgP9tI79JdgyXcUA77kdC+Rt2WR7tX9ijDnF1pqeV
OfdcQ2azi4BIEyGxmDvpEzfopNiZ5xwk0OwqficQNQgkBBqQtndHUP63Jikik2Rs
ykSpsrZN5VRYID4L4ElKSDGgR575TxA+U1TSgORu/2VzwsiysOstm+UU1oHENAEh
Pagts0rKxz7PnBcR+Zk20eoF9Tg7ukUAZ6e93apV3LZ0oQk2oH0fpk5PULDUvMYj
4JGLsnuAcn5nxecJnj8QlZBZ61yOHGrBxVK79Dowcacy1PKZaMQfnsDGK9UP
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:52:48 2025 by rpki-client