Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iWVR046dVb25neK6b-wrkHXwuPY.roa
File: iWVR046dVb25neK6b-wrkHXwuPY.roa (raw, json)
Hash identifier: nQbmC9qrot7ULxCx1rfCmtEIw84WBEIGCfM4rJ+RBI0=
Subject key identifier: 89:65:51:D3:8E:9D:55:BD:B9:9D:E2:BA:6F:EC:2B:90:75:F0:B8:F6
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191C304E24DBE3B75A716278C668965A7D8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iWVR046dVb25neK6b-wrkHXwuPY.roa
Signing time: Thu 05 Sep 2024 16:29:22 +0000
ROA not before: Thu 05 Sep 2024 16:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.153.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 09:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:04:e2:4d:be:3b:75:a7:16:27:8c:66:89:65:a7:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 5 16:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=896551d38e9d55bdb99de2ba6fec2b9075f0b8f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:95:9e:6d:f5:0a:ff:b4:fe:71:ea:42:d7:f8:
0d:30:42:da:d7:2e:de:63:08:34:38:f1:21:d6:bc:
29:9e:d6:a6:8c:22:09:fe:4d:6c:21:60:d0:e4:3b:
0b:6f:fc:45:c7:9a:26:bd:6e:c1:8c:56:a3:d2:a6:
70:e8:08:cc:5f:bb:22:42:32:86:b6:d6:d3:80:4c:
c3:90:8e:6e:29:a2:40:cf:f4:05:29:f5:c7:1b:be:
ac:40:07:8e:09:ad:80:0c:44:b1:3d:86:a0:1b:f9:
e1:55:87:fa:75:0e:6b:16:3a:5f:66:23:18:06:4f:
d9:63:fb:ab:0d:5e:10:6e:b9:ac:6e:fe:2a:57:56:
05:6a:f7:d8:21:8f:e8:a1:29:64:b2:9b:0a:fb:83:
57:ed:13:b4:24:fd:7f:22:49:34:e3:ba:4a:90:25:
17:71:06:32:d2:a5:a2:b2:e4:32:44:23:6e:0a:14:
17:7b:ad:ae:0a:60:81:bd:1c:ce:7d:67:0b:55:d5:
f1:0d:13:7d:5d:15:c1:6f:08:11:21:88:0e:e5:8d:
ce:29:95:a9:93:eb:69:a3:f5:9c:fb:7e:77:a3:d4:
61:2a:78:f4:53:74:42:00:a8:70:18:92:0d:90:72:
52:1a:8d:4d:f0:0b:4c:4c:03:fc:f0:d2:9a:25:18:
f2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:65:51:D3:8E:9D:55:BD:B9:9D:E2:BA:6F:EC:2B:90:75:F0:B8:F6
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iWVR046dVb25neK6b-wrkHXwuPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.153.0-163.5.154.255
163.5.173.0/24
163.5.177.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:01:d4:81:16:3b:25:d4:98:aa:c8:89:f3:4a:d1:8e:bf:46:
c4:22:5e:6d:e4:e2:41:82:b3:10:6c:a7:50:f4:57:37:c1:73:
c1:d2:5e:e9:2f:1d:a3:28:f1:cb:44:0c:7b:b1:5a:d2:83:bd:
65:e5:94:be:4d:1a:33:de:62:10:97:3e:33:43:5a:1b:5e:b7:
70:ef:60:37:77:23:ee:3c:6a:5e:3f:72:22:1f:bd:dc:71:db:
79:c8:b8:93:3f:56:da:a6:c8:5f:70:e7:09:c4:04:04:e3:69:
54:e7:47:0c:e9:d6:cd:ba:af:c7:2b:4a:29:ef:7a:9c:09:87:
e5:1f:88:40:9b:8a:da:7b:14:2a:9c:bf:90:d5:9f:23:4f:bf:
21:92:8e:ff:17:ad:82:9b:77:69:11:7e:1d:5d:eb:11:eb:fc:
6d:f6:38:29:24:6d:7c:5a:bf:85:e5:64:b7:ba:1e:d7:0e:39:
a8:81:70:5a:51:79:70:40:5f:3b:e4:a7:14:d4:c2:d6:5b:49:
2f:f3:b4:9d:90:2c:de:3d:79:28:0d:70:b0:a9:84:e2:fc:e0:
4b:10:26:92:3d:54:f7:9b:df:57:7f:c2:ac:e7:63:64:66:09:
48:3e:7b:3d:fd:5d:06:22:6b:2c:be:b9:db:2f:9c:51:f0:fd:
c7:fa:68:74
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZHDBOJNvjt1pxYnjGaJZafYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTA1MTYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY1NTFkMzhlOWQ1NWJkYjk5ZGUyYmE2ZmVjMmI5MDc1ZjBiOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5WebfUK/7T+cepC1/gNMELa1y7e
Ywg0OPEh1rwpntamjCIJ/k1sIWDQ5DsLb/xFx5omvW7BjFaj0qZw6AjMX7siQjKG
ttbTgEzDkI5uKaJAz/QFKfXHG76sQAeOCa2ADESxPYagG/nhVYf6dQ5rFjpfZiMY
Bk/ZY/urDV4Qbrmsbv4qV1YFavfYIY/ooSlkspsK+4NX7RO0JP1/Ikk047pKkCUX
cQYy0qWisuQyRCNuChQXe62uCmCBvRzOfWcLVdXxDRN9XRXBbwgRIYgO5Y3OKZWp
k+tpo/Wc+353o9RhKnj0U3RCAKhwGJINkHJSGo1N8AtMTAP88NKaJRjySQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIllUdOOnVW9uZ3ium/sK5B18Lj2MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaVdWUjA0NmRWYjI1bmVLNmItd3JrSFh3dVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBACjBZkD
BACjBZoDBACjBa0DBACjBbEDBACjBfwwDQYJKoZIhvcNAQELBQADggEBAKEB1IEW
OyXUmKrIifNK0Y6/RsQiXm3k4kGCsxBsp1D0VzfBc8HSXukvHaMo8ctEDHuxWtKD
vWXllL5NGjPeYhCXPjNDWhtet3DvYDd3I+48al4/ciIfvdxx23nIuJM/VtqmyF9w
5wnEBATjaVTnRwzp1s26r8crSinvepwJh+UfiECbitp7FCqcv5DVnyNPvyGSjv8X
rYKbd2kRfh1d6xHr/G32OCkkbXxav4XlZLe6HtcOOaiBcFpReXBAXzvkpxTUwtZb
SS/ztJ2QLN49eSgNcLCphOL84EsQJpI9VPeb31d/wqznY2RmCUg+ez39XQYiayy+
udsvnFHw/cf6aHQ=
-----END CERTIFICATE-----
Generated at Mon Sep 23 14:19:12 2024 by rpki-client on console-ams.rpki-client.org