Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/igVZcdW0EX8YSzrEjjRM9uYg0Wc.roa
File: igVZcdW0EX8YSzrEjjRM9uYg0Wc.roa (raw, json)
Hash identifier: DLLAJ3IZXR3s8CCTJIRlsVKRvYoM9VjPlXmfBwhlOIs=
Subject key identifier: 8A:05:59:71:D5:B4:11:7F:18:4B:3A:C4:8E:34:4C:F6:E6:20:D1:67
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018E4D0128A3809FBDC796B8135CCD328915
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/igVZcdW0EX8YSzrEjjRM9uYg0Wc.roa
Signing time: Sun 17 Mar 2024 15:21:45 +0000
ROA not before: Sun 17 Mar 2024 15:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 163.5.51.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.54.0/24 maxlen: 24
163.5.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 10:18:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4d:01:28:a3:80:9f:bd:c7:96:b8:13:5c:cd:32:89:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 17 15:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a055971d5b4117f184b3ac48e344cf6e620d167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6b:36:78:b7:96:f4:88:4c:36:e8:4c:25:cf:
43:66:5a:82:b1:63:61:ba:e8:22:6f:27:6f:94:84:
a0:83:9c:90:e4:ce:8d:b1:f1:b7:2c:de:c7:4b:23:
11:78:0a:29:fc:e2:2f:69:8c:46:8a:38:a6:89:8f:
32:ca:03:30:12:4a:15:79:d9:75:4c:b9:e1:da:60:
eb:ff:0b:2e:cb:5f:a1:37:34:d8:97:03:c9:99:a7:
21:33:8a:da:b4:ab:3e:3b:3f:be:d1:cf:51:7f:1e:
28:9b:ee:9e:14:ae:18:c7:43:41:3b:cd:57:33:34:
c6:89:41:c7:a6:bc:a6:5f:62:50:f8:20:62:cd:fa:
b6:63:24:a2:1e:d1:24:61:35:45:9b:fb:7b:de:59:
aa:a0:45:ae:01:96:b5:b7:03:90:c8:3c:fe:ef:cb:
fb:24:6c:fd:d9:f3:4c:92:b8:1e:38:4c:24:f7:8a:
a8:e2:48:3d:28:0b:b1:72:13:ed:db:02:ec:5c:56:
1b:cf:97:3d:73:1b:e5:57:73:ac:83:a6:ed:29:e5:
40:e0:85:72:7d:06:06:b4:6d:13:25:72:b9:c6:0f:
55:fd:80:b5:73:e2:80:0c:98:91:ca:44:a5:39:32:
20:f8:fd:12:db:b4:ed:14:45:5c:f0:fd:07:47:da:
46:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:05:59:71:D5:B4:11:7F:18:4B:3A:C4:8E:34:4C:F6:E6:20:D1:67
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/igVZcdW0EX8YSzrEjjRM9uYg0Wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.51.0/24
163.5.53.0-163.5.54.255
163.5.56.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:1e:f9:4f:f5:7e:75:f1:ff:56:07:c9:b1:1a:54:6c:ce:0a:
c9:fb:d3:0a:b0:cd:a0:3d:19:54:ef:32:5e:f6:9c:98:22:ad:
9a:8c:6d:5b:3d:46:08:a2:71:d7:97:60:0f:50:00:b6:6d:7d:
0e:34:2b:9d:76:83:37:4d:8b:14:1f:62:e3:2d:0e:8b:6e:d1:
f1:50:6b:0e:8f:2a:0a:26:1e:49:f7:5c:30:f1:fc:d7:fe:87:
22:1e:1e:0c:a6:73:16:d4:d6:3f:96:1f:05:f7:a7:90:11:68:
aa:4b:06:5a:5c:1d:53:7b:38:30:8c:35:fd:eb:78:87:a8:29:
e1:d5:49:c9:96:50:f1:f0:65:41:38:68:36:1e:87:82:a9:13:
0c:3b:59:79:85:7f:b5:69:3e:25:8d:26:96:da:20:de:5f:cf:
da:72:b9:dc:00:dd:4f:9b:4c:31:09:11:fb:49:14:dc:c6:82:
ad:dd:f9:e3:34:f8:ec:a4:8f:f2:66:43:0b:f5:c0:8b:1c:cd:
d7:9d:8b:64:86:d8:54:58:f3:8a:8a:b3:c5:47:96:d0:6b:61:
fe:da:2f:15:9f:d7:7f:30:9b:9a:0d:61:ff:5b:90:b7:d5:e0:
a6:3f:8b:3d:4e:aa:dd:9c:75:8a:bd:44:9e:87:3c:d2:f6:d1:
bb:cc:58:a9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY5NASijgJ+9x5a4E1zNMokVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMzE3MTUyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTA1NTk3MWQ1YjQxMTdmMTg0YjNhYzQ4ZTM0NGNmNmU2MjBkMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWs2eLeW9IhMNuhMJc9DZlqCsWNh
uugibydvlISgg5yQ5M6NsfG3LN7HSyMReAop/OIvaYxGijimiY8yygMwEkoVedl1
TLnh2mDr/wsuy1+hNzTYlwPJmachM4ratKs+Oz++0c9Rfx4om+6eFK4Yx0NBO81X
MzTGiUHHprymX2JQ+CBizfq2YySiHtEkYTVFm/t73lmqoEWuAZa1twOQyDz+78v7
JGz92fNMkrgeOEwk94qo4kg9KAuxchPt2wLsXFYbz5c9cxvlV3Osg6btKeVA4IVy
fQYGtG0TJXK5xg9V/YC1c+KADJiRykSlOTIg+P0S27TtFEVc8P0HR9pGsQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIoFWXHVtBF/GEs6xI40TPbmINFnMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaWdWWmNkVzBFWDhZU3pyRWpqUk05dVlnMFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAowUzMAwD
BACjBTUDBACjBTYDBACjBTgwDQYJKoZIhvcNAQELBQADggEBADse+U/1fnXx/1YH
ybEaVGzOCsn70wqwzaA9GVTvMl72nJgirZqMbVs9RgiicdeXYA9QALZtfQ40K512
gzdNixQfYuMtDotu0fFQaw6PKgomHkn3XDDx/Nf+hyIeHgymcxbU1j+WHwX3p5AR
aKpLBlpcHVN7ODCMNf3reIeoKeHVScmWUPHwZUE4aDYeh4KpEww7WXmFf7VpPiWN
JpbaIN5fz9pyudwA3U+bTDEJEftJFNzGgq3d+eM0+Oykj/JmQwv1wIsczdedi2SG
2FRY84qKs8VHltBrYf7aLxWf138wm5oNYf9bkLfV4KY/iz1Oqt2cdYq9RJ6HPNL2
0bvMWKk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org