Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ihdp7u3FKFjoJvJugIP2idcYKqQ.roa
File: ihdp7u3FKFjoJvJugIP2idcYKqQ.roa (raw, json)
Hash identifier: cXnuRXTVu3sqlugD5Z2s0Y+iAoMy/qPs+FZR5slmGOo=
Subject key identifier: 8A:17:69:EE:ED:C5:28:58:E8:26:F2:6E:80:83:F6:89:D7:18:2A:A4
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018F9C648690BD7B30114CC0D9195AB773E6
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ihdp7u3FKFjoJvJugIP2idcYKqQ.roa
Signing time: Tue 21 May 2024 18:23:04 +0000
ROA not before: Tue 21 May 2024 18:23:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 163.5.134.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 08:56:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9c:64:86:90:bd:7b:30:11:4c:c0:d9:19:5a:b7:73:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 21 18:23:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a1769eeedc52858e826f26e8083f689d7182aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bf:b1:8a:d9:21:b0:18:36:fa:d3:11:b1:77:
ad:0a:e2:cc:9a:92:e4:24:3c:9d:fa:cc:30:e3:bc:
36:57:2f:37:c2:7e:30:09:53:ec:40:12:d0:18:e1:
6d:ec:54:a3:bb:b3:53:c6:89:ca:ce:68:88:9d:e4:
e3:a4:28:92:d3:5a:64:d9:35:c0:13:7b:ae:7e:ef:
95:56:f5:ce:a0:4f:f1:04:41:fc:5d:bb:f0:d0:bf:
94:9c:94:69:c2:a2:2c:45:1e:a7:43:29:19:88:f2:
cd:ca:b2:29:58:0b:c6:83:05:c3:d6:ca:34:e3:d8:
e9:27:72:c1:0f:29:d3:0c:bd:9e:12:cd:1d:db:d5:
9f:fe:ca:c3:68:23:d1:cd:d5:fe:e6:36:48:94:36:
ba:a9:93:a0:d8:43:48:9b:70:07:32:0d:52:13:b5:
d4:c1:db:9e:8f:78:57:e5:9f:b7:ec:5e:c4:47:96:
51:d9:7e:17:9b:80:af:9a:39:71:9b:29:c4:ae:ac:
ff:8b:b3:35:ef:f2:86:6f:11:20:9a:0a:c3:51:6d:
9b:46:20:79:88:4b:cf:d9:ae:ba:0e:59:72:b0:6a:
ed:c7:4a:92:f1:11:01:ad:e8:1e:5e:85:c2:7b:27:
50:c4:4e:d5:45:0e:dc:e4:af:f7:64:a9:cc:8c:b1:
9f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:17:69:EE:ED:C5:28:58:E8:26:F2:6E:80:83:F6:89:D7:18:2A:A4
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ihdp7u3FKFjoJvJugIP2idcYKqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.134.0/24
163.5.154.0/24
163.5.163.0/24
Signature Algorithm: sha256WithRSAEncryption
11:97:fb:b8:d2:1c:6a:55:da:36:f0:36:35:3b:5a:7b:2e:14:
6f:16:34:09:3a:fb:2f:6f:fd:6f:96:da:d2:70:d1:5a:f6:d6:
c6:d3:f8:02:d5:f5:b5:03:5f:5f:f9:26:3c:34:27:20:f7:bc:
14:71:87:91:41:ea:9f:38:ef:ab:bb:18:66:c9:9f:42:17:eb:
ca:f4:fc:a2:e6:b0:4d:0d:16:cb:3f:ca:e1:6b:06:cb:2d:e0:
87:ae:42:f7:36:73:77:11:2f:d6:00:f0:90:3e:00:9b:ed:4f:
89:62:9c:ad:d9:95:61:b9:a4:ad:89:fc:4a:b9:26:3c:3b:06:
4c:09:0a:24:9d:66:ed:c9:eb:85:6b:78:69:eb:f6:8b:09:19:
4d:b2:f2:d2:25:af:d0:00:bb:06:93:dc:6f:0a:cd:40:50:30:
37:63:3a:8d:dd:54:62:99:c9:2e:3d:f6:2e:21:73:51:25:ea:
26:16:bc:e5:26:20:6e:20:29:25:81:dd:45:c9:d8:31:03:fb:
c5:13:0f:29:6f:a0:7e:b5:fb:03:d9:4e:76:00:17:fc:b0:fb:
d3:d3:1c:12:13:57:fd:eb:b3:d3:e8:2a:cd:01:ab:ee:b2:ee:
6a:5e:eb:9a:0f:05:ab:08:48:8c:f6:98:20:bf:2a:f9:b2:37:
61:25:51:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+cZIaQvXswEUzA2Rlat3PmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTIxMTgyMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE3NjllZWVkYzUyODU4ZTgyNmYyNmU4MDgzZjY4OWQ3MTgyYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7+xitkhsBg2+tMRsXetCuLMmpLk
JDyd+sww47w2Vy83wn4wCVPsQBLQGOFt7FSju7NTxonKzmiIneTjpCiS01pk2TXA
E3uufu+VVvXOoE/xBEH8Xbvw0L+UnJRpwqIsRR6nQykZiPLNyrIpWAvGgwXD1so0
49jpJ3LBDynTDL2eEs0d29Wf/srDaCPRzdX+5jZIlDa6qZOg2ENIm3AHMg1SE7XU
wduej3hX5Z+37F7ER5ZR2X4Xm4CvmjlxmynErqz/i7M17/KGbxEgmgrDUW2bRiB5
iEvP2a66DllysGrtx0qS8REBregeXoXCeydQxE7VRQ7c5K/3ZKnMjLGfRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIoXae7txShY6CbyboCD9onXGCqkMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaWhkcDd1M0ZLRmpvSnZKdWdJUDJpZGNZS3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWGAwQA
owWaAwQAowWjMA0GCSqGSIb3DQEBCwUAA4IBAQARl/u40hxqVdo28DY1O1p7LhRv
FjQJOvsvb/1vltrScNFa9tbG0/gC1fW1A19f+SY8NCcg97wUcYeRQeqfOO+ruxhm
yZ9CF+vK9Pyi5rBNDRbLP8rhawbLLeCHrkL3NnN3ES/WAPCQPgCb7U+JYpyt2ZVh
uaStifxKuSY8OwZMCQoknWbtyeuFa3hp6/aLCRlNsvLSJa/QALsGk9xvCs1AUDA3
YzqN3VRimckuPfYuIXNRJeomFrzlJiBuICklgd1FydgxA/vFEw8pb6B+tfsD2U52
ABf8sPvT0xwSE1f967PT6CrNAavusu5qXuuaDwWrCEiM9pggvyr5sjdhJVGJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org