Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ixvrZ8M5DY6fq4W8O74V_vpgi7o.roa
File: ixvrZ8M5DY6fq4W8O74V_vpgi7o.roa (raw, json)
Hash identifier: w0H8GQlvShw5EfO5+t8wf6j4Whfb7jC9nwUuSMrK+ck=
Subject key identifier: 8B:1B:EB:67:C3:39:0D:8E:9F:AB:85:BC:3B:BE:15:FE:FA:60:8B:BA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018E4CFE69583B85AD7160CC7D6F843BF5E2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ixvrZ8M5DY6fq4W8O74V_vpgi7o.roa
Signing time: Sun 17 Mar 2024 15:18:45 +0000
ROA not before: Sun 17 Mar 2024 15:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 163.5.99.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 12:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4c:fe:69:58:3b:85:ad:71:60:cc:7d:6f:84:3b:f5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 17 15:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b1beb67c3390d8e9fab85bc3bbe15fefa608bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:88:72:b0:02:8f:25:ea:e6:84:23:d9:58:44:
a8:05:d0:c5:e2:13:0c:8a:5c:12:52:83:a1:d7:e9:
20:54:bf:b3:32:27:bd:48:25:ec:15:11:57:d1:9c:
a2:c7:31:e3:1b:5a:ed:d7:bf:75:bf:7a:ff:fe:fd:
10:33:3f:62:05:b6:5e:f2:99:87:9f:55:39:60:1d:
42:5a:b9:65:50:aa:03:0c:29:34:ff:e2:0e:4c:1b:
c0:c5:a1:59:11:77:14:7c:67:5a:06:3b:1d:18:78:
3e:79:cf:7c:65:97:ae:78:1e:36:8f:36:bc:87:17:
e5:22:b2:de:74:45:80:5c:a0:5c:92:11:6d:4c:cb:
7e:af:11:fa:f6:a8:df:49:17:92:61:41:d7:ed:7e:
93:1b:80:b1:82:75:66:b9:29:53:ef:ac:78:21:60:
1e:f0:3c:ea:91:3c:45:c4:a5:fc:7c:76:41:de:69:
00:d6:01:bb:77:68:9f:9c:4a:88:2e:74:b1:4d:a8:
15:50:44:91:e2:ea:4f:fe:57:dd:86:7d:17:7f:51:
3d:e5:30:4f:a6:e4:79:e0:c0:ca:46:d3:e5:84:de:
38:d2:c3:c8:e1:a3:fa:ae:59:2b:f4:90:f9:6e:76:
9a:ea:ef:d3:54:a4:d4:85:72:02:28:d9:a5:02:ce:
89:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:1B:EB:67:C3:39:0D:8E:9F:AB:85:BC:3B:BE:15:FE:FA:60:8B:BA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ixvrZ8M5DY6fq4W8O74V_vpgi7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.99.0/24
163.5.127.0/24
163.5.202.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
25:d3:43:ac:0a:88:f8:bc:f0:fa:a8:47:23:ed:1b:00:f9:6d:
b7:b6:ca:c2:ce:6a:2d:75:59:d6:96:16:21:c2:0c:9b:b9:63:
27:01:1e:7a:54:10:03:37:2a:88:06:d1:a6:77:d6:86:83:2f:
c0:b5:a7:3b:d0:11:ea:33:20:0a:48:98:ce:e8:3e:32:f6:51:
e0:37:a8:ae:f5:e7:f5:61:ca:4b:45:22:bd:80:0f:cb:f9:52:
24:d4:65:66:e8:36:a1:31:ac:ef:77:a6:61:a0:ea:8a:e2:bf:
b0:e5:ed:16:c0:79:ad:a0:00:60:fd:1c:76:9e:bd:fb:0e:a6:
f5:2b:f3:68:33:97:94:8a:6f:e0:21:30:e1:9c:29:0b:d4:59:
a9:9f:6e:ef:7a:c0:c4:55:73:f3:93:e5:fb:e8:b1:5e:42:e5:
20:53:44:5d:75:0b:fb:a3:bf:a9:ce:58:0a:cb:80:a8:c4:30:
8a:1a:8e:69:1f:ea:d5:58:9d:0a:c7:fd:a9:d0:00:73:78:de:
7b:7a:0d:40:89:23:55:5d:ba:8a:d6:f3:24:1b:f8:fd:37:35:
fd:86:50:08:e2:46:fc:46:54:75:a8:aa:b5:74:15:a9:d4:eb:
4a:cb:7e:ec:74:41:62:e6:f7:83:cd:52:53:38:19:83:30:98:
80:34:02:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5M/mlYO4WtcWDMfW+EO/XiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMzE3MTUxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjFiZWI2N2MzMzkwZDhlOWZhYjg1YmMzYmJlMTVmZWZhNjA4YmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YhysAKPJermhCPZWESoBdDF4hMM
ilwSUoOh1+kgVL+zMie9SCXsFRFX0ZyixzHjG1rt1791v3r//v0QMz9iBbZe8pmH
n1U5YB1CWrllUKoDDCk0/+IOTBvAxaFZEXcUfGdaBjsdGHg+ec98ZZeueB42jza8
hxflIrLedEWAXKBckhFtTMt+rxH69qjfSReSYUHX7X6TG4CxgnVmuSlT76x4IWAe
8DzqkTxFxKX8fHZB3mkA1gG7d2ifnEqILnSxTagVUESR4upP/lfdhn0Xf1E95TBP
puR54MDKRtPlhN440sPI4aP6rlkr9JD5bnaa6u/TVKTUhXICKNmlAs6JwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIsb62fDOQ2On6uFvDu+Ff76YIu6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaXh2clo4TTVEWTZmcTRXOE83NFZfdnBnaTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVjAwQA
owV/AwQAowXKAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQAl00OsCoj4vPD6qEcj
7RsA+W23tsrCzmotdVnWlhYhwgybuWMnAR56VBADNyqIBtGmd9aGgy/Atac70BHq
MyAKSJjO6D4y9lHgN6iu9ef1YcpLRSK9gA/L+VIk1GVm6DahMazvd6ZhoOqK4r+w
5e0WwHmtoABg/Rx2nr37Dqb1K/NoM5eUim/gITDhnCkL1Fmpn27vesDEVXPzk+X7
6LFeQuUgU0RddQv7o7+pzlgKy4CoxDCKGo5pH+rVWJ0Kx/2p0ABzeN57eg1AiSNV
XbqK1vMkG/j9NzX9hlAI4kb8RlR1qKq1dBWp1OtKy37sdEFi5veDzVJTOBmDMJiA
NAIc
-----END CERTIFICATE-----
Generated at Tue Apr 9 15:26:10 2024 by rpki-client on console-ams.rpki-client.org