Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/k0bOcaDH-JgKoJABPw0gaI4eZuE.roa
File: k0bOcaDH-JgKoJABPw0gaI4eZuE.roa (raw, json)
Hash identifier: pOoIARvTFdkAoZMfLah38YIEZAw89A56/gcSwmR5BSg=
Subject key identifier: 93:46:CE:71:A0:C7:F8:98:0A:A0:90:01:3F:0D:20:68:8E:1E:66:E1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019325359A068DD5BA391A614A6150E4CE57
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/k0bOcaDH-JgKoJABPw0gaI4eZuE.roa
Signing time: Wed 13 Nov 2024 11:08:10 +0000
ROA not before: Wed 13 Nov 2024 11:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.41.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Dec 2024 17:15:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:35:9a:06:8d:d5:ba:39:1a:61:4a:61:50:e4:ce:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 13 11:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9346ce71a0c7f8980aa090013f0d20688e1e66e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:df:38:26:cd:b4:ea:78:00:8a:1b:40:4e:53:
c5:d2:10:f2:da:ab:e2:6f:fe:57:cd:1b:e3:8e:47:
bf:53:a4:94:52:d5:4b:d6:7b:55:58:f1:9d:a4:c3:
33:3a:55:3c:66:43:09:4d:a4:23:bd:d4:a8:4e:9d:
03:21:da:71:6d:52:98:2a:93:a3:bd:bb:53:8b:3e:
ab:6a:85:93:30:95:78:96:2c:a7:35:ce:16:b8:49:
7e:32:70:31:e4:6b:73:f1:22:93:bd:b3:78:db:ec:
49:25:ff:12:67:8b:a7:15:ae:a9:e7:a5:9e:00:5e:
ad:65:9b:e0:60:de:5c:11:79:fe:d4:88:4b:c1:e1:
5e:9e:dd:fc:82:07:0f:b9:23:46:fe:7c:a7:59:e1:
09:2e:18:ee:a4:eb:43:d6:4a:b8:40:ec:28:3c:f3:
8a:d4:64:08:56:c7:4b:3b:a1:67:29:40:a7:c1:86:
cf:de:7d:7a:44:ea:1d:d1:a0:77:fa:42:69:fd:e7:
f3:3e:ff:d9:e3:b5:fc:e6:65:03:1f:34:40:d0:4f:
da:c6:9b:aa:e8:29:e4:78:a8:e2:d2:7e:2c:f3:a1:
dc:62:22:e9:ea:ea:7e:4e:c1:d3:f2:4d:2b:a9:a3:
98:41:41:e2:29:b4:30:b0:34:e6:18:fa:97:49:0e:
8d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:46:CE:71:A0:C7:F8:98:0A:A0:90:01:3F:0D:20:68:8E:1E:66:E1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/k0bOcaDH-JgKoJABPw0gaI4eZuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.41.0/24
163.5.86.0/24
163.5.97.0/24
163.5.175.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:df:cc:7a:cf:f6:e7:fb:10:dc:22:78:ec:fe:12:fc:de:bc:
db:5b:a7:af:fb:3f:26:ba:fe:2f:dd:41:e8:fb:4d:96:f7:28:
de:dc:ef:1d:2e:1e:d6:28:89:78:7c:dd:5e:93:d5:83:4e:34:
95:44:e4:33:e1:c4:65:a0:d8:a3:62:d6:77:bf:b0:09:51:1b:
ef:10:81:1f:7a:67:1a:0d:f3:06:1a:9d:fd:04:c8:60:cc:cb:
c2:7c:c0:44:f4:b3:17:84:04:77:bc:82:9b:1e:cc:61:3e:21:
4f:ce:1c:f3:db:ba:83:69:21:07:14:70:96:fc:bf:32:8d:2f:
b5:12:da:1c:69:a1:8b:49:1f:1d:03:f2:b0:0b:f5:e6:5d:08:
60:38:4b:b4:ff:df:4b:fa:36:de:5f:0a:b0:d5:3d:98:66:bf:
74:cf:15:39:9e:03:d3:8b:b6:6d:2b:08:82:8a:be:80:60:5b:
b7:a8:4f:10:db:02:b7:50:86:8c:ce:24:0b:38:99:a1:8d:55:
96:c1:d9:33:55:c0:ad:f3:39:b7:3f:0f:57:f2:68:35:54:e0:
89:30:d6:65:c1:d5:d9:0b:ea:9b:1d:a0:c8:ae:70:8f:e5:7d:
4c:ed:24:05:47:71:79:44:cd:83:30:3b:50:75:d1:e3:3f:b9:
eb:aa:38:24
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZMlNZoGjdW6ORphSmFQ5M5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTEzMTEwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzQ2Y2U3MWEwYzdmODk4MGFhMDkwMDEzZjBkMjA2ODhlMWU2NmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk984Js206ngAihtATlPF0hDy2qvi
b/5XzRvjjke/U6SUUtVL1ntVWPGdpMMzOlU8ZkMJTaQjvdSoTp0DIdpxbVKYKpOj
vbtTiz6raoWTMJV4liynNc4WuEl+MnAx5Gtz8SKTvbN42+xJJf8SZ4unFa6p56We
AF6tZZvgYN5cEXn+1IhLweFent38ggcPuSNG/nynWeEJLhjupOtD1kq4QOwoPPOK
1GQIVsdLO6FnKUCnwYbP3n16ROod0aB3+kJp/efzPv/Z47X85mUDHzRA0E/axpuq
6CnkeKji0n4s86HcYiLp6up+TsHT8k0rqaOYQUHiKbQwsDTmGPqXSQ6N8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJNGznGgx/iYCqCQAT8NIGiOHmbhMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvazBiT2NhREgtSmdLb0pBQlB3MGdhSTRlWnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUpAwQA
owVWAwQAowVhAwQAowWvAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQCx38x6z/bn
+xDcInjs/hL83rzbW6ev+z8muv4v3UHo+02W9yje3O8dLh7WKIl4fN1ek9WDTjSV
ROQz4cRloNijYtZ3v7AJURvvEIEfemcaDfMGGp39BMhgzMvCfMBE9LMXhAR3vIKb
HsxhPiFPzhzz27qDaSEHFHCW/L8yjS+1EtocaaGLSR8dA/KwC/XmXQhgOEu0/99L
+jbeXwqw1T2YZr90zxU5ngPTi7ZtKwiCir6AYFu3qE8Q2wK3UIaMziQLOJmhjVWW
wdkzVcCt8zm3Pw9X8mg1VOCJMNZlwdXZC+qbHaDIrnCP5X1M7SQFR3F5RM2DMDtQ
ddHjP7nrqjgk
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:56:30 2025 by rpki-client