Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kFHO3hjl-ClFNV0O7-WRyaIV_cE.roa
File: kFHO3hjl-ClFNV0O7-WRyaIV_cE.roa (raw, json)
Hash identifier: hzh39HTaiJzr3xCI5TkuTloj3ReVgcxfgq2bKMtndgs=
Subject key identifier: 90:51:CE:DE:18:E5:F8:29:45:35:5D:0E:EF:E5:91:C9:A2:15:FD:C1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0192487BD99D467D7C9484838136A0249764
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kFHO3hjl-ClFNV0O7-WRyaIV_cE.roa
Signing time: Tue 01 Oct 2024 14:28:49 +0000
ROA not before: Tue 01 Oct 2024 14:28:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 163.5.61.0/24 maxlen: 24
163.5.91.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.239.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 16:57:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:48:7b:d9:9d:46:7d:7c:94:84:83:81:36:a0:24:97:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 1 14:28:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9051cede18e5f82945355d0eefe591c9a215fdc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:90:16:3f:1b:2b:e6:b7:0e:80:63:48:aa:94:
6e:a7:72:80:50:25:03:f2:b1:58:b2:e6:10:e1:4b:
cf:0e:ba:ad:41:35:99:74:31:77:ec:fb:45:38:26:
f5:16:13:34:e5:33:b5:3f:48:77:bf:18:fb:79:91:
f8:1a:43:57:fd:6f:5b:d3:c3:88:a2:74:50:89:1e:
79:63:10:fb:77:22:12:21:6f:96:96:d4:2d:e5:47:
73:3c:f3:7a:d4:7f:da:1f:cf:30:6d:fd:1f:f5:2a:
50:dd:19:11:04:58:d3:dc:0d:7f:20:28:60:7a:c2:
6f:6b:b0:3a:47:18:b3:6a:7b:7d:bd:a3:05:ca:b9:
58:db:a4:40:8c:6d:7e:0e:bb:94:6f:a6:dd:94:24:
c3:cc:00:ac:94:a4:e7:8a:12:e5:db:ba:d1:a5:d7:
c9:7e:a4:8a:a1:0b:2c:2d:d9:dc:0f:fd:b7:15:6a:
44:19:22:9d:5b:a6:47:01:77:9c:d7:e5:03:a6:48:
3b:b7:23:41:2b:f8:75:7a:cd:b4:18:f6:90:bc:03:
f1:29:c4:4e:b6:84:f6:5d:d5:3d:30:c4:df:09:ff:
31:34:b7:33:fc:de:c0:df:cc:21:3e:57:d7:49:35:
94:17:a7:35:02:4b:3d:f1:fe:f0:77:2f:6c:02:e7:
4b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:51:CE:DE:18:E5:F8:29:45:35:5D:0E:EF:E5:91:C9:A2:15:FD:C1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kFHO3hjl-ClFNV0O7-WRyaIV_cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.61.0/24
163.5.91.0/24
163.5.140.0/24
163.5.239.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
02:f2:80:04:51:12:02:37:4c:74:5e:b9:87:51:db:ed:89:75:
09:ff:6d:dc:18:e1:c9:2d:71:8b:bd:75:62:b9:b3:79:81:81:
f1:09:fa:70:b5:fb:b5:db:d8:e6:c9:b2:79:06:55:3c:b5:9f:
bf:a6:5d:d4:51:56:07:23:ea:13:01:83:1c:45:24:8b:43:15:
c0:96:2f:e1:70:86:d3:78:f1:e2:31:82:47:91:bb:ff:11:e2:
52:35:ec:a7:c0:d9:31:09:63:71:ec:c5:c2:7b:e1:35:6b:9b:
4f:de:37:58:4f:a0:69:c5:a2:37:84:e8:32:85:fd:43:c6:c3:
c4:f3:c6:36:ff:4f:a8:df:c4:19:11:6d:cb:94:9d:7f:16:31:
07:42:c5:28:3e:42:de:2d:38:dd:be:5a:3d:16:31:59:7a:20:
96:1c:46:f5:f9:e7:19:9f:25:2d:82:1a:92:7e:a1:1c:da:1a:
10:87:bf:37:fd:01:01:7e:4f:7a:94:b9:d7:d9:c7:96:c4:46:
d4:83:fc:73:e6:79:d1:f9:6b:07:3d:73:cd:bd:f0:f3:83:a8:
23:7a:72:4a:2e:ec:50:ec:33:0f:24:7a:fa:c5:a0:47:42:ba:
75:be:8d:f0:72:f3:ba:6d:ca:54:c4:e0:b9:a9:97:fd:c4:59:
95:b6:e8:53
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJIe9mdRn18lISDgTagJJdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMDAxMTQyODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDUxY2VkZTE4ZTVmODI5NDUzNTVkMGVlZmU1OTFjOWEyMTVmZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJAWPxsr5rcOgGNIqpRup3KAUCUD
8rFYsuYQ4UvPDrqtQTWZdDF37PtFOCb1FhM05TO1P0h3vxj7eZH4GkNX/W9b08OI
onRQiR55YxD7dyISIW+WltQt5UdzPPN61H/aH88wbf0f9SpQ3RkRBFjT3A1/IChg
esJva7A6Rxizant9vaMFyrlY26RAjG1+DruUb6bdlCTDzACslKTnihLl27rRpdfJ
fqSKoQssLdncD/23FWpEGSKdW6ZHAXec1+UDpkg7tyNBK/h1es20GPaQvAPxKcRO
toT2XdU9MMTfCf8xNLcz/N7A38whPlfXSTWUF6c1Aks98f7wdy9sAudLIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJBRzt4Y5fgpRTVdDu/lkcmiFf3BMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva0ZITzNoamwtQ2xGTlYwTzctV1J5YUlWX2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowU9AwQA
owVbAwQAowWMAwQAowXvAwQAowX/MA0GCSqGSIb3DQEBCwUAA4IBAQAC8oAEURIC
N0x0XrmHUdvtiXUJ/23cGOHJLXGLvXViubN5gYHxCfpwtfu129jmybJ5BlU8tZ+/
pl3UUVYHI+oTAYMcRSSLQxXAli/hcIbTePHiMYJHkbv/EeJSNeynwNkxCWNx7MXC
e+E1a5tP3jdYT6BpxaI3hOgyhf1DxsPE88Y2/0+o38QZEW3LlJ1/FjEHQsUoPkLe
LTjdvlo9FjFZeiCWHEb1+ecZnyUtghqSfqEc2hoQh783/QEBfk96lLnX2ceWxEbU
g/xz5nnR+WsHPXPNvfDzg6gjenJKLuxQ7DMPJHr6xaBHQrp1vo3wcvO6bcpUxOC5
qZf9xFmVtuhT
-----END CERTIFICATE-----
Generated at Wed Oct 30 18:13:43 2024 by rpki-client on console-fra.rpki-client.org