Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kUXxN0LdIjDqHyQjeHbVAuEFt0o.roa
File: kUXxN0LdIjDqHyQjeHbVAuEFt0o.roa (raw, json)
Hash identifier: mHCQjos/6bUwS4AyKMzZupyhY0muS9ujA8CokTHb2qk=
Subject key identifier: 91:45:F1:37:42:DD:22:30:EA:1F:24:23:78:76:D5:02:E1:05:B7:4A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D98CFDC757F0445F8584523F28A8AD8A8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kUXxN0LdIjDqHyQjeHbVAuEFt0o.roa
Signing time: Sun 11 Feb 2024 15:36:15 +0000
ROA not before: Sun 11 Feb 2024 15:36:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 163.5.154.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 11:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:98:cf:dc:75:7f:04:45:f8:58:45:23:f2:8a:8a:d8:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 11 15:36:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9145f13742dd2230ea1f24237876d502e105b74a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6a:db:91:6c:5f:33:f1:16:ff:9e:d9:a3:a1:
69:5b:50:c7:15:4c:ef:f0:2a:b5:68:72:fe:92:93:
a0:ac:43:c4:7c:0b:39:9a:b1:25:81:d0:60:8d:1f:
83:94:10:69:04:a2:95:03:6e:52:f6:ae:36:26:02:
b9:41:3c:fc:e3:50:c1:10:3d:8e:07:75:6e:52:40:
51:db:06:36:60:99:fb:7c:d4:8d:3c:c9:36:8c:cc:
eb:1e:18:28:5c:ae:e8:22:5c:d6:5c:e9:89:bc:eb:
af:f5:93:f2:42:71:68:9d:13:3c:db:d6:d4:80:3e:
43:c9:38:ea:fb:8c:f4:4c:64:37:d4:8a:5d:7c:a8:
f1:26:85:20:58:fc:62:c8:e3:44:d9:36:56:09:57:
90:5c:0e:39:ac:10:9e:8c:50:6c:dc:f2:6b:41:df:
8d:48:d2:7c:42:fa:41:e7:3e:e7:31:50:f1:c2:4c:
e4:55:4f:13:5b:93:41:83:69:e5:51:9c:ee:19:64:
29:58:9e:bb:a9:45:f5:00:8d:6c:03:fd:b1:18:7e:
80:2a:52:f4:34:a6:a1:09:91:9c:a6:a7:00:10:22:
6a:9f:e0:51:8d:88:7e:35:78:61:2c:42:55:a3:c4:
e7:a0:47:2a:72:40:26:67:9c:0a:d3:2c:0f:b8:2a:
18:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:45:F1:37:42:DD:22:30:EA:1F:24:23:78:76:D5:02:E1:05:B7:4A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kUXxN0LdIjDqHyQjeHbVAuEFt0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.154.0/24
163.5.192.0/23
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
9b:a8:7a:84:2c:66:27:a3:df:fb:8e:25:c4:2a:93:13:09:e0:
5f:f3:56:67:ed:72:0e:f8:20:79:84:57:2a:f0:8e:57:5e:03:
0d:46:b4:e9:de:9e:59:0f:c2:38:60:e9:ae:53:54:df:33:17:
b8:45:3e:a2:a3:9a:e2:d0:87:c1:cb:35:eb:56:f4:12:21:f4:
94:a5:b3:00:b1:47:af:39:f5:49:ac:d6:fe:7f:98:89:c7:fe:
ae:f5:7a:5c:73:40:23:92:bc:94:26:ea:8a:cb:df:e5:ee:cd:
08:5b:42:e4:a4:f8:23:de:74:b9:34:0a:48:87:49:d8:b1:71:
2f:35:3d:62:89:91:21:89:9a:48:1f:99:70:6e:15:de:29:18:
58:f3:d4:31:da:5f:70:15:8c:d5:df:b2:74:ea:20:74:ab:75:
ac:28:c9:e7:2a:7f:3a:8e:cb:05:4c:1b:02:bc:c2:a5:84:86:
3f:c7:d4:5c:1d:17:df:cd:83:4d:cc:4e:5f:a8:2f:32:04:b9:
69:b4:32:8e:c1:1d:ad:7a:0b:e5:6f:99:3b:0a:01:d2:2f:cd:
7e:f0:9b:00:f0:5b:75:7d:ae:f9:ce:1f:d5:2e:e7:5d:84:c8:
4a:0c:fb:59:b1:4d:ee:71:6c:5c:19:7c:f6:40:78:45:90:64:
d3:78:90:41
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY2Yz9x1fwRF+FhFI/KKitioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjExMTUzNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTQ1ZjEzNzQyZGQyMjMwZWExZjI0MjM3ODc2ZDUwMmUxMDViNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmrbkWxfM/EW/57Zo6FpW1DHFUzv
8Cq1aHL+kpOgrEPEfAs5mrElgdBgjR+DlBBpBKKVA25S9q42JgK5QTz841DBED2O
B3VuUkBR2wY2YJn7fNSNPMk2jMzrHhgoXK7oIlzWXOmJvOuv9ZPyQnFonRM829bU
gD5DyTjq+4z0TGQ31IpdfKjxJoUgWPxiyONE2TZWCVeQXA45rBCejFBs3PJrQd+N
SNJ8QvpB5z7nMVDxwkzkVU8TW5NBg2nlUZzuGWQpWJ67qUX1AI1sA/2xGH6AKlL0
NKahCZGcpqcAECJqn+BRjYh+NXhhLEJVo8TnoEcqckAmZ5wK0ywPuCoYJQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJFF8TdC3SIw6h8kI3h21QLhBbdKMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva1VYeE4wTGRJakRxSHlRamVIYlZBdUVGdDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAowWaAwQB
owXAMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAJuoeoQsZiej3/uO
JcQqkxMJ4F/zVmftcg74IHmEVyrwjldeAw1GtOnenlkPwjhg6a5TVN8zF7hFPqKj
muLQh8HLNetW9BIh9JSlswCxR6859Ums1v5/mInH/q71elxzQCOSvJQm6orL3+Xu
zQhbQuSk+CPedLk0CkiHSdixcS81PWKJkSGJmkgfmXBuFd4pGFjz1DHaX3AVjNXf
snTqIHSrdawoyecqfzqOywVMGwK8wqWEhj/H1FwdF9/Ng03MTl+oLzIEuWm0Mo7B
Ha16C+VvmTsKAdIvzX7wmwDwW3V9rvnOH9Uu512EyEoM+1mxTe5xbFwZfPZAeEWQ
ZNN4kEE=
-----END CERTIFICATE-----
Generated at Mon Mar 11 14:52:25 2024 by rpki-client on console-fra.rpki-client.org