Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kjOFxRH18KntA3Lc4rbdQPxL5es.roa
File: kjOFxRH18KntA3Lc4rbdQPxL5es.roa (raw, json)
Hash identifier: 89+gB7/jAsjbPG7ANXPxZ1b1Zoyx+PPMCs/A1sNe+gk=
Subject key identifier: 92:33:85:C5:11:F5:F0:A9:ED:03:72:DC:E2:B6:DD:40:FC:4B:E5:EB
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018F254AFEC5344B61B1C0EF7869BCA71F38
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kjOFxRH18KntA3Lc4rbdQPxL5es.roa
Signing time: Sun 28 Apr 2024 15:20:22 +0000
ROA not before: Sun 28 Apr 2024 15:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 163.5.82.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 May 2024 19:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:25:4a:fe:c5:34:4b:61:b1:c0:ef:78:69:bc:a7:1f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 28 15:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=923385c511f5f0a9ed0372dce2b6dd40fc4be5eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4a:bc:a6:ab:3a:cb:56:8b:75:20:da:01:4c:
fb:cd:ca:ca:dd:18:06:f3:fe:97:52:a8:d4:74:1e:
53:c5:0f:94:c0:9f:df:1f:f6:8a:fb:b6:9e:62:5a:
9e:a0:c0:45:35:5b:07:7a:f1:c8:bc:55:89:36:b2:
67:5d:5f:ef:ef:3f:8d:1e:f9:58:7e:07:3f:fe:c8:
50:1c:e1:be:8d:f8:18:e4:5f:1b:f8:26:b4:0b:1c:
04:dc:50:c1:5d:96:6f:38:01:36:5e:16:18:bc:0f:
bb:63:b3:6f:56:96:f3:5f:2a:45:4b:4c:6c:cc:94:
59:63:e9:6c:17:0c:c0:64:60:e7:ce:35:3d:51:f1:
8d:67:29:94:9a:09:61:b5:1f:cf:da:a8:33:5d:3b:
db:37:9f:f7:82:14:29:77:a7:91:5f:6f:c0:5d:99:
74:88:f7:12:e1:4d:a8:62:47:6f:2c:f5:d6:d8:5b:
67:af:9e:b8:2c:23:15:cd:ca:96:31:f9:6b:c7:98:
f3:85:14:73:ea:d8:ff:24:54:87:31:f1:1f:57:9b:
fc:8c:19:2e:79:e3:77:ea:9b:8b:1e:3b:df:57:68:
24:88:6c:d3:6b:19:48:17:6b:51:d9:74:09:14:3c:
19:f9:03:ac:70:18:53:52:d1:e7:8c:53:c9:7c:f7:
71:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:33:85:C5:11:F5:F0:A9:ED:03:72:DC:E2:B6:DD:40:FC:4B:E5:EB
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kjOFxRH18KntA3Lc4rbdQPxL5es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.82.0/24
163.5.99.0/24
163.5.127.0/24
163.5.140.0/24
163.5.202.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:91:d8:e7:7d:01:6f:df:c3:5e:d5:27:c3:8e:63:e2:f5:16:
e0:bf:a9:2f:76:50:7c:09:20:0d:52:fa:7b:30:15:4c:31:85:
a0:dd:d1:d7:42:1d:39:10:8f:7e:fa:11:36:86:41:4a:83:a4:
47:46:f2:1e:83:38:c3:a3:5e:f2:ce:ec:21:e8:a6:66:8a:9e:
70:5d:22:56:27:53:b7:63:4c:d7:24:d8:2f:13:21:78:4e:6b:
fd:cf:a5:f9:9c:da:a2:d7:cc:d7:63:96:4e:18:74:b4:f6:5d:
d8:d6:e1:e0:3b:dc:14:c2:3b:45:3b:16:71:a6:75:25:cc:08:
90:8d:f7:db:39:94:21:54:72:56:b3:c9:63:4e:90:24:1c:40:
76:75:3a:72:6d:d0:eb:92:7b:ec:2a:56:96:ab:82:1c:85:b2:
e5:54:61:94:7e:d6:0d:f0:e3:2e:59:f6:dc:95:75:c7:c1:67:
e2:d9:aa:cc:49:d4:3b:89:5e:3d:46:1c:fb:a6:17:38:8c:bd:
c9:5a:f7:88:18:69:dd:86:bd:ee:09:24:7e:10:27:a5:7e:3b:
e9:03:5b:fc:f7:bf:7a:99:6a:e7:aa:8d:8a:a0:2d:6f:4c:d5:
21:8f:5a:bb:3b:99:94:49:88:a5:0b:8f:59:93:a8:3f:5a:28:
f4:52:e1:66
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY8lSv7FNEthscDveGm8px84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDI4MTUyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjMzODVjNTExZjVmMGE5ZWQwMzcyZGNlMmI2ZGQ0MGZjNGJlNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEq8pqs6y1aLdSDaAUz7zcrK3RgG
8/6XUqjUdB5TxQ+UwJ/fH/aK+7aeYlqeoMBFNVsHevHIvFWJNrJnXV/v7z+NHvlY
fgc//shQHOG+jfgY5F8b+Ca0CxwE3FDBXZZvOAE2XhYYvA+7Y7NvVpbzXypFS0xs
zJRZY+lsFwzAZGDnzjU9UfGNZymUmglhtR/P2qgzXTvbN5/3ghQpd6eRX2/AXZl0
iPcS4U2oYkdvLPXW2Ftnr564LCMVzcqWMflrx5jzhRRz6tj/JFSHMfEfV5v8jBku
eeN36puLHjvfV2gkiGzTaxlIF2tR2XQJFDwZ+QOscBhTUtHnjFPJfPdxJwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJIzhcUR9fCp7QNy3OK23UD8S+XrMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva2pPRnhSSDE4S250QTNMYzRyYmRRUHhMNWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowVSAwQA
owVjAwQAowV/AwQAowWMAwQAowXKAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQCl
kdjnfQFv38Ne1SfDjmPi9Rbgv6kvdlB8CSANUvp7MBVMMYWg3dHXQh05EI9++hE2
hkFKg6RHRvIegzjDo17yzuwh6KZmip5wXSJWJ1O3Y0zXJNgvEyF4Tmv9z6X5nNqi
18zXY5ZOGHS09l3Y1uHgO9wUwjtFOxZxpnUlzAiQjffbOZQhVHJWs8ljTpAkHEB2
dTpybdDrknvsKlaWq4IchbLlVGGUftYN8OMuWfbclXXHwWfi2arMSdQ7iV49Rhz7
phc4jL3JWveIGGndhr3uCSR+ECelfjvpA1v89796mWrnqo2KoC1vTNUhj1q7O5mU
SYilC49Zk6g/Wij0UuFm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org