Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kowLrhJ1To-x05o4vh2to5hgkjQ.roa
File: kowLrhJ1To-x05o4vh2to5hgkjQ.roa (raw, json)
Hash identifier: AYTcZuL35FzX8XYGBszcTtWJQpvRQht/2Zpqxh0nkPs=
Subject key identifier: 92:8C:0B:AE:12:75:4E:8F:B1:D3:9A:38:BE:1D:AD:A3:98:60:92:34
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A3925873ECD4D30D649763B6130A0
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kowLrhJ1To-x05o4vh2to5hgkjQ.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136557
IP address blocks: 163.5.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 08:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:39:25:87:3e:cd:4d:30:d6:49:76:3b:61:30:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=928c0bae12754e8fb1d39a38be1dada398609234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:15:bc:45:76:ec:4f:ee:57:16:f5:b6:e9:c7:
40:de:ab:7b:89:d7:b3:27:d4:ad:c2:9e:a7:26:da:
1d:8f:2e:93:43:78:c7:12:2d:b0:2f:2e:7b:33:cd:
4b:83:5b:fd:27:26:75:a6:7d:ec:a1:eb:f2:41:f3:
54:23:8d:48:17:a5:f5:a3:4a:04:5a:f9:6d:ca:37:
98:5d:a1:09:0c:44:1c:7b:16:b6:80:f8:12:74:47:
30:31:6d:a2:4d:b2:b8:23:01:00:dc:51:b0:a4:e6:
62:63:e5:2e:fd:63:00:d1:76:18:f8:de:e3:f4:53:
3c:9f:cb:c6:4c:94:74:58:8c:5a:67:9a:8c:ce:0a:
38:1f:c4:00:21:01:f3:35:61:4f:57:b7:7e:a7:46:
57:cf:b3:28:02:e0:97:41:19:97:77:c7:33:8a:ad:
2c:3b:95:5c:84:49:70:da:18:2e:79:f3:4e:31:dc:
1f:46:a9:4a:09:84:a6:03:c1:28:77:ba:1e:a8:e9:
63:7f:a1:76:c9:2f:82:5f:14:2a:62:e5:49:af:1c:
d8:51:ac:68:3c:a8:8e:6b:b3:e9:f6:77:d3:2d:e3:
53:6b:6f:2f:99:3f:d8:c1:df:a6:1a:21:23:04:6d:
54:8a:a9:ec:52:a2:be:ef:14:be:87:ba:d1:cd:33:
46:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8C:0B:AE:12:75:4E:8F:B1:D3:9A:38:BE:1D:AD:A3:98:60:92:34
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kowLrhJ1To-x05o4vh2to5hgkjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.56.0/24
Signature Algorithm: sha256WithRSAEncryption
95:ad:81:8d:56:2e:b9:84:9a:78:dc:6e:f4:9e:0a:9b:13:ac:
fe:74:6d:66:e1:9b:cf:00:97:52:f1:9b:49:bd:24:84:be:04:
51:1c:23:86:12:f9:0d:9f:c7:9a:97:dc:6b:73:50:1f:19:0e:
99:8f:6a:4d:9b:1b:90:55:e1:82:bd:c5:ec:00:ee:f2:be:ee:
86:26:19:70:50:c8:75:8f:7a:ca:e3:d2:1d:06:71:0c:7c:4b:
96:9e:9f:e6:0d:6f:24:a4:fc:7e:7d:da:5d:b7:3b:52:7a:e0:
5b:51:c5:af:0a:76:a9:85:d1:db:0b:5c:bd:4b:76:c6:46:2e:
68:84:8d:ad:2e:28:a1:d8:ec:55:a0:39:d6:47:38:6c:30:68:
5f:e5:da:66:7d:9b:e4:76:5c:c3:47:53:29:cc:c1:ac:88:5d:
10:5d:f3:4d:e1:5b:27:33:76:54:98:8b:79:35:2e:27:b0:44:
a8:a7:7d:57:bb:fb:46:bf:84:fc:01:05:19:3d:cc:7a:ab:83:
88:ce:67:58:4f:ba:2d:5e:25:c5:20:34:3e:dc:88:19:d1:c8:
9a:31:77:af:ba:0c:36:9e:72:fa:63:ee:60:5f:e6:71:50:a7:
59:53:40:73:63:14:2c:b4:38:17:e6:ff:fa:55:68:cc:28:1a:
cd:af:84:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajklhz7NTTDWSXY7YTCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjhjMGJhZTEyNzU0ZThmYjFkMzlhMzhiZTFkYWRhMzk4NjA5MjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxW8RXbsT+5XFvW26cdA3qt7idez
J9Stwp6nJtodjy6TQ3jHEi2wLy57M81Lg1v9JyZ1pn3soevyQfNUI41IF6X1o0oE
WvltyjeYXaEJDEQcexa2gPgSdEcwMW2iTbK4IwEA3FGwpOZiY+Uu/WMA0XYY+N7j
9FM8n8vGTJR0WIxaZ5qMzgo4H8QAIQHzNWFPV7d+p0ZXz7MoAuCXQRmXd8cziq0s
O5VchElw2hguefNOMdwfRqlKCYSmA8Eod7oeqOljf6F2yS+CXxQqYuVJrxzYUaxo
PKiOa7Pp9nfTLeNTa28vmT/Ywd+mGiEjBG1UiqnsUqK+7xS+h7rRzTNGlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKMC64SdU6PsdOaOL4draOYYJI0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva293THJoSjFUby14MDVvNHZoMnRvNWhna2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowU4MA0G
CSqGSIb3DQEBCwUAA4IBAQCVrYGNVi65hJp43G70ngqbE6z+dG1m4ZvPAJdS8ZtJ
vSSEvgRRHCOGEvkNn8eal9xrc1AfGQ6Zj2pNmxuQVeGCvcXsAO7yvu6GJhlwUMh1
j3rK49IdBnEMfEuWnp/mDW8kpPx+fdpdtztSeuBbUcWvCnaphdHbC1y9S3bGRi5o
hI2tLiih2OxVoDnWRzhsMGhf5dpmfZvkdlzDR1MpzMGsiF0QXfNN4VsnM3ZUmIt5
NS4nsESop31Xu/tGv4T8AQUZPcx6q4OIzmdYT7otXiXFIDQ+3IgZ0ciaMXevugw2
nnL6Y+5gX+ZxUKdZU0BzYxQstDgX5v/6VWjMKBrNr4Tj
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:42 2025 by rpki-client