Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lYcMYYNrc2MUsrQvwVIyIgpZrCo.roa
File: lYcMYYNrc2MUsrQvwVIyIgpZrCo.roa (raw, json)
Hash identifier: vhio3MjUjyqVbFdqpok0HLokw1/vnANfP/O5jIJTLcg=
Subject key identifier: 95:87:0C:61:83:6B:73:63:14:B2:B4:2F:C1:52:32:22:0A:59:AC:2A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0193F38DEE3C338A846DAE482F3BEE32F3FF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lYcMYYNrc2MUsrQvwVIyIgpZrCo.roa
Signing time: Mon 23 Dec 2024 12:46:25 +0000
ROA not before: Mon 23 Dec 2024 12:46:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56339
IP address blocks: 163.5.0.0/24 maxlen: 24
163.5.2.0/24 maxlen: 24
163.5.3.0/24 maxlen: 24
163.5.5.0/24 maxlen: 24
163.5.10.0/24 maxlen: 24
163.5.11.0/24 maxlen: 24
163.5.20.0/24 maxlen: 24
163.5.21.0/24 maxlen: 24
163.5.23.0/24 maxlen: 24
163.5.24.0/24 maxlen: 24
163.5.42.0/24 maxlen: 24
163.5.45.0/24 maxlen: 24
163.5.48.0/24 maxlen: 24
163.5.50.0/24 maxlen: 24
163.5.52.0/24 maxlen: 24
163.5.55.0/24 maxlen: 24
163.5.57.0/24 maxlen: 24
163.5.68.0/24 maxlen: 24
163.5.69.0/24 maxlen: 24
163.5.80.0/24 maxlen: 24
163.5.81.0/24 maxlen: 24
163.5.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f3:8d:ee:3c:33:8a:84:6d:ae:48:2f:3b:ee:32:f3:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 23 12:46:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95870c61836b736314b2b42fc15232220a59ac2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8f:ac:81:73:1f:d7:40:5d:ce:64:19:89:ae:
2f:cf:89:1f:dc:a1:db:3f:28:e5:33:8c:b0:3d:ff:
86:3f:47:bb:1e:6b:f6:45:29:26:11:8b:6a:c2:94:
4e:ee:48:dd:bd:56:bc:e6:ff:59:c1:ef:0b:7b:59:
2f:81:94:60:ae:58:71:26:39:04:9e:1e:27:cf:13:
7a:3c:2a:c8:eb:89:2a:3a:4c:33:59:c0:81:58:c9:
64:27:99:c6:54:27:b4:8f:eb:dc:59:30:34:1d:1f:
ee:a5:15:c2:6b:cc:b1:99:e4:fb:95:d2:d9:ee:68:
c4:d3:96:4f:81:8a:49:9e:73:fb:4c:a9:d9:73:f8:
71:60:97:7c:9e:61:49:88:f8:f5:a9:06:07:7b:7a:
2c:2a:16:7d:9c:59:83:e5:c5:a0:5d:5a:0a:86:a4:
3e:60:72:d5:dc:96:6c:79:a4:29:56:6a:0c:7e:38:
19:16:fa:c2:02:02:c5:08:d5:12:3d:6d:6a:4d:2f:
a8:2f:88:da:84:20:7d:80:75:03:47:87:f7:4a:3d:
c2:4e:a6:46:7b:f1:07:9a:b3:d9:48:4e:6d:74:41:
de:3c:0a:21:10:c1:c0:26:e1:02:2d:78:c2:97:2c:
c8:fc:17:3c:81:74:32:98:2f:18:11:a7:8c:c6:cb:
1b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:87:0C:61:83:6B:73:63:14:B2:B4:2F:C1:52:32:22:0A:59:AC:2A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lYcMYYNrc2MUsrQvwVIyIgpZrCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.0.0/24
163.5.2.0/23
163.5.5.0/24
163.5.10.0/23
163.5.20.0/23
163.5.23.0-163.5.24.255
163.5.42.0/24
163.5.45.0/24
163.5.48.0/24
163.5.50.0/24
163.5.52.0/24
163.5.55.0/24
163.5.57.0/24
163.5.68.0/23
163.5.80.0/23
163.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:2e:8d:12:51:6b:7c:b3:7a:ea:a3:91:f4:18:6a:aa:19:6e:
79:03:fc:3a:0d:9d:0f:82:7f:47:c4:df:0d:d6:c7:db:c0:5c:
c9:05:9a:b9:04:af:1e:29:09:c1:4f:ec:42:0a:5e:04:7f:9d:
0e:07:05:42:31:e6:24:61:54:ec:a6:d3:72:5e:2d:20:bb:e7:
50:04:66:ee:bd:6b:72:8b:4b:20:90:04:ba:3d:e8:0e:ca:fa:
ff:f0:1e:b8:2c:84:b3:99:e7:6f:8f:1c:d2:e9:f4:c1:de:e6:
3e:10:b8:03:57:1f:43:b0:53:1e:07:e8:e5:0c:f1:c4:c8:ac:
0a:65:d2:6b:18:9c:6e:a5:a6:ee:b6:1e:59:e6:2c:13:b4:89:
ac:c7:37:22:65:d5:4b:cd:d3:13:f3:a2:e6:f4:c1:aa:c1:30:
58:d4:bd:c1:36:21:55:ac:05:67:b8:19:66:8a:69:8e:fc:47:
21:70:84:f4:61:0f:14:1b:66:bf:eb:30:49:b4:d4:d7:dc:45:
e7:12:16:f9:78:72:38:68:52:b5:e3:7f:de:a2:71:fa:82:52:
8c:bf:b9:13:0d:03:10:68:6b:fa:bb:3b:55:d3:b1:92:bc:71:
f9:35:00:d8:9c:a2:eb:81:30:67:f2:de:d8:ce:77:c2:39:90:
88:1f:a3:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZPzje48M4qEba5ILzvuMvP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMjIzMTI0NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg3MGM2MTgzNmI3MzYzMTRiMmI0MmZjMTUyMzIyMjBhNTlhYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o+sgXMf10BdzmQZia4vz4kf3KHb
PyjlM4ywPf+GP0e7Hmv2RSkmEYtqwpRO7kjdvVa85v9Zwe8Le1kvgZRgrlhxJjkE
nh4nzxN6PCrI64kqOkwzWcCBWMlkJ5nGVCe0j+vcWTA0HR/upRXCa8yxmeT7ldLZ
7mjE05ZPgYpJnnP7TKnZc/hxYJd8nmFJiPj1qQYHe3osKhZ9nFmD5cWgXVoKhqQ+
YHLV3JZseaQpVmoMfjgZFvrCAgLFCNUSPW1qTS+oL4jahCB9gHUDR4f3Sj3CTqZG
e/EHmrPZSE5tdEHePAohEMHAJuECLXjClyzI/Bc8gXQymC8YEaeMxssbTQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFJWHDGGDa3NjFLK0L8FSMiIKWawqMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbFljTVlZTnJjMk1Vc3JRdndWSXlJZ3BackNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAKMFAAME
AaMFAgMEAKMFBQMEAaMFCgMEAaMFFDAMAwQAowUXAwQAowUYAwQAowUqAwQAowUt
AwQAowUwAwQAowUyAwQAowU0AwQAowU3AwQAowU5AwQBowVEAwQBowVQAwQAowVV
MA0GCSqGSIb3DQEBCwUAA4IBAQAfLo0SUWt8s3rqo5H0GGqqGW55A/w6DZ0Pgn9H
xN8N1sfbwFzJBZq5BK8eKQnBT+xCCl4Ef50OBwVCMeYkYVTsptNyXi0gu+dQBGbu
vWtyi0sgkAS6PegOyvr/8B64LISzmedvjxzS6fTB3uY+ELgDVx9DsFMeB+jlDPHE
yKwKZdJrGJxupabuth5Z5iwTtImsxzciZdVLzdMT86Lm9MGqwTBY1L3BNiFVrAVn
uBlmimmO/EchcIT0YQ8UG2a/6zBJtNTX3EXnEhb5eHI4aFK143/eonH6glKMv7kT
DQMQaGv6uztV07GSvHH5NQDYnKLrgTBn8t7YznfCOZCIH6N/
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:10 2025 by rpki-client