Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/l_yzqHN2HCqHXgtrs8l09c9FKh0.roa
File: l_yzqHN2HCqHXgtrs8l09c9FKh0.roa (raw, json)
Hash identifier: OyWs1zlc8d3zLTnhNtuH/aPO6T1YvqO3mtFdpAwwcv0=
Subject key identifier: 97:FC:B3:A8:73:76:1C:2A:87:5E:0B:6B:B3:C9:74:F5:CF:45:2A:1D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018F3FFA43CD077347878B24DBB074B82BF7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/l_yzqHN2HCqHXgtrs8l09c9FKh0.roa
Signing time: Fri 03 May 2024 19:41:56 +0000
ROA not before: Fri 03 May 2024 19:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 163.5.56.0/24 maxlen: 24
163.5.82.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 20:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3f:fa:43:cd:07:73:47:87:8b:24:db:b0:74:b8:2b:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 3 19:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97fcb3a873761c2a875e0b6bb3c974f5cf452a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:80:27:fb:ef:94:d2:d0:6e:d5:5c:46:0f:bc:
05:73:2f:42:a7:40:c1:7f:79:47:ba:77:6d:fe:bd:
0a:40:05:3f:ec:fa:34:29:e8:71:4d:18:2f:dc:ed:
f8:4a:de:65:7e:e5:ec:c9:4f:9f:9b:4d:bf:9b:76:
a7:55:d7:e4:2e:d6:76:2d:6b:29:20:47:51:84:5d:
dd:7f:07:94:98:c9:33:cb:ba:4d:30:02:c3:77:87:
20:00:1b:e0:30:c5:a3:76:37:54:c3:e8:e5:fb:96:
fa:fc:e4:0b:be:34:5c:91:d6:86:fb:e4:51:3d:ef:
23:8a:f1:c1:f2:97:cd:df:d8:dc:40:20:ea:e7:21:
49:83:4b:33:79:d3:45:b6:ec:b3:ac:00:4e:e5:c7:
22:00:f0:95:65:00:f8:7b:e0:04:d5:1e:75:f7:f5:
3a:7b:4c:92:99:ba:94:65:0a:f8:5e:9a:4d:d0:d5:
bf:61:a0:c4:32:35:f8:85:83:d7:bc:d5:c1:ef:b0:
1e:74:8e:06:a8:cc:2a:c4:28:12:cc:b2:87:2d:0c:
74:7d:05:d9:f1:95:e3:68:8e:f6:2a:90:39:b3:ed:
e0:26:ca:63:a4:27:4b:43:61:c1:91:86:ef:68:45:
1f:96:3b:fe:54:63:6d:a9:a3:ea:fa:27:82:54:e9:
91:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:FC:B3:A8:73:76:1C:2A:87:5E:0B:6B:B3:C9:74:F5:CF:45:2A:1D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/l_yzqHN2HCqHXgtrs8l09c9FKh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.56.0/24
163.5.82.0/24
163.5.99.0/24
163.5.127.0/24
163.5.140.0/24
163.5.202.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:b8:cc:4b:63:ac:02:28:cd:d1:74:58:e1:b6:db:cd:06:8a:
aa:5e:c5:18:11:cf:ff:e1:82:26:f9:b6:77:44:c8:16:82:bb:
63:be:21:45:25:b3:38:21:53:93:f2:e2:8d:38:26:47:92:46:
6c:5c:8b:bc:bb:c8:58:48:97:38:54:ad:75:07:58:c6:08:37:
1e:bb:ef:d6:23:ee:6d:43:cc:04:72:8b:d6:7a:80:fb:4e:de:
56:02:c4:0d:06:b4:d6:1a:5e:43:cc:c8:ad:6a:2a:92:a2:26:
99:05:64:36:c2:6b:19:7f:5d:42:bf:68:a4:6d:4c:79:5e:b7:
7b:0f:ae:a1:dc:11:06:0d:20:70:dc:b4:93:66:d8:93:c3:8a:
43:fe:c7:3b:7a:c1:5f:ca:6b:66:ce:93:24:59:18:e4:82:e8:
84:fb:ac:89:17:8a:a5:a9:39:e9:e0:9a:f8:67:1e:5e:ff:ec:
29:cc:fa:a9:fb:75:f0:9c:73:f5:d8:99:cd:71:2e:ec:73:c6:
1d:9e:24:56:d2:78:16:7e:6e:1f:77:f4:42:01:2f:59:47:02:
8f:17:31:ec:5f:1e:85:8a:e3:1f:95:4f:a1:1d:b4:c6:23:c0:
02:6c:29:cb:42:2c:90:ea:93:da:b6:0b:f0:64:8a:e8:7d:4f:
42:f3:e0:3d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY8/+kPNB3NHh4sk27B0uCv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTAzMTk0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2ZjYjNhODczNzYxYzJhODc1ZTBiNmJiM2M5NzRmNWNmNDUyYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4An+++U0tBu1VxGD7wFcy9Cp0DB
f3lHundt/r0KQAU/7Po0KehxTRgv3O34St5lfuXsyU+fm02/m3anVdfkLtZ2LWsp
IEdRhF3dfweUmMkzy7pNMALDd4cgABvgMMWjdjdUw+jl+5b6/OQLvjRckdaG++RR
Pe8jivHB8pfN39jcQCDq5yFJg0szedNFtuyzrABO5cciAPCVZQD4e+AE1R519/U6
e0ySmbqUZQr4XppN0NW/YaDEMjX4hYPXvNXB77AedI4GqMwqxCgSzLKHLQx0fQXZ
8ZXjaI72KpA5s+3gJspjpCdLQ2HBkYbvaEUfljv+VGNtqaPq+ieCVOmRSQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJf8s6hzdhwqh14La7PJdPXPRSodMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbF95enFITjJIQ3FIWGd0cnM4bDA5YzlGS2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowU4AwQA
owVSAwQAowVjAwQAowV/AwQAowWMAwQAowXKAwQAowX4MA0GCSqGSIb3DQEBCwUA
A4IBAQCnuMxLY6wCKM3RdFjhttvNBoqqXsUYEc//4YIm+bZ3RMgWgrtjviFFJbM4
IVOT8uKNOCZHkkZsXIu8u8hYSJc4VK11B1jGCDceu+/WI+5tQ8wEcovWeoD7Tt5W
AsQNBrTWGl5DzMitaiqSoiaZBWQ2wmsZf11Cv2ikbUx5Xrd7D66h3BEGDSBw3LST
ZtiTw4pD/sc7esFfymtmzpMkWRjkguiE+6yJF4qlqTnp4Jr4Zx5e/+wpzPqp+3Xw
nHP12JnNcS7sc8YdniRW0ngWfm4fd/RCAS9ZRwKPFzHsXx6FiuMflU+hHbTGI8AC
bCnLQiyQ6pPatgvwZIrofU9C8+A9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org