Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/m5h2PcQApPXS8dvb5BXF35DTrMg.roa
File: m5h2PcQApPXS8dvb5BXF35DTrMg.roa (raw, json)
Hash identifier: 4cymvpfqawosjIOxZH6N5KtHu2FYQyPCP5vvVp+JX3s=
Subject key identifier: 9B:98:76:3D:C4:00:A4:F5:D2:F1:DB:DB:E4:15:C5:DF:90:D3:AC:C8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01945A135B2FE1A8D8779F3500685D310DBE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/m5h2PcQApPXS8dvb5BXF35DTrMg.roa
Signing time: Sun 12 Jan 2025 10:33:25 +0000
ROA not before: Sun 12 Jan 2025 10:33:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47741
IP address blocks: 163.5.92.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 16:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5a:13:5b:2f:e1:a8:d8:77:9f:35:00:68:5d:31:0d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 12 10:33:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b98763dc400a4f5d2f1dbdbe415c5df90d3acc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:ce:aa:cb:f3:fc:b6:8a:7c:bd:4e:a2:d0:
93:ad:79:da:ad:81:4e:44:ee:e4:45:a7:29:54:10:
57:71:b7:99:c5:1a:0e:00:90:45:cc:d1:0d:a1:30:
ed:6e:87:fe:86:e8:61:a7:c2:f8:92:fd:91:5c:dc:
aa:83:3a:f1:4d:63:78:57:43:12:64:d5:0b:cb:cd:
c4:21:98:77:32:42:94:18:fb:0e:c5:ff:2c:30:85:
ac:ac:84:ff:ff:90:a5:20:b6:ce:a5:3c:9f:e1:92:
ae:ea:7c:bc:b7:90:21:28:2c:ca:32:9e:4f:f6:b5:
86:08:af:76:3b:62:40:fa:55:a4:57:2f:88:4b:2b:
91:ae:d2:66:ba:80:52:d3:c5:28:11:ad:3b:2c:e2:
45:b5:5c:d7:e3:a9:d6:f6:ea:e7:0f:fc:97:46:98:
62:4f:57:9c:75:db:e2:34:f5:35:75:62:ef:e7:cd:
19:c6:98:cb:14:61:15:08:ec:ec:39:54:b0:c9:40:
17:5b:f6:14:eb:84:ee:c4:b3:47:91:dc:53:5c:e0:
0a:73:03:b8:66:7c:c1:37:c8:3e:0d:07:79:d5:12:
e0:bf:13:be:92:13:7d:77:1d:28:2d:2b:89:d6:f2:
08:71:f2:f9:83:5e:88:8e:6c:66:6d:57:ee:b2:f1:
97:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:98:76:3D:C4:00:A4:F5:D2:F1:DB:DB:E4:15:C5:DF:90:D3:AC:C8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/m5h2PcQApPXS8dvb5BXF35DTrMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.92.0/24
163.5.233.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:f8:bf:0c:72:4d:a1:2d:e0:74:53:bd:21:12:e6:96:87:96:
0c:30:c6:ff:6a:74:0f:af:5d:c6:c7:68:5d:5a:d5:e4:be:4d:
3c:63:8c:c7:09:71:07:dc:fc:bd:5e:cb:0f:6b:8d:6a:dd:12:
42:85:08:07:50:79:f4:5f:73:39:96:c6:96:54:13:42:b7:0f:
f3:28:56:d3:27:f0:72:37:10:75:cb:c1:1e:51:b0:2f:33:2b:
ec:92:9f:af:b4:42:6f:7a:a5:f6:93:1f:d1:a1:f0:c3:8d:a7:
de:8b:d9:0b:b2:67:ec:79:d4:9c:4b:c1:39:19:08:1e:d0:c5:
30:76:fa:ca:36:91:2e:9b:35:08:d8:3e:3d:e0:77:cd:df:1d:
70:5e:cc:06:96:f8:9f:61:95:1f:f1:3d:12:e3:e8:e4:b5:d1:
a8:6c:11:8c:10:a3:00:d9:d1:94:8a:d9:2f:90:1b:e4:cd:1e:
db:bc:ee:ae:64:c9:44:8b:5a:d1:df:b2:8e:c0:03:ac:85:cb:
3a:ec:8c:0b:cc:26:60:22:28:f6:6c:da:c1:84:9a:4c:25:68:
89:21:41:0b:51:40:f6:d9:c2:42:08:2b:a7:21:1a:0c:73:98:
b7:78:f4:77:01:92:34:4d:98:65:ec:73:57:69:ce:65:53:cd:
6f:3b:6f:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRaE1sv4ajYd581AGhdMQ2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTEyMTAzMzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjk4NzYzZGM0MDBhNGY1ZDJmMWRiZGJlNDE1YzVkZjkwZDNhY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhDOqsvz/LaKfL1OotCTrXnarYFO
RO7kRacpVBBXcbeZxRoOAJBFzNENoTDtbof+huhhp8L4kv2RXNyqgzrxTWN4V0MS
ZNULy83EIZh3MkKUGPsOxf8sMIWsrIT//5ClILbOpTyf4ZKu6ny8t5AhKCzKMp5P
9rWGCK92O2JA+lWkVy+ISyuRrtJmuoBS08UoEa07LOJFtVzX46nW9urnD/yXRphi
T1ecddviNPU1dWLv580ZxpjLFGEVCOzsOVSwyUAXW/YU64TuxLNHkdxTXOAKcwO4
ZnzBN8g+DQd51RLgvxO+khN9dx0oLSuJ1vIIcfL5g16IjmxmbVfusvGXtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJuYdj3EAKT10vHb2+QVxd+Q06zIMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbTVoMlBjUUFwUFhTOGR2YjVCWEYzNURUck1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowVcAwQA
owXpAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQBr+L8Mck2hLeB0U70hEuaWh5YM
MMb/anQPr13Gx2hdWtXkvk08Y4zHCXEH3Py9XssPa41q3RJChQgHUHn0X3M5lsaW
VBNCtw/zKFbTJ/ByNxB1y8EeUbAvMyvskp+vtEJveqX2kx/RofDDjafei9kLsmfs
edScS8E5GQge0MUwdvrKNpEumzUI2D494HfN3x1wXswGlvifYZUf8T0S4+jktdGo
bBGMEKMA2dGUitkvkBvkzR7bvO6uZMlEi1rR37KOwAOshcs67IwLzCZgIij2bNrB
hJpMJWiJIUELUUD22cJCCCunIRoMc5i3ePR3AZI0TZhl7HNXac5lU81vO29I
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:48:23 2025 by rpki-client