Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mQKFx4QoJJ8YiCLWdRx0F8xn6nI.roa
File: mQKFx4QoJJ8YiCLWdRx0F8xn6nI.roa (raw, json)
Hash identifier: TZb0v3S4QpQeLsFyCy8dTL58xsZISE+Cx6Afn+UxeK8=
Subject key identifier: 99:02:85:C7:84:28:24:9F:18:88:22:D6:75:1C:74:17:CC:67:EA:72
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018FB945FD3FE6750407E6DB0A5C2DDD1B1A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mQKFx4QoJJ8YiCLWdRx0F8xn6nI.roa
Signing time: Mon 27 May 2024 08:58:42 +0000
ROA not before: Mon 27 May 2024 08:58:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 163.5.29.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 18:10:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:45:fd:3f:e6:75:04:07:e6:db:0a:5c:2d:dd:1b:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 27 08:58:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=990285c78428249f188822d6751c7417cc67ea72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5e:08:50:c7:b8:df:21:44:fc:43:ec:8a:84:
8b:ea:7e:0a:53:47:be:2a:4d:d2:46:9d:1d:83:28:
12:c2:36:fc:1a:44:91:a7:9a:9b:c5:b3:50:fe:f2:
c0:ae:18:a8:eb:d8:11:9a:91:b6:d4:97:2f:85:47:
74:76:9f:de:4c:a9:18:63:ed:bd:a1:4a:c7:19:74:
e5:ac:cf:9f:05:fa:35:ef:65:93:fd:75:e3:8c:fc:
d0:18:68:ec:06:95:2b:27:39:b3:51:8d:21:32:e6:
5c:df:9a:c1:60:5c:51:d3:42:59:ca:33:34:c9:8f:
56:f7:f8:ad:5e:a9:ce:c5:dc:66:2e:13:28:5c:80:
ee:ac:40:e1:14:84:b6:35:cd:cf:ea:e5:96:d1:01:
d5:af:10:92:d5:46:08:22:c2:d5:9a:fd:03:26:ea:
d6:43:7f:3e:d7:2d:ad:9d:e4:94:fb:f8:1f:66:a0:
cb:c4:f9:3a:b7:5a:3a:72:56:9b:a0:74:78:f7:aa:
10:36:d2:f1:41:e1:dc:1d:39:5e:82:83:6f:6b:75:
af:6e:c5:29:97:49:73:73:24:0d:cd:45:18:ed:b0:
14:1d:91:0d:6e:9f:dd:d6:5d:a3:03:09:76:b7:c4:
9d:29:02:15:19:5d:9e:b5:95:21:01:e9:f3:45:23:
de:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:02:85:C7:84:28:24:9F:18:88:22:D6:75:1C:74:17:CC:67:EA:72
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mQKFx4QoJJ8YiCLWdRx0F8xn6nI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.29.0/24
163.5.132.0/24
163.5.158.0/24
163.5.173.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ef:af:67:ee:22:8b:ce:d7:3c:da:cc:b4:88:76:c8:bc:6d:
38:18:08:49:c3:fa:d4:e5:a0:36:c9:b9:d8:94:a2:71:c4:b8:
06:3e:b1:dd:c7:48:7d:0b:44:4e:90:ac:ef:0c:eb:28:6c:23:
55:f9:4b:5c:6a:2e:ba:bb:d6:71:49:fb:d9:69:0b:4e:14:f3:
c7:85:b1:2f:43:51:7f:f2:ed:07:00:80:d3:3d:58:a0:26:03:
fd:a5:38:2a:eb:6e:22:70:fb:b6:1d:a1:52:80:e6:8b:c7:33:
a4:cb:5a:68:a3:11:94:16:92:95:53:23:ff:fd:47:c8:41:05:
62:b0:78:ab:1b:7a:0c:69:0c:fc:1b:b8:41:1b:b7:2b:94:c7:
ec:4b:a2:2e:e2:0d:ac:f9:94:a4:02:23:69:b4:d7:96:7b:78:
0c:82:16:12:2e:31:4e:42:42:6b:f7:4b:b0:cf:25:65:3b:f9:
d3:42:2c:97:23:32:24:81:2f:6d:ad:16:10:41:7b:45:da:53:
94:d4:1b:57:66:ef:ad:65:07:94:f0:cc:1a:33:38:3c:36:1b:
5c:e9:20:b8:6d:24:7b:45:9c:a1:28:89:12:3f:cc:c1:d5:22:
4d:e5:b6:e8:56:9e:34:88:11:b6:59:77:1d:79:6e:02:bd:15:
f0:52:c2:76
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+5Rf0/5nUEB+bbClwt3RsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTI3MDg1ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTAyODVjNzg0MjgyNDlmMTg4ODIyZDY3NTFjNzQxN2NjNjdlYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz14IUMe43yFE/EPsioSL6n4KU0e+
Kk3SRp0dgygSwjb8GkSRp5qbxbNQ/vLArhio69gRmpG21JcvhUd0dp/eTKkYY+29
oUrHGXTlrM+fBfo172WT/XXjjPzQGGjsBpUrJzmzUY0hMuZc35rBYFxR00JZyjM0
yY9W9/itXqnOxdxmLhMoXIDurEDhFIS2Nc3P6uWW0QHVrxCS1UYIIsLVmv0DJurW
Q38+1y2tneSU+/gfZqDLxPk6t1o6claboHR496oQNtLxQeHcHTlegoNva3WvbsUp
l0lzcyQNzUUY7bAUHZENbp/d1l2jAwl2t8SdKQIVGV2etZUhAenzRSPe+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJkChceEKCSfGIgi1nUcdBfMZ+pyMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbVFLRng0UW9KSjhZaUNMV2RSeDBGOHhuNm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUdAwQA
owWEAwQAowWeAwQAowWtMA0GCSqGSIb3DQEBCwUAA4IBAQAm769n7iKLztc82sy0
iHbIvG04GAhJw/rU5aA2ybnYlKJxxLgGPrHdx0h9C0ROkKzvDOsobCNV+Utcai66
u9ZxSfvZaQtOFPPHhbEvQ1F/8u0HAIDTPVigJgP9pTgq624icPu2HaFSgOaLxzOk
y1pooxGUFpKVUyP//UfIQQVisHirG3oMaQz8G7hBG7crlMfsS6Iu4g2s+ZSkAiNp
tNeWe3gMghYSLjFOQkJr90uwzyVlO/nTQiyXIzIkgS9trRYQQXtF2lOU1BtXZu+t
ZQeU8MwaMzg8Nhtc6SC4bSR7RZyhKIkSP8zB1SJN5bboVp40iBG2WXcdeW4CvRXw
UsJ2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org