Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nM-V3hzgGTLptdp6Fi3pJDbBEW8.roa
File: nM-V3hzgGTLptdp6Fi3pJDbBEW8.roa (raw, json)
Hash identifier: USr35zLMLM3iido+Ri4FtGduHgE/G47ZKj1ShFTalGs=
Subject key identifier: 9C:CF:95:DE:1C:E0:19:32:E9:B5:DA:7A:16:2D:E9:24:36:C1:11:6F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A48CAE18ED6C5060FC2BCCA265B96
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nM-V3hzgGTLptdp6Fi3pJDbBEW8.roa
Signing time: Wed 01 Jan 2025 19:49:15 +0000
ROA not before: Wed 01 Jan 2025 19:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.99.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 20:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:48:ca:e1:8e:d6:c5:06:0f:c2:bc:ca:26:5b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ccf95de1ce01932e9b5da7a162de92436c1116f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4b:f8:aa:fb:1c:4e:d7:f1:94:f5:87:7a:02:
44:21:ea:b5:e3:83:b5:36:16:b4:d9:bd:07:1e:78:
b1:24:c1:ba:06:20:76:f0:cf:aa:d0:7a:d0:13:7c:
0a:83:b8:2a:b3:9d:2a:2f:1e:e9:3f:de:80:a0:b8:
9d:73:64:46:ad:0e:64:2d:16:2a:e8:ca:53:54:04:
33:42:d4:54:c7:54:da:f5:fc:0b:fd:65:14:8e:73:
db:ce:5c:c7:a3:c7:c3:96:ef:d9:5e:10:bd:1b:f2:
7f:1f:1b:b8:be:de:1d:e7:91:a5:51:a9:55:b3:ce:
bf:9e:1a:65:89:ee:e4:2b:9e:77:cf:30:91:28:ee:
e7:b6:db:32:7d:34:b9:f8:c7:a9:bb:41:4d:7c:21:
51:5c:21:ab:f6:5a:9b:22:dd:b9:a7:61:42:7c:6b:
69:13:da:fc:26:e8:a6:1e:0a:71:5a:2b:af:1e:bd:
35:c1:b0:d7:72:0d:46:23:9e:e0:1e:c6:71:b3:20:
b0:0c:94:40:cc:fb:bd:b4:25:ad:66:73:1e:74:d0:
b8:0f:df:fa:4a:b1:32:d3:22:75:34:d8:34:8b:40:
df:2c:d7:3b:5d:6b:33:e9:62:8d:cf:5e:94:99:3a:
b8:32:c9:df:55:3d:1b:98:12:79:13:2e:da:ac:ab:
4f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CF:95:DE:1C:E0:19:32:E9:B5:DA:7A:16:2D:E9:24:36:C1:11:6F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nM-V3hzgGTLptdp6Fi3pJDbBEW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.99.0/24
163.5.142.0/23
163.5.192.0/23
163.5.213.0-163.5.214.255
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
57:69:ac:f7:6d:94:bb:1a:8d:6a:ee:5f:ae:d4:b5:e9:bf:7e:
2e:20:96:ac:fe:c8:cd:84:73:a8:c3:89:26:53:fa:fe:0a:18:
5d:f0:4b:6f:e2:2d:15:e2:fa:8b:4d:d3:3f:fd:29:c3:a4:f0:
79:94:d4:9c:c9:e5:64:84:a6:41:d8:3a:b0:3c:2a:15:cb:2a:
e6:60:b2:28:92:5e:4a:33:54:6a:09:11:9f:2f:0f:2d:22:e2:
3c:98:65:d0:98:a5:cb:49:f6:33:f6:2e:6a:6d:fa:50:d0:d5:
03:96:0c:a5:f8:ff:3b:80:eb:50:ab:32:48:cd:91:31:85:af:
c6:1d:f0:68:bb:67:43:ef:32:a3:9f:c4:e5:cf:24:91:e2:1e:
9c:21:bd:df:88:7e:c8:87:e0:2a:79:7f:50:c5:4e:d9:ee:78:
b7:28:b9:6c:69:20:e0:8c:b1:6b:11:8f:a6:6b:8b:aa:3d:7f:
27:cf:6d:dc:f8:e6:76:fa:74:f4:a6:e7:f3:d2:22:4a:a4:64:
a2:ce:0b:66:c4:a2:f1:9c:c8:57:1d:0a:88:8b:a5:c4:1d:f6:
d1:27:cc:5e:2b:58:97:00:92:d7:19:74:45:26:53:33:15:62:
d6:61:a5:47:1e:20:8f:a1:47:d1:83:90:78:4e:76:3c:82:ef:
15:1e:af:35
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQjakjK4Y7WxQYPwrzKJluWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NmOTVkZTFjZTAxOTMyZTliNWRhN2ExNjJkZTkyNDM2YzExMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUv4qvscTtfxlPWHegJEIeq144O1
Nha02b0HHnixJMG6BiB28M+q0HrQE3wKg7gqs50qLx7pP96AoLidc2RGrQ5kLRYq
6MpTVAQzQtRUx1Ta9fwL/WUUjnPbzlzHo8fDlu/ZXhC9G/J/Hxu4vt4d55GlUalV
s86/nhplie7kK553zzCRKO7nttsyfTS5+Mepu0FNfCFRXCGr9lqbIt25p2FCfGtp
E9r8JuimHgpxWiuvHr01wbDXcg1GI57gHsZxsyCwDJRAzPu9tCWtZnMedNC4D9/6
SrEy0yJ1NNg0i0DfLNc7XWsz6WKNz16UmTq4MsnfVT0bmBJ5Ey7arKtPLQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJzPld4c4Bky6bXaehYt6SQ2wRFvMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbk0tVjNoemdHVExwdGRwNkZpM3BKRGJCRVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowVjAwQB
owWOAwQBowXAMAwDBACjBdUDBACjBdYDBAC5/TYwDQYJKoZIhvcNAQELBQADggEB
AFdprPdtlLsajWruX67Utem/fi4glqz+yM2Ec6jDiSZT+v4KGF3wS2/iLRXi+otN
0z/9KcOk8HmU1JzJ5WSEpkHYOrA8KhXLKuZgsiiSXkozVGoJEZ8vDy0i4jyYZdCY
pctJ9jP2Lmpt+lDQ1QOWDKX4/zuA61CrMkjNkTGFr8Yd8Gi7Z0PvMqOfxOXPJJHi
Hpwhvd+IfsiH4Cp5f1DFTtnueLcouWxpIOCMsWsRj6Zri6o9fyfPbdz45nb6dPSm
5/PSIkqkZKLOC2bEovGcyFcdCoiLpcQd9tEnzF4rWJcAktcZdEUmUzMVYtZhpUce
II+hR9GDkHhOdjyC7xUerzU=
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:43:47 2025 by rpki-client