Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nzHcHXiovTjQPI5n7BPNxLbqjAg.roa
File: nzHcHXiovTjQPI5n7BPNxLbqjAg.roa (raw, json)
Hash identifier: UyJq6KOPckNaDH+j2IkZ4WUnVXhQ8b0tHko/Q/ASsfI=
Subject key identifier: 9F:31:DC:1D:78:A8:BD:38:D0:3C:8E:67:EC:13:CD:C4:B6:EA:8C:08
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191EBF37E7840CE91D8A7D26AA40EE761CD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nzHcHXiovTjQPI5n7BPNxLbqjAg.roa
Signing time: Fri 13 Sep 2024 15:14:48 +0000
ROA not before: Fri 13 Sep 2024 15:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 163.5.0.0/24 maxlen: 24
163.5.1.0/24 maxlen: 24
163.5.3.0/24 maxlen: 24
163.5.4.0/24 maxlen: 24
163.5.6.0/24 maxlen: 24
163.5.7.0/24 maxlen: 24
163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.14.0/24 maxlen: 24
163.5.15.0/24 maxlen: 24
163.5.16.0/24 maxlen: 24
163.5.17.0/24 maxlen: 24
163.5.18.0/24 maxlen: 24
163.5.19.0/24 maxlen: 24
163.5.22.0/24 maxlen: 24
163.5.25.0/24 maxlen: 24
163.5.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 14:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:f3:7e:78:40:ce:91:d8:a7:d2:6a:a4:0e:e7:61:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 13 15:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f31dc1d78a8bd38d03c8e67ec13cdc4b6ea8c08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:47:53:43:c4:e9:38:73:a7:d6:9b:34:31:0e:
67:e8:83:10:34:12:ea:5d:7f:49:4a:be:91:b2:3b:
03:a7:c6:19:5f:e5:8c:db:62:27:ba:ec:b0:d7:cb:
ce:5e:34:ea:88:85:6f:77:85:91:5a:ba:ba:7b:b6:
7b:5c:22:56:37:f3:e5:1c:f2:54:b3:4d:51:e6:0e:
91:5d:97:f8:e8:6d:84:45:dd:6d:d8:c2:cb:51:5e:
1c:cc:a1:ef:db:6c:56:27:31:65:4f:e2:7d:a5:02:
cd:22:31:71:f2:f3:57:e5:4f:5d:50:b2:bb:cf:65:
43:97:80:ce:10:08:0f:2e:1c:73:fb:26:e4:13:84:
43:bc:6f:3c:b1:2d:fc:5b:11:19:12:0b:cf:e2:6c:
89:be:05:19:a1:04:a6:21:c5:67:db:92:3b:7b:77:
c4:5c:da:de:e8:4e:a6:48:8a:d1:05:7f:b3:b7:ab:
fd:6e:36:e8:bc:81:29:a3:6e:9e:2b:5f:1f:36:e5:
36:83:71:95:8e:e7:70:5b:fe:a4:d3:f9:59:a4:f1:
40:a8:b7:04:c6:89:d1:24:82:ca:46:44:a8:d2:8b:
a6:9d:d6:6d:d4:57:b3:aa:fa:c8:cf:eb:30:e6:cd:
f4:30:51:a9:92:12:e0:b1:79:21:18:34:74:a7:a5:
b5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:31:DC:1D:78:A8:BD:38:D0:3C:8E:67:EC:13:CD:C4:B6:EA:8C:08
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nzHcHXiovTjQPI5n7BPNxLbqjAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.0.0/23
163.5.3.0-163.5.4.255
163.5.6.0-163.5.9.255
163.5.13.0-163.5.19.255
163.5.22.0/24
163.5.25.0/24
163.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:3a:29:5b:22:ed:13:89:3a:94:58:58:c2:6e:f1:fe:3e:16:
5f:11:a4:96:e5:36:fa:30:25:c0:83:e4:85:9e:d4:ff:0f:08:
67:d5:11:3e:eb:6f:c8:dc:3f:c3:a0:47:7f:0a:1d:ff:70:29:
04:60:6e:66:05:e0:3a:42:ab:31:24:6c:7e:68:50:b3:51:0f:
0f:65:08:27:cc:00:7d:8b:57:41:f2:24:b3:87:ea:a4:15:96:
4e:d6:cb:b2:45:9c:56:5e:e2:76:6c:1a:72:02:d1:43:b2:e9:
25:77:20:11:60:7e:66:b3:88:7d:76:56:f1:ae:43:97:ff:28:
55:6d:2b:04:be:c1:89:ae:2f:64:b9:dc:ba:2b:f6:b6:08:cf:
a0:cf:dc:65:78:6c:e9:34:58:7c:9a:35:06:2d:df:84:92:4b:
85:4d:64:85:26:91:33:25:19:1c:c9:a1:e1:1c:2b:53:f8:4a:
5a:ff:94:00:e3:ca:40:00:95:ba:d6:59:07:12:e7:7a:e2:e5:
07:a4:92:1b:61:58:85:18:dd:1e:85:79:93:67:1f:78:26:45:
d3:56:a5:d1:34:e0:70:a4:d8:d8:e9:cf:c4:c3:ad:80:3a:32:
c9:75:40:d4:54:9e:f2:11:5c:e0:17:8e:ba:11:36:f2:17:e7:
a5:78:c8:f4
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZHr8354QM6R2KfSaqQO52HNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTEzMTUxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjMxZGMxZDc4YThiZDM4ZDAzYzhlNjdlYzEzY2RjNGI2ZWE4YzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0dTQ8TpOHOn1ps0MQ5n6IMQNBLq
XX9JSr6RsjsDp8YZX+WM22Inuuyw18vOXjTqiIVvd4WRWrq6e7Z7XCJWN/PlHPJU
s01R5g6RXZf46G2ERd1t2MLLUV4czKHv22xWJzFlT+J9pQLNIjFx8vNX5U9dULK7
z2VDl4DOEAgPLhxz+ybkE4RDvG88sS38WxEZEgvP4myJvgUZoQSmIcVn25I7e3fE
XNre6E6mSIrRBX+zt6v9bjbovIEpo26eK18fNuU2g3GVjudwW/6k0/lZpPFAqLcE
xonRJILKRkSo0oumndZt1FezqvrIz+sw5s30MFGpkhLgsXkhGDR0p6W1IwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJ8x3B14qL040DyOZ+wTzcS26owIMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbnpIY0hYaW92VGpRUEk1bjdCUE54TGJxakFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBowUAMAwD
BACjBQMDBACjBQQwDAMEAaMFBgMEAaMFCDAMAwQAowUNAwQCowUQAwQAowUWAwQA
owUZAwQAowVVMA0GCSqGSIb3DQEBCwUAA4IBAQAcOilbIu0TiTqUWFjCbvH+PhZf
EaSW5Tb6MCXAg+SFntT/Dwhn1RE+62/I3D/DoEd/Ch3/cCkEYG5mBeA6QqsxJGx+
aFCzUQ8PZQgnzAB9i1dB8iSzh+qkFZZO1suyRZxWXuJ2bBpyAtFDsukldyARYH5m
s4h9dlbxrkOX/yhVbSsEvsGJri9kudy6K/a2CM+gz9xleGzpNFh8mjUGLd+EkkuF
TWSFJpEzJRkcyaHhHCtT+Epa/5QA48pAAJW61lkHEud64uUHpJIbYViFGN0ehXmT
Zx94JkXTVqXRNOBwpNjY6c/Ew62AOjLJdUDUVJ7yEVzgF466ETbyF+eleMj0
-----END CERTIFICATE-----
Generated at Thu Oct 17 17:19:20 2024 by rpki-client on console-fra.rpki-client.org