Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oKoWAPhNAZlhG5nAEi55VFT70qI.roa
File: oKoWAPhNAZlhG5nAEi55VFT70qI.roa (raw, json)
Hash identifier: bvJtD64ZpLerhfDF3Ql8x5966oiUKLSTh92gBIfHQdc=
Subject key identifier: A0:AA:16:00:F8:4D:01:99:61:1B:99:C0:12:2E:79:54:54:FB:D2:A2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CF46D1EE990C3320BDD359DAAE042C1BF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oKoWAPhNAZlhG5nAEi55VFT70qI.roa
Signing time: Wed 10 Jan 2024 17:30:41 +0000
ROA not before: Wed 10 Jan 2024 17:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 163.5.91.0/24 maxlen: 24
163.5.239.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 14:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f4:6d:1e:e9:90:c3:32:0b:dd:35:9d:aa:e0:42:c1:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 10 17:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0aa1600f84d0199611b99c0122e795454fbd2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:9e:8d:1f:0c:55:2b:d6:0c:e4:5f:df:7b:26:
9e:ef:db:3c:63:46:15:26:64:ac:f6:0d:cb:58:e4:
96:0c:87:fd:b4:73:17:14:52:75:b4:88:37:26:0b:
0f:22:ee:c5:aa:a9:e5:4b:93:29:08:0c:53:43:2a:
e2:2e:15:b0:16:65:d3:66:c0:e9:50:24:b8:21:71:
07:44:d1:b2:11:46:27:fc:79:30:91:bf:35:85:21:
c4:ab:95:e0:94:de:2b:a4:2e:7d:4e:e2:b3:04:99:
0d:00:c1:92:b6:83:47:ff:18:04:9c:ac:90:ea:8c:
f0:39:27:16:10:38:7f:3a:69:d4:70:46:a0:f4:3a:
b3:e6:4a:25:13:c2:75:e7:de:e7:c9:73:df:d7:bb:
fd:d6:f8:5b:df:c4:a3:4f:86:e9:4f:2f:32:e8:b9:
3c:e2:e9:c0:ba:e4:db:cc:95:a5:86:30:37:40:73:
aa:d9:b7:e1:b9:43:fe:9d:1c:52:e7:b1:4c:93:8c:
3d:59:19:3b:9d:b9:12:1a:dc:c3:58:86:2f:5d:ed:
26:18:11:2e:ac:1a:ff:da:32:84:fd:a8:4d:c1:35:
14:1c:32:9e:64:77:cc:11:a5:3e:94:7e:22:c4:ee:
e1:9d:bf:21:0d:1f:18:82:c3:9f:fe:55:20:fb:60:
a5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:AA:16:00:F8:4D:01:99:61:1B:99:C0:12:2E:79:54:54:FB:D2:A2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oKoWAPhNAZlhG5nAEi55VFT70qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.61.0/24
163.5.91.0/24
163.5.141.0/24
163.5.239.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:a2:1c:7b:69:50:d3:93:38:47:0f:eb:c9:01:f7:0a:7d:d3:
86:60:6d:e1:d0:18:e7:46:fa:6f:40:66:3a:50:ae:2c:68:64:
d2:65:0a:47:5e:cb:55:77:79:2b:ac:8a:a7:fd:db:73:d8:1a:
71:35:07:b5:1d:ba:81:06:59:a0:d6:3e:a8:77:c9:ea:5c:10:
94:ad:dd:92:1a:74:bd:ec:3c:5c:e8:44:4d:1a:db:95:de:22:
ce:e0:77:39:5b:27:1d:4c:44:aa:d4:0f:4c:f7:32:b2:27:10:
a9:18:7c:92:04:44:bd:97:0f:50:db:c3:f3:e4:8b:45:e0:23:
85:72:19:f2:f1:ad:8f:85:a2:f8:ca:a5:46:33:1e:7e:3f:20:
8e:ec:fb:27:14:ea:d1:e1:bf:cc:cb:f3:ca:ae:fa:03:41:4f:
08:8d:2e:64:0e:1a:d6:34:0f:ed:53:c5:01:da:54:26:92:71:
51:08:ec:b9:16:5a:75:f2:e7:a1:fe:7d:b5:f0:43:05:21:fa:
14:d3:5f:8c:83:a4:88:5d:2e:5c:47:0e:96:8b:83:70:46:41:
33:7e:b2:58:34:4a:d9:07:5e:ac:68:31:e5:83:85:d6:b3:fb:
e8:57:b4:f9:20:bd:f4:05:b7:76:ce:98:4d:08:fd:9b:22:16:
14:1e:e2:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYz0bR7pkMMyC901nargQsG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTEwMTczMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGFhMTYwMGY4NGQwMTk5NjExYjk5YzAxMjJlNzk1NDU0ZmJkMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Z6NHwxVK9YM5F/feyae79s8Y0YV
JmSs9g3LWOSWDIf9tHMXFFJ1tIg3JgsPIu7FqqnlS5MpCAxTQyriLhWwFmXTZsDp
UCS4IXEHRNGyEUYn/Hkwkb81hSHEq5XglN4rpC59TuKzBJkNAMGStoNH/xgEnKyQ
6ozwOScWEDh/OmnUcEag9Dqz5kolE8J1597nyXPf17v91vhb38SjT4bpTy8y6Lk8
4unAuuTbzJWlhjA3QHOq2bfhuUP+nRxS57FMk4w9WRk7nbkSGtzDWIYvXe0mGBEu
rBr/2jKE/ahNwTUUHDKeZHfMEaU+lH4ixO7hnb8hDR8YgsOf/lUg+2ClHwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKCqFgD4TQGZYRuZwBIueVRU+9KiMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvb0tvV0FQaE5BWmxoRzVuQUVpNTVWRlQ3MHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowU9AwQA
owVbAwQAowWNAwQAowXvAwQAowX/MA0GCSqGSIb3DQEBCwUAA4IBAQBuohx7aVDT
kzhHD+vJAfcKfdOGYG3h0BjnRvpvQGY6UK4saGTSZQpHXstVd3krrIqn/dtz2Bpx
NQe1HbqBBlmg1j6od8nqXBCUrd2SGnS97Dxc6ERNGtuV3iLO4Hc5WycdTESq1A9M
9zKyJxCpGHySBES9lw9Q28Pz5ItF4COFchny8a2PhaL4yqVGMx5+PyCO7PsnFOrR
4b/My/PKrvoDQU8IjS5kDhrWNA/tU8UB2lQmknFRCOy5Flp18ueh/n218EMFIfoU
01+Mg6SIXS5cRw6Wi4NwRkEzfrJYNErZB16saDHlg4XWs/voV7T5IL30Bbd2zphN
CP2bIhYUHuI5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org