Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pGwU27zCY7PiDNNtwlkk246cNY0.roa
File: pGwU27zCY7PiDNNtwlkk246cNY0.roa (raw, json)
Hash identifier: JsSL1ziCp+5gaQmIA2kE+7fepUfTiFyjHYK8GN1kzBY=
Subject key identifier: A4:6C:14:DB:BC:C2:63:B3:E2:0C:D3:6D:C2:59:24:DB:8E:9C:35:8D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018EDBDD25AB654357FDD522EE4DCBBF50C7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pGwU27zCY7PiDNNtwlkk246cNY0.roa
Signing time: Sun 14 Apr 2024 09:08:07 +0000
ROA not before: Sun 14 Apr 2024 09:08:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 19:40:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:dd:25:ab:65:43:57:fd:d5:22:ee:4d:cb:bf:50:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 14 09:08:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a46c14dbbcc263b3e20cd36dc25924db8e9c358d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0f:33:78:e4:9b:81:48:27:38:c3:67:1e:2b:
8e:3d:d8:7e:64:7d:93:3a:26:8a:b0:2a:bd:df:24:
f8:5f:1a:9c:90:d4:eb:85:ab:82:b2:7e:3c:c9:25:
67:c6:6d:65:52:4d:36:e0:fc:08:32:9a:cb:0f:cf:
f3:57:67:f8:57:7d:72:ea:f5:ec:a9:20:f2:df:34:
4f:4c:43:57:14:5b:c8:4b:df:8b:25:53:2d:01:fa:
d3:e8:0b:de:22:a2:f7:40:2c:c9:2d:86:5a:65:d7:
60:20:55:23:a9:b0:99:06:cb:1f:e9:03:49:7d:f8:
14:3c:8a:2b:fd:19:fb:ec:f7:0c:2b:fe:cd:4f:a1:
52:37:7d:26:8e:a8:46:a8:ad:6c:70:27:e0:2a:b0:
5d:55:fb:3a:22:9e:89:5f:be:a6:16:53:00:1b:4e:
e5:6e:af:e6:1c:b1:53:47:93:52:b5:61:b4:88:5c:
2d:10:19:86:d4:72:51:2b:5f:23:b1:5b:91:67:c2:
27:ed:3d:d2:f0:1f:c2:85:c9:83:49:67:09:aa:e3:
65:b0:d0:0c:9d:c2:6d:45:67:bf:b1:8a:84:a5:84:
03:94:5e:62:d6:d5:a8:17:7e:5e:95:bc:de:aa:38:
2e:b6:23:a4:25:ed:dd:d9:15:0f:59:e8:87:52:71:
8e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6C:14:DB:BC:C2:63:B3:E2:0C:D3:6D:C2:59:24:DB:8E:9C:35:8D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pGwU27zCY7PiDNNtwlkk246cNY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.86.0/24
163.5.97.0/24
163.5.118.0/24
163.5.136.0/24
163.5.211.0/24
Signature Algorithm: sha256WithRSAEncryption
14:f9:e4:e7:98:38:3b:59:48:d2:72:6e:fe:38:7e:7a:3f:e2:
b7:64:49:a8:44:8d:12:37:e8:e9:d4:87:93:36:66:fe:64:c9:
8f:7f:2b:7b:8f:a9:7d:20:0b:df:0c:b0:38:e6:a0:72:76:88:
65:75:02:c4:27:ae:6e:dc:66:ce:d3:34:bf:16:57:23:a4:d8:
e8:29:12:42:fe:e4:88:fe:27:df:75:5e:2f:5e:00:8f:b9:09:
9c:5d:fa:80:bb:06:cc:e0:65:bc:d2:9c:24:df:71:f0:32:65:
ae:12:64:47:7c:aa:8c:82:07:35:fc:a2:16:14:4f:83:2e:1a:
1a:c2:27:da:50:fb:f7:dc:30:fa:22:5b:91:fb:fa:a1:8b:59:
40:b2:44:85:df:04:75:71:41:51:ec:d2:33:17:70:d0:65:b2:
57:bc:d6:3d:f3:8f:6b:1d:4d:2c:6e:fe:41:fe:32:cb:5b:d0:
2e:9e:9f:ee:49:68:ba:4c:45:59:6a:01:72:b8:ed:f7:72:51:
0a:65:b6:b9:ca:8f:40:20:23:02:e2:b6:0d:9a:28:bc:d4:69:
46:d3:97:a5:ac:1a:1a:9c:b7:14:ec:b7:6d:17:7e:c9:64:52:
3a:dd:5a:60:e1:0c:c9:06:e8:8f:09:2f:f6:96:cf:93:1d:50:
11:6c:c6:ee
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7b3SWrZUNX/dUi7k3Lv1DHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDE0MDkwODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZjMTRkYmJjYzI2M2IzZTIwY2QzNmRjMjU5MjRkYjhlOWMzNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0A8zeOSbgUgnOMNnHiuOPdh+ZH2T
OiaKsCq93yT4XxqckNTrhauCsn48ySVnxm1lUk024PwIMprLD8/zV2f4V31y6vXs
qSDy3zRPTENXFFvIS9+LJVMtAfrT6AveIqL3QCzJLYZaZddgIFUjqbCZBssf6QNJ
ffgUPIor/Rn77PcMK/7NT6FSN30mjqhGqK1scCfgKrBdVfs6Ip6JX76mFlMAG07l
bq/mHLFTR5NStWG0iFwtEBmG1HJRK18jsVuRZ8In7T3S8B/ChcmDSWcJquNlsNAM
ncJtRWe/sYqEpYQDlF5i1tWoF35elbzeqjgutiOkJe3d2RUPWeiHUnGOiQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKRsFNu8wmOz4gzTbcJZJNuOnDWNMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcEd3VTI3ekNZN1BpRE5OdHdsa2syNDZjTlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowVWAwQA
owVhAwQAowV2AwQAowWIAwQAowXTMA0GCSqGSIb3DQEBCwUAA4IBAQAU+eTnmDg7
WUjScm7+OH56P+K3ZEmoRI0SN+jp1IeTNmb+ZMmPfyt7j6l9IAvfDLA45qBydohl
dQLEJ65u3GbO0zS/FlcjpNjoKRJC/uSI/iffdV4vXgCPuQmcXfqAuwbM4GW80pwk
33HwMmWuEmRHfKqMggc1/KIWFE+DLhoawifaUPv33DD6IluR+/qhi1lAskSF3wR1
cUFR7NIzF3DQZbJXvNY9849rHU0sbv5B/jLLW9Aunp/uSWi6TEVZagFyuO33clEK
Zba5yo9AICMC4rYNmii81GlG05elrBoanLcU7LdtF37JZFI63Vpg4QzJBuiPCS/2
ls+THVARbMbu
-----END CERTIFICATE-----
Generated at Tue Apr 16 22:05:09 2024 by rpki-client on console-ams.rpki-client.org