Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rQyShva9MWvJ2AsoA9BNd_pwgUY.roa
File: rQyShva9MWvJ2AsoA9BNd_pwgUY.roa (raw, json)
Hash identifier: J88VwA4Fiz8R3ZyFTBLTOu5uH39gGpD1NpcrjF4TwCI=
Subject key identifier: AD:0C:92:86:F6:BD:31:6B:C9:D8:0B:28:03:D0:4D:77:FA:70:81:46
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC425553845C6D90E1DC1F0E33B30C5DB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rQyShva9MWvJ2AsoA9BNd_pwgUY.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 163.5.221.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 12:51:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:55:38:45:c6:d9:0e:1d:c1:f0:e3:3b:30:c5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad0c9286f6bd316bc9d80b2803d04d77fa708146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:53:3b:ce:9b:25:b9:d3:45:1c:02:62:f8:e5:
ef:aa:fb:bb:43:77:91:08:34:eb:24:8f:27:81:b1:
42:19:1e:2a:b0:ad:80:85:dd:9d:a3:9f:f2:a3:5d:
b6:d7:81:61:17:d9:36:c7:5a:09:46:5c:1c:82:bb:
aa:12:7b:a5:ac:db:53:d5:20:57:1f:b0:34:4a:88:
35:7b:8b:dd:5a:2e:57:28:47:35:c4:a3:59:0c:24:
04:05:b5:06:60:49:21:fd:d7:02:f2:f1:95:c9:1a:
43:76:03:a6:2e:84:64:ab:8f:72:1d:1e:55:8e:f3:
d5:d9:b2:c1:2b:02:da:0e:78:da:6c:ee:f0:00:89:
24:80:02:a2:51:1b:e0:8d:59:74:12:54:02:0f:ad:
82:f6:77:6e:7c:5d:df:a5:8f:dd:fd:b4:fb:4c:11:
a5:30:a3:a8:7c:63:38:02:eb:a4:11:e6:f1:3d:4f:
4e:4d:04:3e:8b:e2:ce:da:45:a7:8a:54:72:c7:30:
78:90:e8:bf:02:0f:c4:95:93:25:b3:8e:3c:5f:06:
86:28:18:63:63:ca:6b:9a:db:85:93:5d:11:7e:3e:
6d:db:83:24:a6:f3:6d:4c:b9:47:53:78:f3:8f:f8:
26:23:62:63:80:af:c7:2d:f7:bb:6a:27:b0:94:fc:
a2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:0C:92:86:F6:BD:31:6B:C9:D8:0B:28:03:D0:4D:77:FA:70:81:46
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rQyShva9MWvJ2AsoA9BNd_pwgUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.62.0/24
163.5.142.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
77:0c:67:7e:90:2f:02:5b:54:3c:19:ce:a6:d0:e1:8c:34:0d:
7c:46:06:18:2a:03:9f:03:e1:23:17:f7:2f:80:1d:f8:98:4e:
53:ac:56:34:c7:82:f3:a1:f8:43:76:f7:b7:52:2a:77:b3:7b:
76:ad:dd:34:de:22:c6:8d:2b:c0:c3:62:b7:6f:1d:90:c0:f2:
22:27:eb:a0:bd:18:6f:89:1a:b5:9b:2a:56:53:1a:ae:9b:73:
a2:ef:27:e3:a9:e1:8a:ec:11:db:68:92:a3:f4:7b:ea:d1:72:
d6:4f:27:80:a3:65:92:21:80:1f:a1:60:34:44:ad:0a:84:1b:
e5:58:41:35:52:91:90:16:91:9e:93:ff:d6:f4:ad:76:58:70:
ee:82:77:6d:2f:12:41:a4:49:39:ff:f0:e6:e9:1b:32:21:21:
23:58:96:d3:3f:6e:65:3a:b0:b9:4c:22:ed:58:c9:f0:a6:11:
b4:7e:bb:2d:45:24:eb:80:05:82:c7:ef:9f:fd:e7:8d:7b:33:
db:62:8c:50:f6:01:23:c9:b5:dc:f0:38:92:1e:02:e9:91:d0:
92:13:e9:ef:a1:e9:a4:f0:e8:db:13:35:a9:17:90:2b:12:5a:
f6:89:64:0b:96:4a:6b:1d:fd:6b:0c:77:89:9a:5a:a0:d3:49:
03:bd:c7:64
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJVU4RcbZDh3B8OM7MMXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDBjOTI4NmY2YmQzMTZiYzlkODBiMjgwM2QwNGQ3N2ZhNzA4MTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1M7zpsludNFHAJi+OXvqvu7Q3eR
CDTrJI8ngbFCGR4qsK2Ahd2do5/yo12214FhF9k2x1oJRlwcgruqEnulrNtT1SBX
H7A0Sog1e4vdWi5XKEc1xKNZDCQEBbUGYEkh/dcC8vGVyRpDdgOmLoRkq49yHR5V
jvPV2bLBKwLaDnjabO7wAIkkgAKiURvgjVl0ElQCD62C9ndufF3fpY/d/bT7TBGl
MKOofGM4AuukEebxPU9OTQQ+i+LO2kWnilRyxzB4kOi/Ag/ElZMls448XwaGKBhj
Y8prmtuFk10Rfj5t24MkpvNtTLlHU3jzj/gmI2JjgK/HLfe7aiewlPyiqwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK0Mkob2vTFrydgLKAPQTXf6cIFGMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvclF5U2h2YTlNV3ZKMkFzb0E5Qk5kX3B3Z1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUfAwQA
owUjAwQAowU+AwQAowWOAwQAowXdMA0GCSqGSIb3DQEBCwUAA4IBAQB3DGd+kC8C
W1Q8Gc6m0OGMNA18RgYYKgOfA+EjF/cvgB34mE5TrFY0x4LzofhDdve3Uip3s3t2
rd003iLGjSvAw2K3bx2QwPIiJ+ugvRhviRq1mypWUxqum3Oi7yfjqeGK7BHbaJKj
9Hvq0XLWTyeAo2WSIYAfoWA0RK0KhBvlWEE1UpGQFpGek//W9K12WHDugndtLxJB
pEk5//Dm6RsyISEjWJbTP25lOrC5TCLtWMnwphG0frstRSTrgAWCx++f/eeNezPb
YoxQ9gEjybXc8DiSHgLpkdCSE+nvoemk8OjbEzWpF5ArElr2iWQLlkprHf1rDHeJ
mlqg00kDvcdk
-----END CERTIFICATE-----
Generated at Tue Feb 6 18:22:36 2024 by rpki-client on console-fra.rpki-client.org