Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tX7SmQgchKHcMx4rV4S6hktt-eA.roa
File: tX7SmQgchKHcMx4rV4S6hktt-eA.roa (raw, json)
Hash identifier: gc+Lb/ExoDRgYT0GLeEe9KfdomFwI3TyEjKpjz1wl1Q=
Subject key identifier: B5:7E:D2:99:08:1C:84:A1:DC:33:1E:2B:57:84:BA:86:4B:6D:F9:E0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01934F8C8850B52373CDE3FC3048D5E72400
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tX7SmQgchKHcMx4rV4S6hktt-eA.roa
Signing time: Thu 21 Nov 2024 16:27:10 +0000
ROA not before: Thu 21 Nov 2024 16:27:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 163.5.58.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4f:8c:88:50:b5:23:73:cd:e3:fc:30:48:d5:e7:24:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 21 16:27:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b57ed299081c84a1dc331e2b5784ba864b6df9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:39:ee:34:cc:0f:fe:95:42:e7:08:1c:47:0b:
e0:da:34:24:bb:5f:a6:a1:78:40:5c:54:7b:ff:31:
02:2d:e9:3a:6f:0c:d4:3e:86:81:76:61:50:e3:cf:
dc:81:c7:8d:46:02:aa:21:4e:a4:52:0a:40:68:3c:
17:45:22:1b:e3:ea:fb:8d:70:21:4b:25:6b:44:76:
41:af:6d:48:95:d4:f7:e3:4a:92:0e:0d:9c:de:10:
69:47:5e:1f:64:fc:43:94:ab:e3:4f:07:52:c7:83:
1c:e7:d8:40:74:0b:ae:94:18:e6:bc:d4:3e:cf:ec:
56:37:2d:0a:fc:b3:af:a8:f3:3b:2b:e2:e7:56:15:
05:e1:dc:31:df:e6:69:68:9e:3f:b5:85:fb:5a:dc:
e2:df:bf:00:05:52:c7:db:71:62:0b:40:66:29:ed:
ee:ee:1a:9d:26:72:d4:27:8e:70:3d:f6:00:0e:e5:
d3:2c:f0:f7:79:bb:7b:7e:c6:5e:bf:43:3a:3e:37:
58:6d:c6:bc:bf:d6:f4:86:49:ca:46:dd:aa:cb:06:
10:bb:9a:14:c0:52:3c:d1:0e:51:34:69:c5:a0:f8:
d1:53:46:9e:b6:60:74:74:12:80:1d:9d:76:51:28:
9f:72:fa:e2:ae:2b:bb:db:53:4c:a7:28:d9:59:9f:
2e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7E:D2:99:08:1C:84:A1:DC:33:1E:2B:57:84:BA:86:4B:6D:F9:E0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tX7SmQgchKHcMx4rV4S6hktt-eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.58.0/24
163.5.71.0/24
163.5.125.0/24
163.5.132.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:37:22:e1:be:b9:7d:ef:f1:17:cc:cf:bb:ea:7c:c5:28:54:
94:56:97:4d:8a:16:54:93:bb:af:43:e7:9a:ce:fa:18:01:35:
a4:5d:14:a0:5c:60:2d:a6:99:13:15:bc:b4:29:8e:a6:79:f4:
a7:af:f1:16:3b:4d:86:ee:25:67:1c:c2:d6:b6:6f:6d:a4:10:
ec:1e:0a:72:8d:07:09:fd:46:8f:27:1c:52:29:ba:b1:1e:b8:
e2:26:30:40:ae:db:b9:b7:b0:23:68:85:70:f6:13:b6:51:03:
4b:6a:06:f1:a1:bf:14:07:23:61:c9:37:86:8d:b7:f1:27:c5:
04:7a:cc:dd:8a:ad:db:ed:8b:3d:8f:da:5c:14:53:6c:b1:3d:
da:24:73:dc:8f:22:99:f5:b3:9c:f7:f2:f2:89:c9:4e:8f:80:
07:c4:80:37:f4:70:c9:4e:ed:a6:18:29:06:47:2d:94:39:b8:
03:a1:11:6b:f6:af:e1:aa:d8:b0:30:20:74:2c:98:0a:33:4b:
01:03:37:e6:f2:a8:74:81:a9:50:17:72:7c:20:f2:c3:fa:4d:
29:35:e5:4c:65:32:8e:82:70:05:d9:5d:44:50:b2:a0:72:50:
96:1c:69:40:fd:da:b0:51:f1:82:0d:48:15:ba:c2:d1:e6:bb:
29:20:df:68
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZNPjIhQtSNzzeP8MEjV5yQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTIxMTYyNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdlZDI5OTA4MWM4NGExZGMzMzFlMmI1Nzg0YmE4NjRiNmRmOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jnuNMwP/pVC5wgcRwvg2jQku1+m
oXhAXFR7/zECLek6bwzUPoaBdmFQ48/cgceNRgKqIU6kUgpAaDwXRSIb4+r7jXAh
SyVrRHZBr21IldT340qSDg2c3hBpR14fZPxDlKvjTwdSx4Mc59hAdAuulBjmvNQ+
z+xWNy0K/LOvqPM7K+LnVhUF4dwx3+ZpaJ4/tYX7Wtzi378ABVLH23FiC0BmKe3u
7hqdJnLUJ45wPfYADuXTLPD3ebt7fsZev0M6PjdYbca8v9b0hknKRt2qywYQu5oU
wFI80Q5RNGnFoPjRU0aetmB0dBKAHZ12USifcvririu721NMpyjZWZ8uDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLV+0pkIHISh3DMeK1eEuoZLbfngMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdFg3U21RZ2NoS0hjTXg0clY0UzZoa3R0LWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowU6AwQA
owVHAwQAowV9AwQAowWEMA0GCSqGSIb3DQEBCwUAA4IBAQAfNyLhvrl97/EXzM+7
6nzFKFSUVpdNihZUk7uvQ+eazvoYATWkXRSgXGAtppkTFby0KY6mefSnr/EWO02G
7iVnHMLWtm9tpBDsHgpyjQcJ/UaPJxxSKbqxHrjiJjBArtu5t7AjaIVw9hO2UQNL
agbxob8UByNhyTeGjbfxJ8UEeszdiq3b7Ys9j9pcFFNssT3aJHPcjyKZ9bOc9/Ly
iclOj4AHxIA39HDJTu2mGCkGRy2UObgDoRFr9q/hqtiwMCB0LJgKM0sBAzfm8qh0
galQF3J8IPLD+k0pNeVMZTKOgnAF2V1EULKgclCWHGlA/dqwUfGCDUgVusLR5rsp
IN9o
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:52:14 2025 by rpki-client