Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uE5-oR6iOwxkDVl1PR85MYo-hAU.roa
File: uE5-oR6iOwxkDVl1PR85MYo-hAU.roa (raw, json)
Hash identifier: 1uZYU+3afowf4jykacJP7yb7EW5KUCx1SFBCN/SCSGU=
Subject key identifier: B8:4E:7E:A1:1E:A2:3B:0C:64:0D:59:75:3D:1F:39:31:8A:3E:84:05
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0193C1F9060E299E3089AAE2B393602B1CF5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uE5-oR6iOwxkDVl1PR85MYo-hAU.roa
Signing time: Fri 13 Dec 2024 21:42:22 +0000
ROA not before: Fri 13 Dec 2024 21:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 163.5.47.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c1:f9:06:0e:29:9e:30:89:aa:e2:b3:93:60:2b:1c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 13 21:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b84e7ea11ea23b0c640d59753d1f39318a3e8405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:65:d6:12:9d:e2:ac:a9:8b:f0:69:a1:bd:a6:
5d:3d:ab:85:e0:15:b4:b3:fc:93:32:cd:60:0b:d5:
b0:cd:d8:b2:ce:ac:51:08:fc:a3:a3:fe:a5:bb:bd:
c8:ad:a4:75:d8:7e:17:c0:81:04:b1:e9:2a:41:f9:
03:cb:d8:0f:ab:fc:ae:55:a9:33:ff:a8:21:42:f9:
55:61:e1:48:4d:9c:30:a4:2a:2f:dc:54:6b:6f:1a:
1a:4b:93:f0:59:e9:73:49:6b:61:74:0e:9b:05:1e:
4d:c1:21:3c:6e:1e:1f:46:1a:34:1c:40:03:72:9f:
cc:c2:ca:22:60:72:39:ab:4b:f3:14:62:39:0b:a6:
52:71:d8:f3:06:f5:c6:d1:50:2b:67:80:bf:e0:95:
ab:41:35:17:b9:d4:fc:7c:55:1f:a8:4f:8d:e5:ec:
b3:c4:5f:e6:5e:cb:6d:b6:23:b5:a7:8f:67:76:6b:
90:15:7c:bc:88:7e:cd:4e:31:11:25:fd:18:c0:73:
8b:ec:30:f2:7b:9e:5a:29:4e:76:9a:0b:38:37:6c:
15:51:dc:e8:a0:a2:3e:f1:a0:75:f7:d3:dc:5f:63:
3d:0c:12:3f:f7:d5:85:c9:2f:67:09:64:08:f8:66:
66:59:74:71:f2:e0:88:78:60:34:d8:f5:5b:c4:a9:
31:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4E:7E:A1:1E:A2:3B:0C:64:0D:59:75:3D:1F:39:31:8A:3E:84:05
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uE5-oR6iOwxkDVl1PR85MYo-hAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.47.0/24
163.5.192.0/23
163.5.195.0/24
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
53:1b:a6:66:91:5a:ab:c2:c0:b9:72:ac:49:3a:f6:5a:16:e0:
c4:21:bb:61:11:6f:8a:45:1a:fd:57:5c:4f:44:6b:14:1a:f1:
30:63:6a:3f:bc:43:32:84:02:7d:88:a7:9e:ef:05:89:6b:e7:
28:f8:c1:d2:8c:d2:0b:a8:1e:09:30:24:74:fa:1e:5a:8c:26:
e5:9c:b4:54:1a:95:da:c1:9a:49:81:5c:aa:26:de:7a:16:96:
b7:9d:09:56:5a:d6:a3:d1:04:8e:35:90:9b:4a:6d:d8:b5:57:
ef:2e:dc:70:45:59:8c:7c:f2:ae:47:1c:0c:3e:1a:9c:1e:89:
fb:a5:d0:e4:3f:10:65:cb:f1:6e:9d:80:2d:f8:12:8a:19:50:
92:c9:d4:5a:72:2f:9b:ac:bd:aa:4b:09:c2:39:63:22:48:9e:
5a:1a:85:cc:81:c4:c1:3c:ac:2f:54:c9:a5:9d:71:5e:95:eb:
42:32:e7:e4:72:ab:87:df:fc:66:c5:f5:90:4e:f0:eb:a1:dc:
2d:b7:8d:08:61:cd:2e:cb:d1:7a:fa:f1:90:9d:ce:26:b7:6e:
57:bc:b3:6f:fa:86:eb:6e:53:46:c0:63:97:8d:e0:2a:0b:6f:
bb:e2:62:9a:6b:ac:26:ea:87:86:a1:d3:80:03:2d:aa:1e:2b:
2e:c2:d8:a4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZPB+QYOKZ4wiaris5NgKxz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMjEzMjE0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODRlN2VhMTFlYTIzYjBjNjQwZDU5NzUzZDFmMzkzMThhM2U4NDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWXWEp3irKmL8GmhvaZdPauF4BW0
s/yTMs1gC9WwzdiyzqxRCPyjo/6lu73IraR12H4XwIEEsekqQfkDy9gPq/yuVakz
/6ghQvlVYeFITZwwpCov3FRrbxoaS5PwWelzSWthdA6bBR5NwSE8bh4fRho0HEAD
cp/MwsoiYHI5q0vzFGI5C6ZScdjzBvXG0VArZ4C/4JWrQTUXudT8fFUfqE+N5eyz
xF/mXstttiO1p49ndmuQFXy8iH7NTjERJf0YwHOL7DDye55aKU52mgs4N2wVUdzo
oKI+8aB199PcX2M9DBI/99WFyS9nCWQI+GZmWXRx8uCIeGA02PVbxKkxFwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLhOfqEeojsMZA1ZdT0fOTGKPoQFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdUU1LW9SNmlPd3hrRFZsMVBSODVNWW8taEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowUvAwQB
owXAAwQAowXDMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAFMbpmaR
WqvCwLlyrEk69loW4MQhu2ERb4pFGv1XXE9EaxQa8TBjaj+8QzKEAn2Ip57vBYlr
5yj4wdKM0guoHgkwJHT6HlqMJuWctFQaldrBmkmBXKom3noWlredCVZa1qPRBI41
kJtKbdi1V+8u3HBFWYx88q5HHAw+Gpweiful0OQ/EGXL8W6dgC34EooZUJLJ1Fpy
L5usvapLCcI5YyJInloahcyBxME8rC9UyaWdcV6V60Iy5+Ryq4ff/GbF9ZBO8Ouh
3C23jQhhzS7L0Xr68ZCdzia3ble8s2/6hutuU0bAY5eN4CoLb7viYpprrCbqh4ah
04ADLaoeKy7C2KQ=
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:28:01 2025 by rpki-client