Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uQw2jfmxCLALsE0RKpuY-eWq-w4.roa
File: uQw2jfmxCLALsE0RKpuY-eWq-w4.roa (raw, json)
Hash identifier: EEKQlky9YtLDFCgr1MreMAg6M6fSDZ3sn5JvwKaNh68=
Subject key identifier: B9:0C:36:8D:F9:B1:08:B0:0B:B0:4D:11:2A:9B:98:F9:E5:AA:FB:0E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018E2D411B8E5874B26E5A7ED6BE22EBEA51
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uQw2jfmxCLALsE0RKpuY-eWq-w4.roa
Signing time: Mon 11 Mar 2024 11:23:45 +0000
ROA not before: Mon 11 Mar 2024 11:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 163.5.154.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Apr 2024 16:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:41:1b:8e:58:74:b2:6e:5a:7e:d6:be:22:eb:ea:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 11 11:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b90c368df9b108b00bb04d112a9b98f9e5aafb0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c9:12:93:5d:0e:86:8e:a4:06:e4:02:ea:62:
cd:0d:73:14:ca:67:6d:93:72:6e:db:a4:76:5a:d1:
6c:d5:a0:30:a1:21:4e:8a:ab:0c:81:60:96:57:37:
f4:84:ae:af:56:e5:29:b5:4b:68:bc:90:b3:15:60:
fe:72:6f:65:55:a7:78:72:c0:4b:ac:ca:02:82:bf:
4d:0e:cd:df:d1:4a:d7:90:14:25:97:47:bd:9e:32:
24:6a:34:e5:88:58:c2:86:8f:ed:3b:d4:66:2e:a7:
0e:27:8f:5b:12:fe:84:9d:b1:a0:5f:a8:8a:ff:74:
38:db:02:eb:a2:0f:70:40:cd:76:e0:3e:03:9f:74:
fe:cb:2d:bd:d0:61:57:2b:05:1c:57:6b:75:71:4a:
ab:c8:15:dc:c8:2d:3c:28:ba:f4:38:ad:5a:a9:b0:
66:08:63:27:b4:55:64:2c:0e:62:91:93:96:9f:bb:
e6:b3:05:6d:f6:18:ef:0f:2f:4e:dd:3b:8f:9f:ef:
cd:97:8f:40:a9:3b:e8:16:9e:b3:4f:02:30:b4:2e:
ce:cb:29:07:1f:c3:f0:d5:7b:17:31:69:2f:61:f0:
59:c3:22:28:27:13:51:28:ac:87:94:0e:08:a6:62:
d1:ef:03:ca:4d:b7:ea:f9:87:2d:bd:53:df:25:4e:
21:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:0C:36:8D:F9:B1:08:B0:0B:B0:4D:11:2A:9B:98:F9:E5:AA:FB:0E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uQw2jfmxCLALsE0RKpuY-eWq-w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.154.0/24
163.5.192.0/23
163.5.195.0/24
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
7c:82:e0:30:64:dc:58:f3:d1:10:6a:5e:01:ca:c6:a0:7c:86:
f8:eb:66:a0:1a:bb:67:dd:a8:b2:3b:68:87:06:c5:e9:4a:5c:
82:03:60:19:ae:d3:7f:0c:9b:1e:47:23:55:e4:02:62:63:21:
e1:1e:a5:4d:ab:69:83:24:5f:d3:cc:52:d8:b8:fc:07:4e:63:
8b:ce:95:80:51:92:33:c5:44:f5:32:1e:f3:0e:72:04:21:73:
75:ee:86:ca:c4:77:57:86:a1:17:fc:4a:7e:bb:69:46:c2:b8:
f7:e7:4a:6e:23:9c:e9:65:cc:f0:57:42:72:71:07:91:e3:be:
dc:b9:55:c6:d8:90:db:10:6f:ac:32:58:f3:5a:15:55:63:de:
c7:3d:41:97:26:ad:5a:60:0e:55:9f:5d:93:b5:d0:42:5d:c3:
7b:82:a7:6b:c9:17:d6:ac:ad:73:fa:d8:a6:6b:17:10:59:eb:
2e:cf:1a:bb:44:af:56:4c:3a:22:ce:4f:4a:58:97:82:9e:d5:
62:5e:b8:1b:4a:09:9e:9f:87:c0:54:63:22:48:7a:03:95:da:
3c:4d:67:86:ed:bc:32:f8:23:c6:ff:75:2c:e2:92:36:a3:b4:
be:e4:3a:1f:f2:ba:56:41:50:81:0d:7f:e3:83:52:ca:82:01:
a9:be:ce:71
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY4tQRuOWHSyblp+1r4i6+pRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMzExMTEyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTBjMzY4ZGY5YjEwOGIwMGJiMDRkMTEyYTliOThmOWU1YWFmYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnckSk10Oho6kBuQC6mLNDXMUymdt
k3Ju26R2WtFs1aAwoSFOiqsMgWCWVzf0hK6vVuUptUtovJCzFWD+cm9lVad4csBL
rMoCgr9NDs3f0UrXkBQll0e9njIkajTliFjCho/tO9RmLqcOJ49bEv6EnbGgX6iK
/3Q42wLrog9wQM124D4Dn3T+yy290GFXKwUcV2t1cUqryBXcyC08KLr0OK1aqbBm
CGMntFVkLA5ikZOWn7vmswVt9hjvDy9O3TuPn+/Nl49AqTvoFp6zTwIwtC7OyykH
H8Pw1XsXMWkvYfBZwyIoJxNRKKyHlA4IpmLR7wPKTbfq+YctvVPfJU4h/QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLkMNo35sQiwC7BNESqbmPnlqvsOMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdVF3MmpmbXhDTEFMc0UwUktwdVktZVdxLXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowWaAwQB
owXAAwQAowXDMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAHyC4DBk
3Fjz0RBqXgHKxqB8hvjrZqAau2fdqLI7aIcGxelKXIIDYBmu038Mmx5HI1XkAmJj
IeEepU2raYMkX9PMUti4/AdOY4vOlYBRkjPFRPUyHvMOcgQhc3XuhsrEd1eGoRf8
Sn67aUbCuPfnSm4jnOllzPBXQnJxB5Hjvty5VcbYkNsQb6wyWPNaFVVj3sc9QZcm
rVpgDlWfXZO10EJdw3uCp2vJF9asrXP62KZrFxBZ6y7PGrtEr1ZMOiLOT0pYl4Ke
1WJeuBtKCZ6fh8BUYyJIegOV2jxNZ4btvDL4I8b/dSzikjajtL7kOh/yulZBUIEN
f+ODUsqCAam+znE=
-----END CERTIFICATE-----
Generated at Sun Apr 7 17:30:20 2024 by rpki-client on console-ams.rpki-client.org