Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uhGQqgEglHFS3SzIYbHKfYZIyMo.roa
File: uhGQqgEglHFS3SzIYbHKfYZIyMo.roa (raw, json)
Hash identifier: w8akvYDRVU6s0zkyCqgagLv7qraUrTZP2hC2MI+11kc=
Subject key identifier: BA:11:90:AA:01:20:94:71:52:DD:2C:C8:61:B1:CA:7D:86:48:C8:CA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC4254EA1BA81215DBA913A5720FD617A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uhGQqgEglHFS3SzIYbHKfYZIyMo.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.186.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4e:a1:ba:81:21:5d:ba:91:3a:57:20:fd:61:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba1190aa0120947152dd2cc861b1ca7d8648c8ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7f:ba:8f:ec:7d:3f:b3:7f:2a:72:cf:63:31:
5b:0b:11:5a:43:69:42:5d:83:5a:1a:a0:68:f4:1a:
f0:f7:18:ae:74:03:81:ae:fa:c0:ba:87:fa:17:60:
c9:8b:69:45:79:72:a9:d9:df:6c:57:f7:03:3a:68:
58:b1:4c:37:09:67:8c:96:f7:33:cc:4b:60:f6:07:
fb:07:7e:46:a7:24:c2:08:e3:02:39:e3:63:da:e2:
89:0f:61:87:d8:0f:2c:be:53:c4:99:5e:c1:c8:81:
16:f9:50:d2:42:0d:cf:61:b0:a5:63:12:70:b1:ad:
6d:17:cf:8f:43:4d:33:14:15:66:ad:11:b5:85:7e:
8b:b0:8e:01:52:6f:10:4b:35:2e:8e:a2:c2:77:75:
4f:d3:4c:fc:b7:5e:d0:3e:9d:ee:62:60:7c:eb:6e:
89:82:b7:51:ac:9f:22:35:ca:27:53:24:b9:68:61:
5b:ac:73:ad:e4:32:b9:12:db:06:5e:a5:8f:99:2c:
21:d6:7d:17:d3:44:71:5c:99:7c:c5:d3:1f:ba:c6:
a8:89:7e:af:31:c5:aa:e8:33:9a:91:7b:13:d6:ca:
f7:84:91:cc:41:f5:b8:62:fc:a2:9a:29:17:7f:61:
f2:c2:72:5a:11:09:e0:38:56:9b:69:1d:92:1f:4a:
1a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:11:90:AA:01:20:94:71:52:DD:2C:C8:61:B1:CA:7D:86:48:C8:CA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uhGQqgEglHFS3SzIYbHKfYZIyMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.156.0/24
163.5.168.0/24
163.5.170.0/24
163.5.186.0/24
163.5.220.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:a2:28:14:cc:2a:6d:b5:cb:04:5c:a9:33:b8:ca:52:c8:ad:
51:5d:f1:2c:04:e0:42:39:c0:60:dc:6c:77:a3:14:12:f1:28:
75:26:19:ed:e1:8e:e7:60:35:b5:84:9c:f7:76:16:d8:72:bd:
08:d7:94:27:63:60:f0:80:f0:26:7c:34:72:4e:c8:92:21:65:
8b:42:a6:c4:02:bd:13:fa:f3:be:57:1f:3e:f6:dc:53:db:2b:
de:2b:81:cf:9b:4b:6d:26:92:9f:96:26:f4:91:b5:a4:ba:a1:
79:e0:b9:8f:17:24:b3:19:23:9c:b7:5f:68:c5:93:8f:46:50:
f0:bb:2b:97:b3:2f:28:1c:6d:dd:8a:8d:b5:7a:d8:32:bc:94:
f6:5d:bc:46:58:b4:c8:44:74:4d:c7:04:4f:ce:28:1d:8d:47:
fb:f1:2c:90:33:07:f5:a2:d1:20:ed:a9:82:dd:bd:4d:cc:59:
b9:ac:03:1b:26:aa:8a:89:7a:a8:95:df:10:b6:ed:e1:4c:ad:
60:e9:1e:b3:71:dd:a6:51:f4:47:66:5f:1a:f8:17:a2:58:53:
62:df:cb:e3:76:64:79:a9:0b:b0:98:1f:af:f1:92:fa:89:6d:
06:d1:c5:da:ed:42:8c:ce:89:13:f7:15:21:af:d3:8e:67:d6:
71:aa:b8:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJU6huoEhXbqROlcg/WF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTExOTBhYTAxMjA5NDcxNTJkZDJjYzg2MWIxY2E3ZDg2NDhjOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH+6j+x9P7N/KnLPYzFbCxFaQ2lC
XYNaGqBo9Brw9xiudAOBrvrAuof6F2DJi2lFeXKp2d9sV/cDOmhYsUw3CWeMlvcz
zEtg9gf7B35GpyTCCOMCOeNj2uKJD2GH2A8svlPEmV7ByIEW+VDSQg3PYbClYxJw
sa1tF8+PQ00zFBVmrRG1hX6LsI4BUm8QSzUujqLCd3VP00z8t17QPp3uYmB8626J
grdRrJ8iNconUyS5aGFbrHOt5DK5EtsGXqWPmSwh1n0X00RxXJl8xdMfusaoiX6v
McWq6DOakXsT1sr3hJHMQfW4YvyimikXf2HywnJaEQngOFabaR2SH0oaBwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLoRkKoBIJRxUt0syGGxyn2GSMjKMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdWhHUXFnRWdsSEZTM1N6SVliSEtmWVpJeU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowWcAwQA
owWoAwQAowWqAwQAowW6AwQAowXcMA0GCSqGSIb3DQEBCwUAA4IBAQCgoigUzCpt
tcsEXKkzuMpSyK1RXfEsBOBCOcBg3Gx3oxQS8Sh1Jhnt4Y7nYDW1hJz3dhbYcr0I
15QnY2DwgPAmfDRyTsiSIWWLQqbEAr0T+vO+Vx8+9txT2yveK4HPm0ttJpKflib0
kbWkuqF54LmPFySzGSOct19oxZOPRlDwuyuXsy8oHG3dio21etgyvJT2XbxGWLTI
RHRNxwRPzigdjUf78SyQMwf1otEg7amC3b1NzFm5rAMbJqqKiXqold8Qtu3hTK1g
6R6zcd2mUfRHZl8a+BeiWFNi38vjdmR5qQuwmB+v8ZL6iW0G0cXa7UKMzokT9xUh
r9OOZ9ZxqrgQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:40 2024 by rpki-client on console-ams.rpki-client.org