Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uqiQg8ep8VTqJu8Ygn2a8Cm2HdI.roa
File: uqiQg8ep8VTqJu8Ygn2a8Cm2HdI.roa (raw, json)
Hash identifier: cJYuEJ0CnLXuxOWyh5CjYhuZu5J3fKe2kTLbIUsxNWo=
Subject key identifier: BA:A8:90:83:C7:A9:F1:54:EA:26:EF:18:82:7D:9A:F0:29:B6:1D:D2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D666B2CD9BD19D0721088A36FBECA2839
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uqiQg8ep8VTqJu8Ygn2a8Cm2HdI.roa
Signing time: Thu 01 Feb 2024 20:45:16 +0000
ROA not before: Thu 01 Feb 2024 20:45:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 163.5.51.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.54.0/24 maxlen: 24
163.5.56.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Mar 2024 15:21:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:66:6b:2c:d9:bd:19:d0:72:10:88:a3:6f:be:ca:28:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 1 20:45:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=baa89083c7a9f154ea26ef18827d9af029b61dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7f:42:3b:a2:bc:fb:ef:10:cb:d1:af:59:cc:
95:66:a6:2c:33:f9:1f:a0:5b:5a:64:7f:45:f3:42:
f5:c6:44:c0:6e:c3:2f:23:13:fe:ab:b7:01:75:4f:
e2:c6:71:48:4c:bf:82:28:ed:d9:ab:3c:af:b9:8b:
58:41:b0:27:e5:29:c8:ba:d8:46:6d:88:b0:42:af:
fa:cc:2e:32:aa:36:2e:cf:a9:44:a4:7f:87:4f:bc:
57:ae:d3:22:94:1f:31:35:1f:17:b3:b7:73:c5:0b:
36:ea:cf:01:db:74:43:91:fd:98:ad:6c:d7:61:25:
de:e3:06:17:14:5b:6b:ae:1f:99:45:3e:db:9c:92:
de:0b:48:8a:82:92:69:68:13:43:fb:26:50:ea:c9:
2e:4c:ec:d8:90:fa:b3:c1:ae:45:58:f0:e8:12:dc:
3d:a8:cc:78:1c:68:cb:ca:95:cf:d9:00:ad:dc:b8:
35:67:67:30:d4:a0:7f:83:3a:60:a6:f7:62:e1:ed:
2d:bb:d6:53:bc:9b:c7:95:b9:d5:39:7e:0b:df:0a:
9d:75:de:50:05:68:23:74:4a:50:d2:5d:13:6a:34:
a8:c0:56:34:3e:05:62:69:d6:8e:55:58:8d:8d:a3:
0d:7c:d1:4b:17:bf:2f:27:cc:25:da:a9:ac:1c:9d:
36:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A8:90:83:C7:A9:F1:54:EA:26:EF:18:82:7D:9A:F0:29:B6:1D:D2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uqiQg8ep8VTqJu8Ygn2a8Cm2HdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.51.0/24
163.5.53.0-163.5.54.255
163.5.56.0/24
163.5.176.0/24
Signature Algorithm: sha256WithRSAEncryption
16:58:79:f5:35:4a:7d:63:b1:17:cb:c7:06:59:8d:48:3b:62:
c4:59:25:30:7f:73:0b:bc:ce:87:56:db:21:c7:95:6d:0e:bc:
79:13:07:cb:6f:6a:eb:63:f0:75:e0:6e:9f:ff:09:bc:66:02:
75:71:d2:66:c3:1d:15:9c:c5:c3:36:57:90:28:45:80:7b:55:
d0:7c:62:c9:ba:6d:f9:eb:06:69:16:37:de:ef:0b:02:60:4a:
5f:f0:ec:d8:17:d2:e1:16:d4:02:8a:5d:e8:ce:1e:f9:5d:37:
df:c6:45:ab:dc:9e:a3:4d:64:1a:36:ac:b6:5b:b3:87:c1:b6:
1c:3c:1f:7b:33:e9:c5:c0:f1:1a:90:91:61:9c:78:99:29:4d:
4d:c6:36:b0:cb:ed:2c:96:05:6c:29:27:09:bf:7b:23:ae:37:
7f:58:85:4e:82:40:64:02:bc:f4:b8:07:de:66:22:f3:40:cc:
0b:14:48:fa:7e:4e:94:6d:41:1e:e3:9b:1b:95:e6:58:8e:18:
37:05:bc:2b:13:52:f5:4a:ee:0f:ff:19:df:92:d1:f1:9b:d0:
f6:a4:bd:d7:2a:a0:7b:a4:f7:49:c1:0f:8a:36:88:7f:f6:ac:
17:22:65:4a:03:5d:ff:7d:0d:d8:db:43:5c:3b:b9:db:32:95:
43:09:39:52
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY1mayzZvRnQchCIo2++yig5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjAxMjA0NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWE4OTA4M2M3YTlmMTU0ZWEyNmVmMTg4MjdkOWFmMDI5YjYxZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn39CO6K8++8Qy9GvWcyVZqYsM/kf
oFtaZH9F80L1xkTAbsMvIxP+q7cBdU/ixnFITL+CKO3ZqzyvuYtYQbAn5SnIuthG
bYiwQq/6zC4yqjYuz6lEpH+HT7xXrtMilB8xNR8Xs7dzxQs26s8B23RDkf2YrWzX
YSXe4wYXFFtrrh+ZRT7bnJLeC0iKgpJpaBND+yZQ6skuTOzYkPqzwa5FWPDoEtw9
qMx4HGjLypXP2QCt3Lg1Z2cw1KB/gzpgpvdi4e0tu9ZTvJvHlbnVOX4L3wqddd5Q
BWgjdEpQ0l0TajSowFY0PgViadaOVViNjaMNfNFLF78vJ8wl2qmsHJ02kQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLqokIPHqfFU6ibvGIJ9mvApth3SMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdXFpUWc4ZXA4VlRxSnU4WWduMmE4Q20ySGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowUzMAwD
BACjBTUDBACjBTYDBACjBTgDBACjBbAwDQYJKoZIhvcNAQELBQADggEBABZYefU1
Sn1jsRfLxwZZjUg7YsRZJTB/cwu8zodW2yHHlW0OvHkTB8tvautj8HXgbp//Cbxm
AnVx0mbDHRWcxcM2V5AoRYB7VdB8Ysm6bfnrBmkWN97vCwJgSl/w7NgX0uEW1AKK
XejOHvldN9/GRavcnqNNZBo2rLZbs4fBthw8H3sz6cXA8RqQkWGceJkpTU3GNrDL
7SyWBWwpJwm/eyOuN39YhU6CQGQCvPS4B95mIvNAzAsUSPp+TpRtQR7jmxuV5liO
GDcFvCsTUvVK7g//Gd+S0fGb0PakvdcqoHuk90nBD4o2iH/2rBciZUoDXf99Ddjb
Q1w7udsylUMJOVI=
-----END CERTIFICATE-----
Generated at Sun Mar 17 16:10:44 2024 by rpki-client on console-fra.rpki-client.org