Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/v3G3p3NOmBLmjeTyfW-Fr78gNf4.roa
File: v3G3p3NOmBLmjeTyfW-Fr78gNf4.roa (raw, json)
Hash identifier: kuyq8VWFIiHup0jn8MbfKCK7Baxssk8uot32AbMscvU=
Subject key identifier: BF:71:B7:A7:73:4E:98:12:E6:8D:E4:F2:7D:6F:85:AF:BF:20:35:FE
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01932F92CDB20E89EF5B8BF6E923B3E36018
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/v3G3p3NOmBLmjeTyfW-Fr78gNf4.roa
Signing time: Fri 15 Nov 2024 11:26:10 +0000
ROA not before: Fri 15 Nov 2024 11:26:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 163.5.22.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 11:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:92:cd:b2:0e:89:ef:5b:8b:f6:e9:23:b3:e3:60:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 15 11:26:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf71b7a7734e9812e68de4f27d6f85afbf2035fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2b:4d:c2:98:3d:42:0f:b9:e7:78:4a:8e:cf:
eb:1a:71:91:b7:b8:2e:c7:bb:ee:3e:23:e7:99:bd:
a5:eb:f2:b2:76:35:8d:ed:90:32:b7:82:47:bf:61:
11:62:61:79:25:25:6f:1a:1b:95:0a:02:4a:6a:0a:
28:4b:1f:91:0c:1c:33:fa:8a:eb:cd:49:fb:38:ff:
ab:d7:99:73:c9:11:18:0f:8d:e7:95:6c:b2:18:a9:
68:27:53:0a:81:e4:cb:19:a8:20:93:80:1a:2d:5b:
29:ad:00:06:e8:76:c2:8f:0f:15:70:e8:5b:60:88:
17:b9:aa:a0:08:c4:a0:27:ea:3c:de:f2:e9:de:62:
5f:82:a6:f2:0c:01:50:77:83:cb:ee:14:00:64:af:
71:6d:3f:5f:f9:30:6a:06:6f:13:71:51:a5:2f:2c:
bd:84:14:92:00:06:93:86:e0:17:fd:7c:90:97:db:
ac:12:61:38:4b:80:12:0d:ba:74:36:95:eb:3f:f5:
61:c3:ff:8b:04:d8:3d:2e:cd:52:2f:d2:e0:ca:4d:
e4:d0:14:1c:54:74:ff:d5:7e:e9:90:3c:b4:2f:fb:
83:cc:6d:31:a1:6d:17:51:17:f8:ce:fb:56:73:dd:
b6:f5:e3:ba:3d:63:97:1e:14:dd:2b:f0:7b:b8:ea:
19:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:71:B7:A7:73:4E:98:12:E6:8D:E4:F2:7D:6F:85:AF:BF:20:35:FE
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/v3G3p3NOmBLmjeTyfW-Fr78gNf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.22.0/24
163.5.31.0/24
163.5.34.0/24
163.5.46.0/24
163.5.62.0/24
163.5.118.0/23
163.5.144.0/24
163.5.158.0/24
163.5.162.0/24
163.5.173.0/24
163.5.179.0/24
163.5.187.0/24
163.5.211.0/24
163.5.221.0/24
163.5.230.0/24
163.5.245.0/24
163.5.247.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:d0:66:f3:37:da:cf:97:01:26:cf:78:5d:32:ad:7b:7c:1b:
c5:da:05:3c:9e:3d:f1:d7:5b:cd:01:c5:d2:34:45:c2:ad:0c:
4e:a7:a4:df:76:d2:8a:d9:19:5c:19:21:1c:80:6a:9c:ee:e1:
ca:6c:81:96:2c:fd:48:4d:72:29:32:58:0c:c3:97:26:d3:70:
ff:df:5b:3f:a7:fe:f4:0b:21:52:42:7e:85:bc:6f:67:9a:a1:
06:0e:ac:6e:f5:5f:aa:82:7f:fa:c0:56:75:92:c0:a5:16:ac:
24:ce:19:9e:8e:ac:18:f9:fc:2c:b5:3e:aa:b6:ce:c2:af:cd:
12:b8:49:de:b9:21:6c:58:44:0b:e8:fd:68:49:c2:a3:df:a6:
6a:1b:f8:49:ac:42:1f:26:b3:b5:28:97:8d:d4:e9:42:2e:6c:
a4:17:6e:7a:f4:6e:6b:13:24:75:c5:cd:ff:56:56:22:a4:92:
19:c0:16:bf:8c:ec:98:c6:cd:07:5d:01:e0:f0:ba:7c:9d:ce:
05:08:e5:01:b6:62:eb:94:c6:1a:b3:5b:b2:38:95:b7:7f:3b:
01:35:bc:38:1e:94:96:7d:5c:1a:87:d1:aa:d7:e7:64:40:0d:
b9:bf:c0:a6:5e:78:f3:af:51:88:a0:19:b5:fc:71:a9:ec:99:
77:5e:fd:51
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZMvks2yDonvW4v26SOz42AYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTE1MTEyNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjcxYjdhNzczNGU5ODEyZTY4ZGU0ZjI3ZDZmODVhZmJmMjAzNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsytNwpg9Qg+553hKjs/rGnGRt7gu
x7vuPiPnmb2l6/KydjWN7ZAyt4JHv2ERYmF5JSVvGhuVCgJKagooSx+RDBwz+orr
zUn7OP+r15lzyREYD43nlWyyGKloJ1MKgeTLGaggk4AaLVsprQAG6HbCjw8VcOhb
YIgXuaqgCMSgJ+o83vLp3mJfgqbyDAFQd4PL7hQAZK9xbT9f+TBqBm8TcVGlLyy9
hBSSAAaThuAX/XyQl9usEmE4S4ASDbp0NpXrP/Vhw/+LBNg9Ls1SL9Lgyk3k0BQc
VHT/1X7pkDy0L/uDzG0xoW0XURf4zvtWc9229eO6PWOXHhTdK/B7uOoZmQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFL9xt6dzTpgS5o3k8n1vha+/IDX+MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdjNHM3AzTk9tQkxtamVUeWZXLUZyNzhnTmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAowUWAwQA
owUfAwQAowUiAwQAowUuAwQAowU+AwQBowV2AwQAowWQAwQAowWeAwQAowWiAwQA
owWtAwQAowWzAwQAowW7AwQAowXTAwQAowXdAwQAowXmAwQAowX1AwQAowX3MA0G
CSqGSIb3DQEBCwUAA4IBAQB60GbzN9rPlwEmz3hdMq17fBvF2gU8nj3x11vNAcXS
NEXCrQxOp6TfdtKK2RlcGSEcgGqc7uHKbIGWLP1ITXIpMlgMw5cm03D/31s/p/70
CyFSQn6FvG9nmqEGDqxu9V+qgn/6wFZ1ksClFqwkzhmejqwY+fwstT6qts7Cr80S
uEneuSFsWEQL6P1oScKj36ZqG/hJrEIfJrO1KJeN1OlCLmykF2569G5rEyR1xc3/
VlYipJIZwBa/jOyYxs0HXQHg8Lp8nc4FCOUBtmLrlMYas1uyOJW3fzsBNbw4HpSW
fVwah9Gq1+dkQA25v8CmXnjzr1GIoBm1/HGp7Jl3Xv1R
-----END CERTIFICATE-----
Generated at Mon Nov 18 14:00:10 2024 by rpki-client on console-fra.rpki-client.org