Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vXt8O6pHknDmhvT0X_6m3rTmpf8.roa
File: vXt8O6pHknDmhvT0X_6m3rTmpf8.roa (raw, json)
Hash identifier: fVzT5QipTPMjJmQdP+hcrxtS1ZVkZfHoolXDSLgE2w0=
Subject key identifier: BD:7B:7C:3B:AA:47:92:70:E6:86:F4:F4:5F:FE:A6:DE:B4:E6:A5:FF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC4256DE8F5662DECF388E455B88EB688
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vXt8O6pHknDmhvT0X_6m3rTmpf8.roa
Signing time: Mon 01 Jan 2024 08:30:36 +0000
ROA not before: Mon 01 Jan 2024 08:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399486
IP address blocks: 163.5.210.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.169.0/24 maxlen: 24
163.5.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 14:25:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:6d:e8:f5:66:2d:ec:f3:88:e4:55:b8:8e:b6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd7b7c3baa479270e686f4f45ffea6deb4e6a5ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:8e:31:cc:1e:46:71:0a:56:78:80:31:0f:
1f:4c:73:f7:68:21:cb:a0:4f:e9:7c:6b:f7:93:15:
18:37:eb:2f:27:d3:7f:10:b9:25:2e:66:94:0e:82:
e7:a2:99:e9:d6:35:49:46:3f:79:bd:3a:45:99:1c:
b0:53:57:b8:25:88:cf:1a:bf:6c:ae:a7:ae:c8:40:
26:af:c7:7f:ff:93:0e:3d:c5:06:99:16:81:a7:59:
53:53:3e:5e:16:44:e3:ec:5f:ee:5d:66:18:8f:72:
7d:35:fc:61:cd:ce:b2:71:94:06:d1:3f:4d:0d:d7:
14:97:a2:b6:9d:f7:8f:33:72:fe:e0:fa:2c:c4:85:
70:7a:ac:44:0d:59:36:fb:a6:aa:54:58:f4:c2:1e:
08:6e:8a:85:67:82:4a:9d:66:22:d5:bd:fb:c3:e3:
94:74:3c:b8:c8:fe:bb:21:2c:cd:1e:b1:59:fb:c3:
b2:96:e2:72:b3:02:99:59:d2:47:18:b0:82:21:48:
27:45:37:1e:07:2b:17:7d:19:28:ac:66:14:82:4d:
83:72:92:49:73:17:49:39:98:ad:81:bb:74:d7:07:
2c:dd:b2:79:db:34:b5:c3:9d:77:f9:65:42:e1:6e:
ab:62:fd:a4:9b:20:51:d0:06:9d:e3:e5:ac:d7:5c:
65:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7B:7C:3B:AA:47:92:70:E6:86:F4:F4:5F:FE:A6:DE:B4:E6:A5:FF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vXt8O6pHknDmhvT0X_6m3rTmpf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.64.0/24
163.5.112.0/24
163.5.160.0/24
163.5.169.0/24
163.5.210.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:23:70:0e:3a:07:b3:0f:32:f2:87:b0:e5:5b:c7:fa:bd:08:
03:f6:bb:e6:d1:8d:be:de:bc:b2:d0:d6:3a:e5:5a:64:6f:f9:
91:af:ed:73:ae:df:bd:d7:d0:3c:d5:63:ef:78:99:2c:40:24:
98:3d:cb:10:ba:7e:c0:4a:7f:39:d6:88:f1:2b:4f:f0:fa:b1:
46:47:3f:d9:56:40:92:64:82:7c:36:88:11:37:d4:37:4d:6b:
16:da:ee:8c:3d:3d:6b:b6:be:58:d7:da:f5:9e:8b:f1:2d:c0:
c4:c3:21:1c:ea:13:09:62:b1:90:b0:d5:2d:0b:51:5e:50:83:
3d:80:de:81:c5:f3:6b:6d:7a:2b:99:89:d2:47:98:54:50:c4:
90:92:5d:92:c6:3e:0b:4d:11:0a:18:0b:8d:7e:c4:e9:af:6d:
87:f5:e0:7f:8b:c7:be:65:2e:d5:97:43:06:0f:a2:e0:0c:a8:
8c:d7:95:bb:91:e4:3b:33:24:64:50:c3:0f:8e:02:f5:d1:5d:
d1:c1:9e:74:e4:a8:3e:e4:26:bd:9d:27:66:bb:b0:30:43:2f:
ee:e3:ff:06:69:1e:5f:25:ff:8e:37:68:03:c0:c3:65:4f:72:
53:6b:e0:7b:4d:19:f2:d7:8a:99:b6:2a:43:51:98:3b:a4:0f:
29:07:07:7b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEJW3o9WYt7POI5FW4jraIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDdiN2MzYmFhNDc5MjcwZTY4NmY0ZjQ1ZmZlYTZkZWI0ZTZhNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF2OMcweRnEKVniAMQ8fTHP3aCHL
oE/pfGv3kxUYN+svJ9N/ELklLmaUDoLnopnp1jVJRj95vTpFmRywU1e4JYjPGr9s
rqeuyEAmr8d//5MOPcUGmRaBp1lTUz5eFkTj7F/uXWYYj3J9Nfxhzc6ycZQG0T9N
DdcUl6K2nfePM3L+4PosxIVweqxEDVk2+6aqVFj0wh4IboqFZ4JKnWYi1b37w+OU
dDy4yP67ISzNHrFZ+8OyluJyswKZWdJHGLCCIUgnRTceBysXfRkorGYUgk2DcpJJ
cxdJOZitgbt01wcs3bJ52zS1w513+WVC4W6rYv2kmyBR0Aad4+Ws11xl4wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL17fDuqR5Jw5ob09F/+pt605qX/MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdlh0OE82cEhrbkRtaHZUMFhfNm0zclRtcGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowUgAwQA
owVAAwQAowVwAwQAowWgAwQAowWpAwQAowXSMA0GCSqGSIb3DQEBCwUAA4IBAQB9
I3AOOgezDzLyh7DlW8f6vQgD9rvm0Y2+3ryy0NY65Vpkb/mRr+1zrt+919A81WPv
eJksQCSYPcsQun7ASn851ojxK0/w+rFGRz/ZVkCSZIJ8NogRN9Q3TWsW2u6MPT1r
tr5Y19r1novxLcDEwyEc6hMJYrGQsNUtC1FeUIM9gN6BxfNrbXormYnSR5hUUMSQ
kl2Sxj4LTREKGAuNfsTpr22H9eB/i8e+ZS7Vl0MGD6LgDKiM15W7keQ7MyRkUMMP
jgL10V3RwZ505Kg+5Ca9nSdmu7AwQy/u4/8GaR5fJf+ON2gDwMNlT3JTa+B7TRny
14qZtipDUZg7pA8pBwd7
-----END CERTIFICATE-----
Generated at Thu Jan 11 18:15:40 2024 by rpki-client on console-ams.rpki-client.org