Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vhofvYDwxluA53yse0mFirdry_w.roa
File: vhofvYDwxluA53yse0mFirdry_w.roa (raw, json)
Hash identifier: TLvq01wW81l272Z89rKgishXOY9sE3id7XUTKFFqf9g=
Subject key identifier: BE:1A:1F:BD:80:F0:C6:5B:80:E7:7C:AC:7B:49:85:8A:B7:6B:CB:FC
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC4255F841196CCC2C810D925990519AD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vhofvYDwxluA53yse0mFirdry_w.roa
Signing time: Mon 01 Jan 2024 08:30:32 +0000
ROA not before: Mon 01 Jan 2024 08:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198883
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Feb 2024 15:35:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5f:84:11:96:cc:c2:c8:10:d9:25:99:05:19:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be1a1fbd80f0c65b80e77cac7b49858ab76bcbfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d5:a7:0f:5a:bd:df:d2:65:6d:86:76:50:60:
c5:e3:66:58:a2:1d:b0:69:6a:2c:5a:ba:d3:ac:30:
7b:00:8c:8d:a4:f9:b9:4a:e5:21:57:18:b6:15:b4:
e9:3a:dd:20:f2:43:e0:b2:12:90:c1:41:44:e2:5a:
77:5c:66:64:d0:52:6e:9f:3c:9b:70:0b:93:53:99:
45:88:b8:4d:65:1c:b4:4b:dd:9c:7c:55:f9:20:e3:
63:e4:45:07:bb:1c:ad:60:91:69:f4:4c:90:76:c8:
e7:8a:dd:06:7a:91:5c:4c:8f:4a:9a:08:e5:3a:60:
e0:d6:0c:c8:f1:f7:ab:4c:92:3e:fe:e6:71:92:62:
04:a5:c9:78:8f:ac:da:ee:b1:b5:2c:5e:3d:14:a2:
2b:89:3d:24:76:2c:f7:3a:ee:bf:62:ff:70:70:85:
1a:c5:b1:34:7f:c1:55:2d:37:bf:a2:56:16:3a:14:
c0:65:5f:8e:01:86:b0:e3:e6:a7:1b:24:ce:a8:1f:
f9:c6:0e:82:b2:7a:db:c7:92:12:7e:6b:35:3a:7c:
91:27:f3:3c:c5:cd:09:a2:08:86:76:c6:d7:a2:8b:
b4:bc:58:79:37:a4:73:bd:77:eb:2c:56:98:1b:5e:
a7:fa:6a:25:59:8d:05:db:8f:7b:87:b1:2e:36:7d:
a3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1A:1F:BD:80:F0:C6:5B:80:E7:7C:AC:7B:49:85:8A:B7:6B:CB:FC
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vhofvYDwxluA53yse0mFirdry_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.144.0/24
163.5.154.0/24
163.5.192.0/23
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
6f:5a:6f:2d:95:b7:68:86:00:c4:c0:af:c4:39:2f:a3:26:6c:
32:bf:ce:80:24:82:0c:39:7c:b0:5a:a2:97:53:89:79:9c:12:
4f:42:46:b6:86:81:e3:75:fa:73:c0:dd:1c:03:88:ea:52:a3:
e0:e3:29:25:e8:23:b9:22:e3:92:03:6a:02:a4:0f:45:6c:28:
6e:da:f8:f4:18:7f:2f:49:74:01:5e:b6:c8:d9:a4:cb:a4:d3:
70:da:18:65:47:4c:61:2e:ca:4a:35:50:18:f6:81:30:40:28:
8a:55:d0:8f:e7:4b:8a:99:f9:2c:79:27:38:5f:44:52:a6:9e:
fd:b5:ff:50:8c:8f:0d:e6:6f:13:0f:d8:e0:b2:90:1d:e3:31:
12:50:cf:c0:31:e8:eb:3f:63:5f:bd:05:28:d8:66:75:4e:6e:
a9:a0:02:01:9c:bd:2e:1d:6a:0b:eb:78:d9:2d:7e:4c:75:cf:
e9:65:07:f2:97:0a:dc:10:51:b0:8c:06:a4:32:23:e9:34:90:
3c:6d:20:4e:8b:81:f7:bf:d4:47:80:87:43:77:27:25:76:c9:
e3:d0:90:34:46:dc:05:8b:5c:82:ee:d7:3c:f1:6b:94:b1:f9:
d3:2b:3c:bd:93:79:fe:9f:6f:56:e3:ea:a9:4f:3b:fb:b3:76:
e7:20:7c:69
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEJV+EEZbMwsgQ2SWZBRmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFhMWZiZDgwZjBjNjViODBlNzdjYWM3YjQ5ODU4YWI3NmJjYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNWnD1q939JlbYZ2UGDF42ZYoh2w
aWosWrrTrDB7AIyNpPm5SuUhVxi2FbTpOt0g8kPgshKQwUFE4lp3XGZk0FJunzyb
cAuTU5lFiLhNZRy0S92cfFX5IONj5EUHuxytYJFp9EyQdsjnit0GepFcTI9Kmgjl
OmDg1gzI8ferTJI+/uZxkmIEpcl4j6za7rG1LF49FKIriT0kdiz3Ou6/Yv9wcIUa
xbE0f8FVLTe/olYWOhTAZV+OAYaw4+anGyTOqB/5xg6Csnrbx5ISfms1OnyRJ/M8
xc0JogiGdsbXoou0vFh5N6RzvXfrLFaYG16n+molWY0F2497h7EuNn2j+QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFL4aH72A8MZbgOd8rHtJhYq3a8v8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdmhvZnZZRHd4bHVBNTN5c2UwbUZpcmRyeV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowWQAwQA
owWaAwQBowXAMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAG9aby2V
t2iGAMTAr8Q5L6MmbDK/zoAkggw5fLBaopdTiXmcEk9CRraGgeN1+nPA3RwDiOpS
o+DjKSXoI7ki45IDagKkD0VsKG7a+PQYfy9JdAFetsjZpMuk03DaGGVHTGEuyko1
UBj2gTBAKIpV0I/nS4qZ+Sx5JzhfRFKmnv21/1CMjw3mbxMP2OCykB3jMRJQz8Ax
6Os/Y1+9BSjYZnVObqmgAgGcvS4dagvreNktfkx1z+llB/KXCtwQUbCMBqQyI+k0
kDxtIE6Lgfe/1EeAh0N3JyV2yePQkDRG3AWLXILu1zzxa5Sx+dMrPL2Tef6fb1bj
6qlPO/uzducgfGk=
-----END CERTIFICATE-----
Generated at Sun Feb 11 18:16:41 2024 by rpki-client on console-fra.rpki-client.org