Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/w42lWjo72kvc0ZmOHkbYhHj9yX0.roa
File: w42lWjo72kvc0ZmOHkbYhHj9yX0.roa (raw, json)
Hash identifier: VKfhJ8+wZQDwYjHc/CijDOgJdYAkIPw+klDkZHe/EBQ=
Subject key identifier: C3:8D:A5:5A:3A:3B:DA:4B:DC:D1:99:8E:1E:46:D8:84:78:FD:C9:7D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A45825B5E649E26334276655D1D3B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/w42lWjo72kvc0ZmOHkbYhHj9yX0.roa
Signing time: Wed 01 Jan 2025 19:49:14 +0000
ROA not before: Wed 01 Jan 2025 19:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210538
IP address blocks: 163.5.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Feb 2025 20:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:45:82:5b:5e:64:9e:26:33:42:76:65:5d:1d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c38da55a3a3bda4bdcd1998e1e46d88478fdc97d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:da:bb:e1:4c:9f:81:ef:d3:d9:3f:f4:20:
7f:79:10:78:ac:17:78:29:ab:03:51:a1:75:28:9e:
1d:af:02:38:b4:af:32:34:91:69:70:88:42:a9:81:
c8:9d:c6:41:54:f5:e5:fd:4b:fd:dd:12:10:3f:9c:
26:25:d7:fa:cc:67:92:7e:ae:7a:26:71:0b:52:d5:
94:e8:51:2e:44:b3:67:00:c6:4d:9b:1c:21:89:14:
93:66:29:1b:c0:52:d9:70:f7:d0:79:30:4b:a7:8d:
e6:e7:6c:f3:5f:c0:8b:87:4e:e1:89:77:ae:50:16:
2a:df:17:43:65:fb:48:44:2c:f0:94:67:1e:c0:67:
8e:69:d3:f7:3f:f2:1d:b8:01:fd:f9:f3:c5:a4:be:
db:ac:3b:59:99:e9:21:7c:7f:de:f4:c7:29:ef:90:
4b:cc:c5:85:13:59:b4:47:03:d7:55:0b:79:c6:44:
81:a8:8d:84:70:d3:7c:71:ea:1a:d4:67:67:80:d0:
8c:4d:b7:7f:f2:46:be:12:35:c5:52:c0:e9:1d:e1:
61:5f:1b:f7:d8:6d:9d:47:d3:1b:85:81:d0:35:5d:
55:57:6b:5e:02:92:4a:e8:8f:31:45:59:34:67:db:
b7:d4:64:a7:9d:d4:d6:94:75:5f:18:e9:0c:a4:13:
8b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8D:A5:5A:3A:3B:DA:4B:DC:D1:99:8E:1E:46:D8:84:78:FD:C9:7D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/w42lWjo72kvc0ZmOHkbYhHj9yX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.242.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:a8:f6:1f:7f:75:86:15:37:2d:a8:f7:26:7c:fb:78:1c:b2:
5c:e8:7e:97:8c:cc:52:c5:0d:2c:b7:3e:ec:f2:1d:61:f8:86:
7e:eb:14:2a:2f:df:3f:e0:e2:0a:c6:1d:0f:9f:af:83:ef:8f:
1f:3f:95:5e:b1:f2:eb:fb:c0:85:db:a7:f7:8b:da:03:53:95:
4f:71:d9:30:c5:e2:f4:86:3f:8e:ab:88:e4:69:84:ba:27:43:
b8:e8:47:69:ba:d6:94:fb:aa:ea:7c:33:da:8b:b8:d4:68:64:
94:57:a5:2d:9b:f0:25:83:12:76:db:c0:9a:46:68:31:c6:8d:
3f:2f:50:df:0b:7f:7a:d9:9d:5a:ff:49:4b:b1:ae:c7:a9:50:
5c:af:78:2c:65:58:f2:73:6e:ca:77:36:c0:54:db:01:ab:1f:
da:cd:04:2c:2b:9e:4d:e7:36:02:d4:a5:a9:e2:76:3e:6f:7a:
96:d7:b4:e3:61:e6:21:9c:04:2c:7b:bc:f8:67:89:b7:ca:2b:
c4:61:cd:0c:1e:6b:c6:e2:86:55:32:0b:59:2b:1e:c1:7e:c3:
de:eb:c1:35:1a:ab:16:87:f2:92:fe:ed:a4:c8:20:5c:72:38:
a0:57:4b:20:ba:98:85:96:59:05:32:07:aa:38:08:e3:9e:92:
8e:3b:37:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjakWCW15kniYzQnZlXR07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzhkYTU1YTNhM2JkYTRiZGNkMTk5OGUxZTQ2ZDg4NDc4ZmRjOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQTau+FMn4Hv09k/9CB/eRB4rBd4
KasDUaF1KJ4drwI4tK8yNJFpcIhCqYHIncZBVPXl/Uv93RIQP5wmJdf6zGeSfq56
JnELUtWU6FEuRLNnAMZNmxwhiRSTZikbwFLZcPfQeTBLp43m52zzX8CLh07hiXeu
UBYq3xdDZftIRCzwlGcewGeOadP3P/IduAH9+fPFpL7brDtZmekhfH/e9Mcp75BL
zMWFE1m0RwPXVQt5xkSBqI2EcNN8ceoa1GdngNCMTbd/8ka+EjXFUsDpHeFhXxv3
2G2dR9MbhYHQNV1VV2teApJK6I8xRVk0Z9u31GSnndTWlHVfGOkMpBOLrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMONpVo6O9pL3NGZjh5G2IR4/cl9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdzQybFdqbzcya3ZjMFptT0hrYlloSGo5eVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXyMA0G
CSqGSIb3DQEBCwUAA4IBAQAPqPYff3WGFTctqPcmfPt4HLJc6H6XjMxSxQ0stz7s
8h1h+IZ+6xQqL98/4OIKxh0Pn6+D748fP5VesfLr+8CF26f3i9oDU5VPcdkwxeL0
hj+Oq4jkaYS6J0O46EdputaU+6rqfDPai7jUaGSUV6Utm/AlgxJ228CaRmgxxo0/
L1DfC3962Z1a/0lLsa7HqVBcr3gsZVjyc27KdzbAVNsBqx/azQQsK55N5zYC1KWp
4nY+b3qW17TjYeYhnAQse7z4Z4m3yivEYc0MHmvG4oZVMgtZKx7BfsPe68E1GqsW
h/KS/u2kyCBccjigV0sgupiFllkFMgeqOAjjnpKOOzej
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:55:20 2025 by rpki-client