Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wSPKpGpWNEx8yb4c9_ofOdBLwDk.roa
File: wSPKpGpWNEx8yb4c9_ofOdBLwDk.roa (raw, json)
Hash identifier: RdpPJwRoTQqaW+fZ9Hv0jGfZLel5QzoiyIKs4S1pphw=
Subject key identifier: C1:23:CA:A4:6A:56:34:4C:7C:C9:BE:1C:F7:FA:1F:39:D0:4B:C0:39
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191C311B40FB694C91D2ECA48A78F07ED88
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wSPKpGpWNEx8yb4c9_ofOdBLwDk.roa
Signing time: Thu 05 Sep 2024 16:43:22 +0000
ROA not before: Thu 05 Sep 2024 16:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 163.5.36.0/24 maxlen: 24
163.5.56.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.82.0/24 maxlen: 24
163.5.87.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Sep 2024 11:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:11:b4:0f:b6:94:c9:1d:2e:ca:48:a7:8f:07:ed:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 5 16:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c123caa46a56344c7cc9be1cf7fa1f39d04bc039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a0:a3:bf:73:45:aa:84:9c:86:71:67:77:51:
d6:85:76:8c:1e:29:8b:46:28:84:26:e6:c9:66:17:
df:f6:78:e8:e7:4f:b1:45:36:39:6f:98:ec:d6:48:
6c:91:72:83:42:fa:be:50:d6:cb:11:3d:08:64:cb:
ec:02:da:9f:d5:c7:d3:26:83:0f:c1:42:38:66:e0:
67:00:3a:ac:66:ea:d8:02:79:19:1a:09:8e:1f:a9:
ea:12:06:e8:42:30:6d:ec:f1:7f:09:9c:40:a4:46:
03:10:c1:f8:fd:22:2c:77:6c:f3:f3:00:5d:5e:bd:
02:da:58:eb:a5:94:9b:3b:3b:57:fa:83:64:d2:5f:
06:4f:26:36:87:99:7f:b8:ee:90:4b:ca:d9:98:31:
a9:dc:42:c2:9b:58:56:a5:d4:23:b2:35:4a:df:67:
ef:2e:c1:e0:67:47:c2:dd:3d:5c:cd:15:3b:c8:84:
5b:b5:49:4f:54:e5:6f:bf:56:9d:bf:0a:25:19:3b:
a1:07:7d:da:df:7c:06:ef:22:56:15:14:a4:b1:08:
16:3f:f9:38:39:19:41:5e:8b:fa:46:27:74:08:5d:
a8:6c:cd:fa:6e:65:22:c0:7f:91:c6:cb:18:31:9d:
68:33:f4:8c:93:b9:1d:77:15:68:9b:f8:bc:a8:26:
67:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:23:CA:A4:6A:56:34:4C:7C:C9:BE:1C:F7:FA:1F:39:D0:4B:C0:39
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wSPKpGpWNEx8yb4c9_ofOdBLwDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.36.0/24
163.5.56.0/24
163.5.71.0/24
163.5.82.0/24
163.5.87.0/24
163.5.95.0/24
163.5.99.0/24
163.5.124.0/23
163.5.127.0/24
163.5.136.0/24
163.5.138.0/24
163.5.140.0/24
163.5.202.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
46:40:ce:61:93:ef:d1:d4:6a:79:d9:94:d7:63:15:0f:f3:c2:
a6:ff:04:3a:0a:3c:58:68:f2:b7:27:1a:4a:0e:eb:55:a0:9c:
9a:7b:4f:41:2f:8b:90:a0:d0:18:86:4e:65:6d:b7:44:4d:3d:
88:98:e9:55:52:02:52:67:6f:51:2c:04:b3:86:9d:85:b9:3e:
e7:d2:76:12:ca:0c:bc:17:a1:ed:58:43:fe:8a:05:e0:ae:17:
d6:e4:3a:6e:92:10:e3:35:ea:ad:4c:af:ad:5a:31:ad:77:c2:
70:a4:2e:de:af:15:d6:50:82:5e:aa:87:ee:7b:4f:bd:e1:1b:
41:cc:5c:d4:eb:29:a2:6b:dc:a7:35:f9:81:1b:83:e8:bf:0f:
96:cf:70:97:14:08:a1:13:c6:c6:9e:ff:7a:fe:36:3e:86:80:
57:16:7d:c2:18:a7:d5:fc:24:83:42:f3:44:b0:97:9d:8d:bc:
82:d2:6c:1b:8f:b2:84:7b:af:4f:dc:59:75:58:14:a6:2e:4f:
da:a5:7e:d2:74:1f:86:33:2c:3a:17:94:b6:07:3e:24:68:01:
77:46:cd:e8:09:c0:39:67:a6:c3:6a:f2:a7:67:64:e4:d0:5b:
83:71:b3:d8:91:27:02:33:e9:0c:fb:62:bf:5b:41:de:50:21:
f7:e0:b6:f5
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZHDEbQPtpTJHS7KSKePB+2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTA1MTY0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTIzY2FhNDZhNTYzNDRjN2NjOWJlMWNmN2ZhMWYzOWQwNGJjMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqCjv3NFqoSchnFnd1HWhXaMHimL
RiiEJubJZhff9njo50+xRTY5b5js1khskXKDQvq+UNbLET0IZMvsAtqf1cfTJoMP
wUI4ZuBnADqsZurYAnkZGgmOH6nqEgboQjBt7PF/CZxApEYDEMH4/SIsd2zz8wBd
Xr0C2ljrpZSbOztX+oNk0l8GTyY2h5l/uO6QS8rZmDGp3ELCm1hWpdQjsjVK32fv
LsHgZ0fC3T1czRU7yIRbtUlPVOVvv1advwolGTuhB33a33wG7yJWFRSksQgWP/k4
ORlBXov6Rid0CF2obM36bmUiwH+RxssYMZ1oM/SMk7kddxVom/i8qCZn3wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFMEjyqRqVjRMfMm+HPf6HznQS8A5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvd1NQS3BHcFdORXg4eWI0Yzlfb2ZPZEJMd0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAowUkAwQA
owU4AwQAowVHAwQAowVSAwQAowVXAwQAowVfAwQAowVjAwQBowV8AwQAowV/AwQA
owWIAwQAowWKAwQAowWMAwQAowXKAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQBG
QM5hk+/R1Gp52ZTXYxUP88Km/wQ6CjxYaPK3JxpKDutVoJyae09BL4uQoNAYhk5l
bbdETT2ImOlVUgJSZ29RLASzhp2FuT7n0nYSygy8F6HtWEP+igXgrhfW5DpukhDj
NeqtTK+tWjGtd8JwpC7erxXWUIJeqofue0+94RtBzFzU6ymia9ynNfmBG4Povw+W
z3CXFAihE8bGnv96/jY+hoBXFn3CGKfV/CSDQvNEsJedjbyC0mwbj7KEe69P3Fl1
WBSmLk/apX7SdB+GMyw6F5S2Bz4kaAF3Rs3oCcA5Z6bDavKnZ2Tk0FuDcbPYkScC
M+kM+2K/W0HeUCH34Lb1
-----END CERTIFICATE-----
Generated at Mon Sep 16 13:24:21 2024 by rpki-client on console-fra.rpki-client.org