Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wnH6sXT9d_0wd7wYaGMkITVyulk.roa
File: wnH6sXT9d_0wd7wYaGMkITVyulk.roa (raw, json)
Hash identifier: UhRjexnPsehLJPETDjaYkv12tENV56s7+vonf4WTWuE=
Subject key identifier: C2:71:FA:B1:74:FD:77:FD:30:77:BC:18:68:63:24:21:35:72:BA:59
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D6AAD919AFFE466E59A873EC62DB01EC3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wnH6sXT9d_0wd7wYaGMkITVyulk.roa
Signing time: Fri 02 Feb 2024 16:36:16 +0000
ROA not before: Fri 02 Feb 2024 16:36:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 163.5.129.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Mar 2024 19:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:ad:91:9a:ff:e4:66:e5:9a:87:3e:c6:2d:b0:1e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 2 16:36:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c271fab174fd77fd3077bc18686324213572ba59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:77:60:d3:0f:cb:72:94:83:1c:79:65:dc:77:
0a:98:41:85:b0:3f:35:8e:ac:27:83:d4:04:0d:b4:
8f:7c:e1:88:37:50:d7:1e:69:82:bd:64:a2:55:c8:
0b:06:e4:63:77:e2:58:23:6a:b9:1a:1e:24:91:5a:
07:43:22:dc:6f:f1:80:4f:5d:a9:64:f9:8e:5a:e6:
37:9d:a4:ad:a0:c2:17:3f:62:bf:4f:f2:8e:03:08:
a1:55:95:58:9a:d3:8c:f1:eb:a8:de:0b:d8:44:2e:
e2:bd:92:4a:e9:cc:73:4d:89:12:2d:85:e5:67:ba:
32:19:f1:fc:42:2b:9d:76:9e:c0:76:9c:ff:39:b3:
b2:e8:1a:a2:3b:49:cd:5e:c4:fb:a2:65:3b:73:51:
d2:e7:71:dc:45:68:7f:5e:de:25:fd:99:af:80:a0:
95:24:c3:2d:c9:dc:1a:78:97:98:9e:0c:0b:fb:f8:
cc:73:53:68:8d:28:d9:8a:96:be:b8:60:47:61:92:
ed:e2:e4:6c:7d:91:fe:7c:3d:dd:ff:87:49:eb:ab:
76:00:b1:57:9a:ec:26:7b:cb:01:b9:e8:05:74:c7:
0a:1b:e9:a0:45:13:fc:93:cb:79:82:3f:09:86:cb:
8b:0a:48:e7:4c:a2:e6:60:fe:63:c5:38:d1:d8:1d:
fb:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:71:FA:B1:74:FD:77:FD:30:77:BC:18:68:63:24:21:35:72:BA:59
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wnH6sXT9d_0wd7wYaGMkITVyulk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.129.0/24
163.5.157.0/24
163.5.194.0/24
Signature Algorithm: sha256WithRSAEncryption
24:49:5f:69:3a:5e:06:96:53:0b:9c:47:46:1f:f6:df:85:f7:
bc:b6:81:cc:9c:c8:df:f1:ba:bf:b4:c9:05:08:cc:cc:2c:a9:
c0:72:16:c6:01:e0:f6:cb:d9:c1:8d:2d:90:b2:48:3b:5e:2d:
97:ee:de:5e:37:fa:44:0c:8c:8f:49:89:59:97:53:a3:7e:c4:
6e:ac:ea:43:7c:ab:1a:ee:19:60:80:3c:5b:b0:0f:c8:c6:b5:
7c:50:ae:82:51:b5:28:26:3b:e2:81:16:91:e9:cb:f4:d8:30:
56:32:59:61:0a:7a:ed:5c:ec:0e:77:8b:b3:0d:23:2f:26:f3:
e6:70:fb:18:dc:05:cb:df:18:2a:05:8b:df:02:b3:24:30:ba:
aa:b1:ba:aa:17:6f:c1:28:54:02:8c:9b:1d:0c:dc:c4:0c:5e:
f2:40:2b:a2:22:8e:a6:5b:44:1d:d0:fd:5c:1f:68:23:84:5f:
ff:fd:55:77:e8:f4:f8:25:1f:87:d6:9f:a9:dd:97:e8:15:64:
3e:06:d1:3c:9a:f4:7b:97:62:87:27:d5:26:d7:06:0d:2f:c8:
54:30:57:ad:d8:e9:a2:aa:65:38:19:7d:e7:a2:83:e2:df:e5:
8f:6f:92:71:40:64:6e:35:dc:fa:8d:fa:95:a5:f7:ce:06:02:
7b:ec:00:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1qrZGa/+Rm5ZqHPsYtsB7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjAyMTYzNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjcxZmFiMTc0ZmQ3N2ZkMzA3N2JjMTg2ODYzMjQyMTM1NzJiYTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHdg0w/LcpSDHHll3HcKmEGFsD81
jqwng9QEDbSPfOGIN1DXHmmCvWSiVcgLBuRjd+JYI2q5Gh4kkVoHQyLcb/GAT12p
ZPmOWuY3naStoMIXP2K/T/KOAwihVZVYmtOM8euo3gvYRC7ivZJK6cxzTYkSLYXl
Z7oyGfH8Qiuddp7Adpz/ObOy6BqiO0nNXsT7omU7c1HS53HcRWh/Xt4l/ZmvgKCV
JMMtydwaeJeYngwL+/jMc1NojSjZipa+uGBHYZLt4uRsfZH+fD3d/4dJ66t2ALFX
muwme8sBuegFdMcKG+mgRRP8k8t5gj8JhsuLCkjnTKLmYP5jxTjR2B37uwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMJx+rF0/Xf9MHe8GGhjJCE1crpZMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvd25INnNYVDlkXzB3ZDd3WWFHTWtJVFZ5dWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWBAwQA
owWdAwQAowXCMA0GCSqGSIb3DQEBCwUAA4IBAQAkSV9pOl4GllMLnEdGH/bfhfe8
toHMnMjf8bq/tMkFCMzMLKnAchbGAeD2y9nBjS2Qskg7Xi2X7t5eN/pEDIyPSYlZ
l1OjfsRurOpDfKsa7hlggDxbsA/IxrV8UK6CUbUoJjvigRaR6cv02DBWMllhCnrt
XOwOd4uzDSMvJvPmcPsY3AXL3xgqBYvfArMkMLqqsbqqF2/BKFQCjJsdDNzEDF7y
QCuiIo6mW0Qd0P1cH2gjhF///VV36PT4JR+H1p+p3ZfoFWQ+BtE8mvR7l2KHJ9Um
1wYNL8hUMFet2OmiqmU4GX3nooPi3+WPb5JxQGRuNdz6jfqVpffOBgJ77ACm
-----END CERTIFICATE-----
Generated at Sun Mar 24 20:55:04 2024 by rpki-client on console-fra.rpki-client.org