Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xCT8xVn21L4u-dcqg2_s3AKFwHU.roa
File: xCT8xVn21L4u-dcqg2_s3AKFwHU.roa (raw, json)
Hash identifier: hIHoXc3uB85LviLxdwMGZ9cQhf7guRH8QI9pqilBvT4=
Subject key identifier: C4:24:FC:C5:59:F6:D4:BE:2E:F9:D7:2A:83:6F:EC:DC:02:85:C0:75
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01931FBCD80339F39046E09592CF02E09CC5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xCT8xVn21L4u-dcqg2_s3AKFwHU.roa
Signing time: Tue 12 Nov 2024 09:38:10 +0000
ROA not before: Tue 12 Nov 2024 09:38:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.33.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Dec 2024 15:12:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:bc:d8:03:39:f3:90:46:e0:95:92:cf:02:e0:9c:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 12 09:38:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c424fcc559f6d4be2ef9d72a836fecdc0285c075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ac:15:16:99:74:e9:8d:36:35:f7:97:b6:87:
53:6e:23:68:d9:73:f9:f7:a3:85:91:df:36:22:81:
36:b0:ff:0e:1f:df:50:10:f2:db:e6:4a:33:88:ae:
4d:c9:2f:59:36:c8:1e:79:a2:7f:9c:89:4a:94:b2:
6f:d9:77:f7:8e:d4:07:e5:79:62:89:93:da:dd:65:
9d:88:e7:e9:be:ea:b9:11:cf:9d:9d:cd:f6:e3:6d:
64:27:70:4f:82:83:5a:b5:4e:f5:bd:a2:38:03:74:
75:e6:47:93:50:b5:96:f5:71:36:61:28:88:5d:4c:
e6:fc:43:22:f2:28:b4:b1:a7:12:bf:01:1d:e8:26:
22:c9:1c:83:2c:50:88:ea:a5:9d:0a:ee:72:e2:02:
22:10:eb:9d:5d:0d:8f:e1:65:17:a1:08:a3:00:a9:
b8:8d:3c:18:37:4a:8b:7c:cb:b9:76:46:c2:6c:c0:
82:15:13:6c:73:88:de:7f:74:76:34:4c:35:f1:e5:
10:ce:9e:dd:e1:45:a4:4e:84:96:00:d5:45:e2:c2:
e4:12:7b:10:b9:08:a6:33:42:6d:da:a8:96:78:35:
0d:71:72:ca:0a:2c:24:71:d8:8b:42:e9:d5:6d:1d:
14:58:7d:43:b5:f0:e3:79:30:ec:51:7c:d6:28:f8:
1e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:24:FC:C5:59:F6:D4:BE:2E:F9:D7:2A:83:6F:EC:DC:02:85:C0:75
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xCT8xVn21L4u-dcqg2_s3AKFwHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.33.0/24
163.5.110.0/23
163.5.126.0/24
163.5.128.0/24
163.5.145.0/24
163.5.165.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b1:27:ad:7a:c7:d6:a4:26:78:65:10:9e:b1:a3:8d:91:34:
06:76:e4:c4:44:a2:37:ca:de:70:c9:e9:f7:73:c7:08:0c:92:
3c:2f:f8:2a:39:50:68:5f:63:c9:e4:25:d9:28:26:8b:e3:13:
e7:cc:54:06:c3:0b:aa:b2:a2:3a:5c:da:33:12:fd:6b:65:45:
27:24:cf:67:56:04:e1:62:19:0d:b9:62:1f:10:d6:ff:2c:0f:
1f:27:ac:20:ca:17:02:d2:f3:a4:a1:61:55:6a:9d:9d:01:b7:
50:47:3d:7a:30:f4:0d:19:72:fc:ed:3a:36:3f:74:fc:2c:54:
78:34:76:14:b6:5e:8f:c8:c8:97:94:74:8d:61:09:96:9f:9c:
be:3c:24:93:df:c8:32:74:9f:89:31:f5:dc:c1:07:25:cb:e3:
f8:8a:3b:d6:51:5f:72:c1:3e:f3:fe:6e:15:a7:95:fc:b8:fc:
bf:63:90:bd:1e:82:97:33:65:eb:32:10:3c:89:8d:00:59:d5:
da:57:a3:98:d3:13:8b:df:fb:6d:68:05:f2:da:dd:dc:b3:97:
d5:b0:25:38:85:e0:9e:91:82:14:2e:a3:14:97:03:9b:e8:bb:
85:66:d1:04:c6:05:a4:c3:53:2e:fb:32:1a:ee:cd:c2:10:16:
66:4b:27:42
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZMfvNgDOfOQRuCVks8C4JzFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTEyMDkzODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDI0ZmNjNTU5ZjZkNGJlMmVmOWQ3MmE4MzZmZWNkYzAyODVjMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKwVFpl06Y02NfeXtodTbiNo2XP5
96OFkd82IoE2sP8OH99QEPLb5koziK5NyS9ZNsgeeaJ/nIlKlLJv2Xf3jtQH5Xli
iZPa3WWdiOfpvuq5Ec+dnc32421kJ3BPgoNatU71vaI4A3R15keTULWW9XE2YSiI
XUzm/EMi8ii0sacSvwEd6CYiyRyDLFCI6qWdCu5y4gIiEOudXQ2P4WUXoQijAKm4
jTwYN0qLfMu5dkbCbMCCFRNsc4jef3R2NEw18eUQzp7d4UWkToSWANVF4sLkEnsQ
uQimM0Jt2qiWeDUNcXLKCiwkcdiLQunVbR0UWH1DtfDjeTDsUXzWKPgeQwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMQk/MVZ9tS+LvnXKoNv7NwChcB1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveENUOHhWbjIxTDR1LWRjcWcyX3MzQUtGd0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAowUhAwQB
owVuAwQAowV+AwQAowWAAwQAowWRAwQAowWlAwQAowX6AwQAowX9MA0GCSqGSIb3
DQEBCwUAA4IBAQAOsSetesfWpCZ4ZRCesaONkTQGduTERKI3yt5wyen3c8cIDJI8
L/gqOVBoX2PJ5CXZKCaL4xPnzFQGwwuqsqI6XNozEv1rZUUnJM9nVgThYhkNuWIf
ENb/LA8fJ6wgyhcC0vOkoWFVap2dAbdQRz16MPQNGXL87To2P3T8LFR4NHYUtl6P
yMiXlHSNYQmWn5y+PCST38gydJ+JMfXcwQcly+P4ijvWUV9ywT7z/m4Vp5X8uPy/
Y5C9HoKXM2XrMhA8iY0AWdXaV6OY0xOL3/ttaAXy2t3cs5fVsCU4heCekYIULqMU
lwOb6LuFZtEExgWkw1Mu+zIa7s3CEBZmSydC
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:39:18 2025 by rpki-client