Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zhyC8Tqw3dfcH0Z2FgqrVY8GfYM.roa
File: zhyC8Tqw3dfcH0Z2FgqrVY8GfYM.roa (raw, json)
Hash identifier: xNEhvdYxJ47Yg7tScOvkpOHkmf9Ps9bKTWV5thWaKk4=
Subject key identifier: CE:1C:82:F1:3A:B0:DD:D7:DC:1F:46:76:16:0A:AB:55:8F:06:7D:83
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019276DDAD4A88D4E8E53A2A4EFE170D879F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zhyC8Tqw3dfcH0Z2FgqrVY8GfYM.roa
Signing time: Thu 10 Oct 2024 14:38:12 +0000
ROA not before: Thu 10 Oct 2024 14:38:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 163.5.135.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 06:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:dd:ad:4a:88:d4:e8:e5:3a:2a:4e:fe:17:0d:87:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 10 14:38:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce1c82f13ab0ddd7dc1f4676160aab558f067d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8d:da:fc:fb:af:17:52:dc:93:de:a2:e3:c5:
a4:aa:2d:5e:82:cb:24:17:1f:af:8b:c5:36:e4:5e:
51:97:67:82:93:1a:43:ee:c9:ef:b3:ed:35:e2:68:
cd:ab:56:23:d6:84:28:d5:7a:e4:bf:20:06:5c:20:
71:1f:c9:1a:10:21:43:36:c1:3b:de:b2:09:36:4d:
c6:dc:98:4e:42:67:72:23:9a:8b:cf:71:b0:b7:a9:
2d:d0:6d:54:25:51:71:3a:e8:05:84:39:f5:65:4b:
b4:27:f0:5d:c5:1c:89:47:c3:b9:c9:10:46:3f:5d:
02:0c:42:2b:c0:1c:c5:f4:ac:b6:1b:fc:3d:54:f9:
c4:86:45:61:8b:20:95:c3:2a:44:0e:d2:aa:ef:57:
07:42:1f:6a:3e:1b:c7:ff:0b:35:e2:70:73:e4:5a:
3d:61:a1:a6:7a:69:69:c3:cf:d5:8e:79:72:28:40:
11:fc:21:97:57:b1:d7:0b:42:80:97:92:71:30:ad:
cc:ea:24:16:29:aa:b5:b1:3f:30:f5:75:06:54:a7:
da:75:ea:4c:cc:4b:dc:f4:a9:e4:d4:aa:0f:f8:0f:
a4:a7:00:1a:8d:ca:ad:af:00:71:b0:ff:b6:cd:0a:
7d:51:aa:d2:c7:fc:9d:3a:3a:84:ad:9d:69:e6:af:
ce:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:1C:82:F1:3A:B0:DD:D7:DC:1F:46:76:16:0A:AB:55:8F:06:7D:83
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zhyC8Tqw3dfcH0Z2FgqrVY8GfYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.135.0/24
163.5.209.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:82:22:9b:25:d1:f4:86:19:d7:2f:30:8e:55:f1:c6:ec:79:
cf:56:61:d3:0c:50:8b:36:de:e8:40:47:ee:56:99:e0:a8:c2:
a1:ce:00:e5:ba:49:d8:93:6f:fd:6d:a0:7d:aa:5d:83:e9:7a:
b5:25:05:ed:66:39:35:c4:2a:c7:94:5d:2e:56:36:a3:ff:36:
2a:7f:28:82:2f:f7:95:6a:69:40:47:5c:a8:d6:c9:df:d2:6d:
51:14:69:cb:06:70:e9:59:77:45:91:65:29:85:49:e8:63:01:
74:41:87:35:86:b6:19:dc:81:60:1f:6b:73:1d:79:1f:6a:eb:
1c:2a:b5:09:26:97:07:fd:22:d9:a1:46:99:8c:46:b5:c4:8a:
a2:ae:0d:6b:d7:75:fe:eb:ef:9d:08:e0:aa:8c:2c:69:0c:c9:
c7:1f:83:54:da:31:30:be:1e:37:02:cf:11:d5:6d:9b:56:8f:
8d:4d:21:d3:a9:b0:b5:7f:28:a7:df:3b:e8:8d:b5:bc:ae:c8:
3a:f2:4c:10:9b:ae:30:09:71:79:2e:7d:8b:05:4b:11:77:db:
2a:c9:5d:1c:77:81:c3:86:27:72:00:51:9b:12:63:8e:60:76:
99:47:df:a6:95:77:b4:51:e5:8a:0e:99:54:d2:66:19:e0:ab:
98:51:33:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJ23a1KiNTo5ToqTv4XDYefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMDEwMTQzODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTFjODJmMTNhYjBkZGQ3ZGMxZjQ2NzYxNjBhYWI1NThmMDY3ZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY3a/PuvF1Lck96i48Wkqi1egssk
Fx+vi8U25F5Rl2eCkxpD7snvs+014mjNq1Yj1oQo1XrkvyAGXCBxH8kaECFDNsE7
3rIJNk3G3JhOQmdyI5qLz3Gwt6kt0G1UJVFxOugFhDn1ZUu0J/BdxRyJR8O5yRBG
P10CDEIrwBzF9Ky2G/w9VPnEhkVhiyCVwypEDtKq71cHQh9qPhvH/ws14nBz5Fo9
YaGmemlpw8/VjnlyKEAR/CGXV7HXC0KAl5JxMK3M6iQWKaq1sT8w9XUGVKfadepM
zEvc9Knk1KoP+A+kpwAajcqtrwBxsP+2zQp9UarSx/ydOjqErZ1p5q/OAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM4cgvE6sN3X3B9GdhYKq1WPBn2DMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvemh5QzhUcXczZGZjSDBaMkZncXJWWThHZllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWHAwQA
owXRMA0GCSqGSIb3DQEBCwUAA4IBAQBsgiKbJdH0hhnXLzCOVfHG7HnPVmHTDFCL
Nt7oQEfuVpngqMKhzgDluknYk2/9baB9ql2D6Xq1JQXtZjk1xCrHlF0uVjaj/zYq
fyiCL/eVamlAR1yo1snf0m1RFGnLBnDpWXdFkWUphUnoYwF0QYc1hrYZ3IFgH2tz
HXkfauscKrUJJpcH/SLZoUaZjEa1xIqirg1r13X+6++dCOCqjCxpDMnHH4NU2jEw
vh43As8R1W2bVo+NTSHTqbC1fyin3zvojbW8rsg68kwQm64wCXF5Ln2LBUsRd9sq
yV0cd4HDhidyAFGbEmOOYHaZR9+mlXe0UeWKDplU0mYZ4KuYUTOW
-----END CERTIFICATE-----
Generated at Thu Oct 24 09:01:22 2024 by rpki-client on console-fra.rpki-client.org