Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/0f65UV6kIPIwq0raQOBbmF2wWXY.roa
File: 0f65UV6kIPIwq0raQOBbmF2wWXY.roa (raw, json)
Hash identifier: UDUYy2Z1LHq21sWmG2gv3NsFpL8ozEnffxtKrR8XAbc=
Subject key identifier: D1:FE:B9:51:5E:A4:20:F2:30:AB:4A:DA:40:E0:5B:98:5D:B0:59:76
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01892661CDAEFBC4E55A06F29BCD544F6CD3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/0f65UV6kIPIwq0raQOBbmF2wWXY.roa
Signing time: Wed 05 Jul 2023 14:08:11 +0000
ROA not before: Wed 05 Jul 2023 14:08:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211144
IP address blocks: 163.5.123.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:61:cd:ae:fb:c4:e5:5a:06:f2:9b:cd:54:4f:6c:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 5 14:08:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1feb9515ea420f230ab4ada40e05b985db05976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:31:92:48:aa:e4:59:16:cc:fc:8a:c1:ad:5a:
7a:8d:16:19:f5:e1:c2:d1:83:a2:68:71:00:c5:0a:
e8:ea:9b:99:b1:17:eb:3f:f7:6e:d7:ed:27:9c:cf:
88:fd:ca:95:cc:ba:31:a5:fc:30:6c:74:5b:aa:3f:
be:d4:90:ce:44:c6:c7:34:c4:11:90:19:16:2f:5c:
de:dd:c5:bd:7e:1f:1a:84:68:93:e7:01:77:19:b1:
89:fb:89:29:82:8e:cb:39:3f:b3:58:0a:a2:c2:18:
8f:0e:49:93:e3:14:d2:59:ec:81:91:68:1c:db:15:
0b:85:08:a2:47:36:83:f2:57:93:82:cd:00:0a:f8:
00:60:ef:74:21:62:1d:ac:28:72:b7:70:1e:5d:2a:
79:fe:74:fb:3f:38:9b:79:b7:ce:44:c3:5d:25:f4:
6e:62:ac:b6:2a:a6:22:70:0d:a0:45:7e:a8:a6:fd:
d1:fd:8f:53:02:ac:00:2f:b1:97:1c:42:36:32:9a:
aa:2f:94:8f:29:45:34:39:42:6d:bb:19:8d:b1:88:
36:59:dc:4b:47:91:86:de:bc:30:dc:92:bb:91:d7:
d9:27:e8:99:24:3d:7e:a8:26:26:7b:99:c2:c7:fc:
a9:06:e7:bc:a4:0c:22:1d:af:ca:ff:8b:7e:b5:15:
09:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:FE:B9:51:5E:A4:20:F2:30:AB:4A:DA:40:E0:5B:98:5D:B0:59:76
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/0f65UV6kIPIwq0raQOBbmF2wWXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:63:94:95:de:35:7f:e4:3d:a3:47:44:54:f1:01:1e:d0:d5:
34:2c:7f:9b:d1:8c:b1:df:00:0f:24:49:80:f8:fc:87:7d:60:
46:34:49:b1:8b:54:81:f3:f8:66:a1:31:1b:d1:8a:0b:fc:3a:
95:a8:da:76:cc:37:6b:c6:bc:fd:cf:d8:98:2a:71:e4:d2:57:
7e:17:84:2c:39:4a:c0:e2:ea:58:5e:45:e3:35:77:13:e9:47:
09:6d:93:03:26:77:17:81:f7:d2:f7:b9:99:ea:13:06:5d:29:
9a:31:38:a0:eb:2d:27:51:16:02:47:76:78:c3:7f:de:18:12:
ad:ff:4d:85:e0:41:f7:ff:d7:56:66:38:69:75:d8:83:58:0f:
c4:d1:43:cc:8d:cb:06:66:86:9b:7a:1c:10:21:80:8c:ca:c5:
28:2d:4d:04:c6:d8:cd:74:7d:2c:12:84:26:33:f9:18:8c:fd:
7c:e8:d7:f4:04:3f:d5:15:ec:02:58:d3:dd:a2:74:7a:08:cf:
21:53:1d:46:6c:8e:6c:45:4e:6f:3e:b2:f5:93:76:9f:eb:4f:
8a:ad:4f:34:e1:97:1e:de:8a:e3:44:ca:f6:87:95:ca:24:d3:
66:3a:bc:f9:4e:ce:2a:d0:7a:57:ac:ed:6b:b0:07:42:a4:c4:
16:d6:59:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkmYc2u+8TlWgbym81UT2zTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzA1MTQwODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWZlYjk1MTVlYTQyMGYyMzBhYjRhZGE0MGUwNWI5ODVkYjA1OTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzGSSKrkWRbM/IrBrVp6jRYZ9eHC
0YOiaHEAxQro6puZsRfrP/du1+0nnM+I/cqVzLoxpfwwbHRbqj++1JDORMbHNMQR
kBkWL1ze3cW9fh8ahGiT5wF3GbGJ+4kpgo7LOT+zWAqiwhiPDkmT4xTSWeyBkWgc
2xULhQiiRzaD8leTgs0ACvgAYO90IWIdrChyt3AeXSp5/nT7PzibebfORMNdJfRu
Yqy2KqYicA2gRX6opv3R/Y9TAqwAL7GXHEI2MpqqL5SPKUU0OUJtuxmNsYg2WdxL
R5GG3rww3JK7kdfZJ+iZJD1+qCYme5nCx/ypBue8pAwiHa/K/4t+tRUJdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNH+uVFepCDyMKtK2kDgW5hdsFl2MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMGY2NVVWNmtJUEl3cTByYVFPQmJtRjJ3V1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowV7MA0G
CSqGSIb3DQEBCwUAA4IBAQCiY5SV3jV/5D2jR0RU8QEe0NU0LH+b0Yyx3wAPJEmA
+PyHfWBGNEmxi1SB8/hmoTEb0YoL/DqVqNp2zDdrxrz9z9iYKnHk0ld+F4QsOUrA
4upYXkXjNXcT6UcJbZMDJncXgffS97mZ6hMGXSmaMTig6y0nURYCR3Z4w3/eGBKt
/02F4EH3/9dWZjhpddiDWA/E0UPMjcsGZoabehwQIYCMysUoLU0ExtjNdH0sEoQm
M/kYjP186Nf0BD/VFewCWNPdonR6CM8hUx1GbI5sRU5vPrL1k3af60+KrU804Zce
3orjRMr2h5XKJNNmOrz5Ts4q0HpXrO1rsAdCpMQW1lmo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:08 2023 by rpki-client on console-ams.rpki-client.org