Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-LjOMJ2A9mwfXk6ZcAcNSmkTAgY.roa
File: 1-LjOMJ2A9mwfXk6ZcAcNSmkTAgY.roa (raw, json)
Hash identifier: zs+vpuiv9w9PO6TIoc50p+ZvHaKWp3Bk+Qnq8E4V+yk=
Subject key identifier: F8:B8:CE:30:9D:80:F6:6C:1F:5E:4E:99:70:07:0D:4A:69:13:02:06
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018BDEB0F8392734E5818D08F4FAF5D04655
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-LjOMJ2A9mwfXk6ZcAcNSmkTAgY.roa
Signing time: Fri 17 Nov 2023 19:10:21 +0000
ROA not before: Fri 17 Nov 2023 19:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.223.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:de:b0:f8:39:27:34:e5:81:8d:08:f4:fa:f5:d0:46:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 17 19:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8b8ce309d80f66c1f5e4e9970070d4a69130206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f0:c4:75:d0:21:96:d1:06:26:9a:da:ec:9a:
aa:92:b7:11:af:e0:ae:27:7d:eb:3d:03:6f:c4:56:
8b:86:85:c6:0e:b7:5f:4f:8e:ac:8b:cf:66:c7:31:
80:8d:d1:38:2b:ca:15:97:d7:7f:39:ff:06:9b:b8:
0c:1f:4c:b2:12:30:32:24:05:b1:69:97:9f:e5:42:
0f:da:f9:0a:d9:62:2c:85:5e:56:7d:7b:6f:d0:f3:
9b:0b:7e:82:a9:12:43:eb:ec:47:bd:5b:3f:5f:90:
6c:bd:68:db:fe:26:cc:9c:77:65:2c:5c:26:e9:f8:
87:38:dc:e7:cc:5f:dc:c6:b9:58:79:10:df:6c:91:
3c:7c:71:f0:c7:29:f3:03:bd:88:10:fb:d7:e3:7f:
2c:58:f0:18:d0:6c:aa:4c:88:27:da:18:f5:74:96:
74:a3:af:22:c8:c6:03:0c:03:b1:f4:b2:7a:24:d3:
7b:a3:b4:62:9d:a9:e0:e7:6f:cc:af:d8:e8:8e:15:
6d:e7:59:2c:b4:53:d9:97:a7:76:27:24:72:06:4b:
f6:74:6d:b5:19:fe:c4:02:cc:a1:20:2f:47:89:c7:
10:45:78:14:b1:b5:2e:b9:47:46:7d:c2:7c:47:fe:
17:b2:6d:b6:29:e8:23:94:bc:ee:64:1b:97:26:d4:
59:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B8:CE:30:9D:80:F6:6C:1F:5E:4E:99:70:07:0D:4A:69:13:02:06
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-LjOMJ2A9mwfXk6ZcAcNSmkTAgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.149.0/24
163.5.168.0/24
163.5.223.0/24
163.5.244.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c0:cb:8c:72:de:67:ec:02:98:ce:71:5e:5d:ae:1e:3d:aa:
8d:c4:72:21:d5:8a:ce:14:b0:5b:c0:47:fa:ef:bc:7e:e3:1c:
6b:0c:62:77:34:bd:d1:e5:e8:19:a2:04:25:eb:02:73:dd:01:
f9:0a:7d:0e:d9:f4:b1:c2:d1:4a:b7:4c:b1:2b:ba:30:a1:57:
b7:95:22:a4:31:08:ed:48:a4:1a:9f:f2:76:c5:ef:69:fb:4d:
b3:eb:cc:ac:5c:95:b9:74:fc:39:20:19:13:ed:76:1a:e2:4b:
d3:a8:b1:40:95:6d:d8:65:f4:e0:1a:8f:d4:0d:c9:c9:92:80:
66:a7:e7:98:b5:dc:a5:5a:e2:9d:4d:54:9d:07:44:85:fe:5a:
d2:a5:63:93:98:03:fd:41:5b:ff:64:b8:f1:12:2f:b3:8c:bc:
4d:1c:54:21:f3:61:c0:2b:73:b4:c7:05:75:b3:9b:95:f9:ff:
ee:a0:cc:7b:eb:5b:0a:5d:48:72:e4:1b:90:18:aa:05:63:5e:
2c:9a:55:fd:f4:dc:a0:68:f5:fd:53:7c:8f:31:9f:86:43:c3:
1f:ae:f6:cd:df:f4:eb:0b:ab:ad:e0:2e:07:f8:ce:bc:13:31:
7a:50:c6:e2:a5:4c:be:7f:63:78:f8:f8:18:91:76:0d:13:9a:
a9:d2:26:b8
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYvesPg5JzTlgY0I9Pr10EZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTE3MTkxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGI4Y2UzMDlkODBmNjZjMWY1ZTRlOTk3MDA3MGQ0YTY5MTMwMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPDEddAhltEGJpra7JqqkrcRr+Cu
J33rPQNvxFaLhoXGDrdfT46si89mxzGAjdE4K8oVl9d/Of8Gm7gMH0yyEjAyJAWx
aZef5UIP2vkK2WIshV5WfXtv0PObC36CqRJD6+xHvVs/X5BsvWjb/ibMnHdlLFwm
6fiHONznzF/cxrlYeRDfbJE8fHHwxynzA72IEPvX438sWPAY0GyqTIgn2hj1dJZ0
o68iyMYDDAOx9LJ6JNN7o7Rinang52/Mr9jojhVt51kstFPZl6d2JyRyBkv2dG21
Gf7EAsyhIC9HiccQRXgUsbUuuUdGfcJ8R/4Xsm22KegjlLzuZBuXJtRZKQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPi4zjCdgPZsH15OmXAHDUppEwIGMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS1Mak9NSjJBOW13ZlhrNlpjQWNOU21rVEFnWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYw
MS8xL0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAKMFlQME
AKMFqAMEAKMF3wMEAKMF9DANBgkqhkiG9w0BAQsFAAOCAQEAZsDLjHLeZ+wCmM5x
Xl2uHj2qjcRyIdWKzhSwW8BH+u+8fuMcawxidzS90eXoGaIEJesCc90B+Qp9Dtn0
scLRSrdMsSu6MKFXt5UipDEI7UikGp/ydsXvaftNs+vMrFyVuXT8OSAZE+12GuJL
06ixQJVt2GX04BqP1A3JyZKAZqfnmLXcpVrinU1UnQdEhf5a0qVjk5gD/UFb/2S4
8RIvs4y8TRxUIfNhwCtztMcFdbOblfn/7qDMe+tbCl1IcuQbkBiqBWNeLJpV/fTc
oGj1/VN8jzGfhkPDH672zd/06wurreAuB/jOvBMxelDG4qVMvn9jePj4GJF2DROa
qdImuA==
-----END CERTIFICATE-----
Generated at Sat Nov 18 13:21:07 2023 by rpki-client on console-fra.rpki-client.org