Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2vGe-FqI8mCNn7X-I4t0D6ICd2c.roa
File: 2vGe-FqI8mCNn7X-I4t0D6ICd2c.roa (raw, json)
Hash identifier: d0zV44DxHrITfDGRfJwq3R2ck6xwmIWpjk9WAWhP+u0=
Subject key identifier: DA:F1:9E:F8:5A:88:F2:60:8D:9F:B5:FE:23:8B:74:0F:A2:02:77:67
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018609DA62C60ED45C4C894B5B9A79C625BA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2vGe-FqI8mCNn7X-I4t0D6ICd2c.roa
Signing time: Tue 31 Jan 2023 22:02:32 +0000
ROA not before: Tue 31 Jan 2023 22:02:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:09:da:62:c6:0e:d4:5c:4c:89:4b:5b:9a:79:c6:25:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 31 22:02:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daf19ef85a88f2608d9fb5fe238b740fa2027767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f5:13:1f:d4:b2:28:3c:e7:cb:e0:a9:f2:ce:
eb:bd:ff:c2:cf:0b:dc:c6:d7:de:f0:6e:3d:79:9e:
30:09:54:49:3c:73:5e:39:21:76:7a:71:65:a5:b7:
e2:4a:50:fa:a0:4b:77:d5:a1:84:99:00:31:08:90:
fa:18:8f:59:8b:b4:04:a2:28:98:cd:16:00:c2:c9:
36:22:fb:25:fb:5f:eb:dc:63:82:c0:8a:cb:54:95:
24:ca:ec:93:5c:5c:48:03:12:ca:8a:c1:57:47:fa:
84:d1:bc:d8:6c:b0:74:76:70:88:63:01:cd:cd:c5:
31:0b:07:d6:53:8f:a0:c8:6c:54:77:53:9b:7f:85:
67:ce:76:36:3d:0b:f3:f8:79:e5:4b:2f:1c:fc:d9:
df:9d:d6:40:20:97:0c:55:d0:5e:2a:6d:02:be:94:
6f:6d:ee:83:d6:9b:d6:0a:4f:a6:1a:a3:2e:72:c1:
b1:c2:18:56:92:98:f5:ce:0c:49:92:f1:5f:8e:c9:
b4:1b:59:1a:72:3a:e0:cd:f6:f4:39:c5:55:5e:d6:
3f:cf:fd:11:9a:98:77:39:8d:e9:1c:2c:45:c1:c8:
45:3b:50:7f:ff:5e:55:bd:0d:4e:80:fe:43:90:62:
4f:46:77:bc:9c:af:6e:52:25:59:fc:e6:86:43:fa:
4b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F1:9E:F8:5A:88:F2:60:8D:9F:B5:FE:23:8B:74:0F:A2:02:77:67
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2vGe-FqI8mCNn7X-I4t0D6ICd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.131.0/24
163.5.134.0/24
163.5.192.0/24
163.5.228.0/24
163.5.238.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:eb:e9:c6:0c:38:10:c0:07:7c:c4:d7:a5:2a:97:9d:bf:e5:
00:ca:11:6e:0a:66:81:7c:b5:26:5e:3b:00:8e:72:d7:30:2d:
d4:93:9d:35:12:bb:e7:4b:0c:c9:a5:e1:98:ea:05:f5:31:c0:
1a:76:70:ab:5e:a7:fa:6d:40:2f:a4:77:b5:f4:5a:0a:73:c4:
51:21:d5:de:f7:61:40:f8:8c:d5:1b:03:82:f3:e9:53:dd:f1:
05:21:75:8e:17:d4:b0:ca:ff:7c:10:b8:8e:46:19:46:30:a0:
9a:d0:95:52:d4:b8:ab:36:9e:76:31:bb:c4:8f:77:c7:7b:74:
6b:16:22:e6:c4:58:33:7b:dd:4a:d3:3c:4c:b0:d3:e4:04:14:
f5:a6:ba:52:6a:d6:1d:a8:77:d4:b6:59:b1:26:96:30:a3:9c:
a1:21:c0:48:7c:26:eb:25:cd:29:6a:f5:21:4d:4b:b5:b2:8e:
48:48:d6:30:d4:7c:d8:72:90:78:cc:dd:1c:a8:de:4f:2b:89:
cd:36:20:d8:41:ff:47:00:97:f8:d7:21:66:52:86:49:5d:b6:
46:06:c0:d5:68:c5:00:2b:83:62:18:38:d3:92:b0:34:70:dc:
bc:a0:af:b5:99:83:8d:72:ca:fe:2d:ca:b3:b7:62:95:68:f0:
9a:ef:d1:68
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYJ2mLGDtRcTIlLW5p5xiW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTMxMjIwMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWYxOWVmODVhODhmMjYwOGQ5ZmI1ZmUyMzhiNzQwZmEyMDI3NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfUTH9SyKDzny+Cp8s7rvf/Czwvc
xtfe8G49eZ4wCVRJPHNeOSF2enFlpbfiSlD6oEt31aGEmQAxCJD6GI9Zi7QEoiiY
zRYAwsk2Ivsl+1/r3GOCwIrLVJUkyuyTXFxIAxLKisFXR/qE0bzYbLB0dnCIYwHN
zcUxCwfWU4+gyGxUd1Obf4VnznY2PQvz+HnlSy8c/NnfndZAIJcMVdBeKm0CvpRv
be6D1pvWCk+mGqMucsGxwhhWkpj1zgxJkvFfjsm0G1kacjrgzfb0OcVVXtY/z/0R
mph3OY3pHCxFwchFO1B//15VvQ1OgP5DkGJPRne8nK9uUiVZ/OaGQ/pLqQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNrxnvhaiPJgjZ+1/iOLdA+iAndnMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMnZHZS1GcUk4bUNObjdYLUk0dDBENklDZDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowWDAwQA
owWGAwQAowXAAwQAowXkAwQAowXuMA0GCSqGSIb3DQEBCwUAA4IBAQAP6+nGDDgQ
wAd8xNelKpedv+UAyhFuCmaBfLUmXjsAjnLXMC3Uk501ErvnSwzJpeGY6gX1McAa
dnCrXqf6bUAvpHe19FoKc8RRIdXe92FA+IzVGwOC8+lT3fEFIXWOF9Swyv98ELiO
RhlGMKCa0JVS1LirNp52MbvEj3fHe3RrFiLmxFgze91K0zxMsNPkBBT1prpSatYd
qHfUtlmxJpYwo5yhIcBIfCbrJc0pavUhTUu1so5ISNYw1HzYcpB4zN0cqN5PK4nN
NiDYQf9HAJf41yFmUoZJXbZGBsDVaMUAK4NiGDjTkrA0cNy8oK+1mYONcsr+Lcqz
t2KVaPCa79Fo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:08 2023 by rpki-client on console-ams.rpki-client.org