Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2wrHhQNzEWS281BQqgfBdA8LzX0.roa
File: 2wrHhQNzEWS281BQqgfBdA8LzX0.roa (raw, json)
Hash identifier: KaqeUDDuBVWVWRRJYLWSV4+H00Z6D5rNiIuKbWHQJA8=
Subject key identifier: DB:0A:C7:85:03:73:11:64:B6:F3:50:50:AA:07:C1:74:0F:0B:CD:7D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018A44FED043AFEF97CF115DF21455F09BB5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2wrHhQNzEWS281BQqgfBdA8LzX0.roa
Signing time: Wed 30 Aug 2023 05:51:04 +0000
ROA not before: Wed 30 Aug 2023 05:51:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36113
IP address blocks: 163.5.120.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:44:fe:d0:43:af:ef:97:cf:11:5d:f2:14:55:f0:9b:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 30 05:51:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db0ac78503731164b6f35050aa07c1740f0bcd7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:00:17:83:0f:04:4d:ba:4b:89:4d:51:fb:64:
db:ec:3a:47:3c:c5:67:73:57:ef:cf:42:f4:ee:52:
78:99:8f:22:3d:cd:57:47:19:27:1a:7d:d0:9c:33:
77:32:90:fe:be:01:ba:a8:04:3a:9f:2a:58:de:b2:
de:09:1a:28:ab:dd:1a:a5:1b:ee:e4:f8:68:3d:55:
0a:f9:08:a1:63:ab:48:f9:74:e0:d3:2d:89:fb:86:
94:99:b2:20:be:b3:07:75:f5:28:37:68:4e:72:10:
b9:74:51:eb:2c:fb:0e:15:57:b3:10:41:93:8d:93:
18:36:5c:33:64:53:66:7d:2f:e3:0a:46:ab:99:16:
9f:bf:34:54:b8:89:71:32:64:10:c4:35:69:ec:f9:
e3:ff:98:41:a6:b5:81:23:d4:9b:41:f4:25:9e:68:
52:47:57:c3:6b:3c:a3:c5:0f:f6:f1:6a:1d:82:ac:
19:8e:d3:1b:04:fa:5a:50:7f:50:90:d7:16:25:cd:
be:bc:f9:32:ff:12:5b:9b:e7:ff:76:9e:f5:3c:97:
4f:d0:a2:77:a2:63:19:75:b9:a5:ed:5f:c0:b8:c8:
4e:bf:7f:f7:01:21:7d:0c:32:01:7c:eb:2d:a0:07:
05:05:9f:6b:2f:7b:ef:02:93:e0:00:2d:25:08:b2:
7f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0A:C7:85:03:73:11:64:B6:F3:50:50:AA:07:C1:74:0F:0B:CD:7D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2wrHhQNzEWS281BQqgfBdA8LzX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.120.0/24
163.5.138.0/24
163.5.161.0/24
Signature Algorithm: sha256WithRSAEncryption
52:9c:0a:d8:0a:db:96:1c:7a:7e:b1:4a:a5:08:27:f4:a2:dd:
12:29:09:7e:fa:d8:5c:eb:38:98:f0:75:75:9c:e4:31:60:f2:
10:7e:6b:d4:a5:ca:97:a9:35:d9:52:cf:61:a4:98:93:6a:f2:
f8:36:3b:9d:09:24:96:15:49:28:5a:19:cd:b5:09:a6:7d:35:
35:e6:00:cb:db:96:e5:67:3e:93:6a:45:9f:9f:02:c7:b0:f8:
d2:ff:ab:d3:bc:01:62:d3:93:3e:9e:78:f9:60:db:a5:12:c7:
b4:e1:2b:f6:91:70:16:c7:4c:6b:02:b4:0f:a4:cb:91:99:70:
75:26:60:ca:33:44:d9:bc:24:51:21:03:79:ff:77:f9:ea:2f:
75:95:2f:44:4a:ec:ec:4f:a6:8f:b5:cd:e7:ba:3e:85:61:c0:
27:4e:98:d3:c5:44:d1:81:06:b3:34:57:59:b6:7a:71:2c:c4:
ca:0e:ae:77:12:9a:dc:52:ed:ed:17:8a:2e:09:2f:8a:41:29:
28:a8:4d:bc:a7:e8:ec:79:9a:62:8f:94:12:96:34:0a:61:52:
4b:8e:df:e6:ac:75:58:2e:4a:33:75:fd:e4:4e:af:41:49:d6:
63:12:8b:ae:22:10:49:39:5f:9b:77:3e:73:4b:82:03:38:42:
d4:44:7d:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpE/tBDr++XzxFd8hRV8Ju1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwODMwMDU1MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBhYzc4NTAzNzMxMTY0YjZmMzUwNTBhYTA3YzE3NDBmMGJjZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwAXgw8ETbpLiU1R+2Tb7DpHPMVn
c1fvz0L07lJ4mY8iPc1XRxknGn3QnDN3MpD+vgG6qAQ6nypY3rLeCRooq90apRvu
5PhoPVUK+QihY6tI+XTg0y2J+4aUmbIgvrMHdfUoN2hOchC5dFHrLPsOFVezEEGT
jZMYNlwzZFNmfS/jCkarmRafvzRUuIlxMmQQxDVp7Pnj/5hBprWBI9SbQfQlnmhS
R1fDazyjxQ/28WodgqwZjtMbBPpaUH9QkNcWJc2+vPky/xJbm+f/dp71PJdP0KJ3
omMZdbml7V/AuMhOv3/3ASF9DDIBfOstoAcFBZ9rL3vvApPgAC0lCLJ/cQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNsKx4UDcxFktvNQUKoHwXQPC819MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMndySGhRTnpFV1MyODFCUXFnZkJkQThMelgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowV4AwQA
owWKAwQAowWhMA0GCSqGSIb3DQEBCwUAA4IBAQBSnArYCtuWHHp+sUqlCCf0ot0S
KQl++thc6ziY8HV1nOQxYPIQfmvUpcqXqTXZUs9hpJiTavL4NjudCSSWFUkoWhnN
tQmmfTU15gDL25blZz6TakWfnwLHsPjS/6vTvAFi05M+nnj5YNulEse04Sv2kXAW
x0xrArQPpMuRmXB1JmDKM0TZvCRRIQN5/3f56i91lS9ESuzsT6aPtc3nuj6FYcAn
TpjTxUTRgQazNFdZtnpxLMTKDq53EprcUu3tF4ouCS+KQSkoqE28p+jseZpij5QS
ljQKYVJLjt/mrHVYLkozdf3kTq9BSdZjEouuIhBJOV+bdz5zS4IDOELURH3s
-----END CERTIFICATE-----
Generated at Sun Oct 1 22:33:05 2023 by rpki-client on console-fra.rpki-client.org