Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3F6CIclDVqZ8hkAhTYZR1vZuAqI.roa
File: 3F6CIclDVqZ8hkAhTYZR1vZuAqI.roa (raw, json)
Hash identifier: hddRjTdUV672A3M1Abmwx/E+w+Pfkwsh4+SsW7J74EU=
Subject key identifier: DC:5E:82:21:C9:43:56:A6:7C:86:40:21:4D:86:51:D6:F6:6E:02:A2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01888C6D499D9506E5EE9B6E9CFFDED3A458
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3F6CIclDVqZ8hkAhTYZR1vZuAqI.roa
Signing time: Mon 05 Jun 2023 16:39:12 +0000
ROA not before: Mon 05 Jun 2023 16:39:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.105.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.242.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8c:6d:49:9d:95:06:e5:ee:9b:6e:9c:ff:de:d3:a4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 5 16:39:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc5e8221c94356a67c8640214d8651d6f66e02a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7a:29:0d:3f:42:f5:76:ad:ed:4b:02:3e:f9:
2a:31:ef:fb:82:6f:9b:17:16:22:9a:17:2a:46:42:
e1:03:16:f3:18:0e:f9:0b:2f:fa:7f:6f:87:42:f0:
75:cc:d3:27:5c:cd:d3:06:b8:f8:df:80:c3:c9:ed:
f1:d7:ea:dd:6e:8c:02:d6:5a:07:95:b2:b1:9f:84:
62:02:c9:ca:0a:f4:9e:d3:33:f6:6b:77:19:1a:8d:
90:17:4e:85:ad:e9:e7:fe:37:a0:9a:ce:a5:f4:d3:
09:1d:a4:70:1e:5e:47:db:40:1c:fc:ec:af:f7:d4:
eb:37:80:e2:2f:d2:07:48:84:ee:0c:a8:85:72:2b:
88:a9:6b:dd:ff:da:c5:3b:15:fe:06:4b:cf:38:ca:
f7:11:bc:73:5d:3d:3c:c1:17:2e:45:08:98:95:bf:
c1:d4:87:4f:78:b5:0f:7c:f6:d1:a4:1a:51:e4:c2:
a2:13:2b:c8:b9:df:af:91:52:6b:85:90:26:78:d8:
6a:5f:b7:a7:bb:0a:f6:cb:7c:bc:47:f0:0f:e8:5b:
8a:09:b3:f9:76:54:71:ea:13:b0:d5:c7:c6:dc:35:
39:6c:3d:ab:21:e4:09:6a:d8:4b:9a:c8:fe:e1:93:
a0:72:f0:9e:55:cd:8c:32:b3:e4:64:1e:82:22:a3:
14:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:5E:82:21:C9:43:56:A6:7C:86:40:21:4D:86:51:D6:F6:6E:02:A2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3F6CIclDVqZ8hkAhTYZR1vZuAqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.105.0-163.5.106.255
163.5.153.0/24
163.5.159.0/24
163.5.168.0/24
163.5.242.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:1d:f7:ad:91:2c:3e:db:a4:5f:0e:4d:1c:24:45:1c:20:3b:
ab:8d:0b:d9:cc:d5:97:92:8a:b8:b4:e5:c7:89:b8:3d:81:e5:
d6:d9:e7:d0:69:10:07:6b:29:09:9c:2c:bb:5a:83:5f:4c:5d:
bd:5b:67:ba:6c:b0:75:2f:b1:9b:ad:95:e1:42:74:83:2c:2c:
fc:32:3c:09:b0:90:85:04:24:86:de:7f:06:75:43:db:06:6b:
99:57:51:1c:2d:10:21:e7:55:ea:71:15:af:8d:9d:f5:cb:e9:
37:d2:fa:f3:42:5e:ed:14:2a:ae:19:80:90:f7:dd:c1:b6:96:
12:03:18:d4:fa:8d:ad:4b:1b:31:77:82:d6:c8:34:a9:2f:d9:
1f:4d:d3:9c:81:1b:5b:9b:dd:03:99:df:de:e2:be:4e:4f:dd:
1f:4b:ec:a1:91:c5:d3:a2:83:5d:ca:5b:11:1d:ac:05:79:06:
9f:8b:0b:ed:5e:9d:b2:37:57:08:4e:38:7b:1b:06:51:d3:ae:
51:2b:97:ce:a5:bb:40:a3:37:22:d6:ff:f2:18:98:6b:a8:ee:
54:2e:db:cb:3d:b5:60:99:7d:3e:de:a0:3c:13:c1:b8:62:98:
a0:24:bc:74:63:25:35:3a:f1:10:6d:b4:c1:65:81:3e:ac:8b:
dc:72:11:68
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYiMbUmdlQbl7ptunP/e06RYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjA1MTYzOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzVlODIyMWM5NDM1NmE2N2M4NjQwMjE0ZDg2NTFkNmY2NmUwMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXopDT9C9Xat7UsCPvkqMe/7gm+b
FxYimhcqRkLhAxbzGA75Cy/6f2+HQvB1zNMnXM3TBrj434DDye3x1+rdbowC1loH
lbKxn4RiAsnKCvSe0zP2a3cZGo2QF06Frenn/jegms6l9NMJHaRwHl5H20Ac/Oyv
99TrN4DiL9IHSITuDKiFciuIqWvd/9rFOxX+BkvPOMr3EbxzXT08wRcuRQiYlb/B
1IdPeLUPfPbRpBpR5MKiEyvIud+vkVJrhZAmeNhqX7enuwr2y3y8R/AP6FuKCbP5
dlRx6hOw1cfG3DU5bD2rIeQJathLmsj+4ZOgcvCeVc2MMrPkZB6CIqMUuwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNxegiHJQ1amfIZAIU2GUdb2bgKiMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvM0Y2Q0ljbERWcVo4aGtBaFRZWlIxdlp1QXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAowUgMAwD
BACjBWkDBACjBWoDBACjBZkDBACjBZ8DBACjBagDBACjBfIwDQYJKoZIhvcNAQEL
BQADggEBAJsd962RLD7bpF8OTRwkRRwgO6uNC9nM1ZeSiri05ceJuD2B5dbZ59Bp
EAdrKQmcLLtag19MXb1bZ7pssHUvsZutleFCdIMsLPwyPAmwkIUEJIbefwZ1Q9sG
a5lXURwtECHnVepxFa+NnfXL6TfS+vNCXu0UKq4ZgJD33cG2lhIDGNT6ja1LGzF3
gtbINKkv2R9N05yBG1ub3QOZ397ivk5P3R9L7KGRxdOig13KWxEdrAV5Bp+LC+1e
nbI3VwhOOHsbBlHTrlErl86lu0CjNyLW//IYmGuo7lQu28s9tWCZfT7eoDwTwbhi
mKAkvHRjJTU68RBttMFlgT6si9xyEWg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:08 2023 by rpki-client on console-ams.rpki-client.org