Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3dgll52Z-W9ubwDGN9gc8teSFPg.roa
File: 3dgll52Z-W9ubwDGN9gc8teSFPg.roa (raw, json)
Hash identifier: DTef5FXPqjLmAuEccxpQ3t3V7Wb2/iJ9iy+tJzQy19c=
Subject key identifier: DD:D8:25:97:9D:99:F9:6F:6E:6F:00:C6:37:D8:1C:F2:D7:92:14:F8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018ADD958E10F39022AA64D31C00F45E53B1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3dgll52Z-W9ubwDGN9gc8teSFPg.roa
Signing time: Thu 28 Sep 2023 20:58:00 +0000
ROA not before: Thu 28 Sep 2023 20:58:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 163.5.211.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dd:95:8e:10:f3:90:22:aa:64:d3:1c:00:f4:5e:53:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 28 20:58:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddd825979d99f96f6e6f00c637d81cf2d79214f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f5:2d:61:09:24:74:e4:c9:ac:76:f9:19:b3:
ab:2f:e4:c6:91:1f:7f:d6:09:15:14:ec:43:5a:39:
d3:d0:77:d3:9a:9f:77:2a:45:17:2b:f7:75:ec:1d:
be:10:4a:84:3a:c3:68:a5:e0:d0:8d:27:6a:f6:a0:
59:0e:8f:37:63:01:d3:e4:f6:71:7f:55:42:42:e8:
d8:e1:d3:4e:35:f5:31:10:ac:f3:df:73:2a:8f:2e:
ba:10:6a:b8:42:a7:ed:31:ae:ba:05:62:5c:d0:1a:
15:4d:75:9a:44:0f:02:b3:a6:e7:61:3c:e2:7d:53:
21:8f:a6:be:09:1d:70:61:81:2f:31:cc:7d:ea:8f:
e6:53:ae:06:38:26:67:1f:86:bb:54:97:f0:a1:4c:
33:cf:24:c2:fc:6b:4b:5c:2c:1b:eb:c1:b1:d3:eb:
f0:ae:a1:76:43:c5:69:e2:d6:43:ec:ea:dc:2f:35:
4f:40:d5:bd:de:c3:ec:e3:26:d4:41:e7:5d:43:41:
3a:81:c0:b5:ae:53:78:51:77:27:3c:28:51:ee:b6:
b7:85:55:f8:61:3e:9d:77:3f:4f:85:0a:ae:6e:11:
c6:35:c6:39:a1:eb:b8:2e:5b:ff:f7:e6:3a:c2:f4:
57:2c:95:26:58:6b:3d:5e:a3:ba:d1:40:2e:8c:84:
c6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D8:25:97:9D:99:F9:6F:6E:6F:00:C6:37:D8:1C:F2:D7:92:14:F8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3dgll52Z-W9ubwDGN9gc8teSFPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.136.0/24
163.5.211.0/24
Signature Algorithm: sha256WithRSAEncryption
57:0b:b9:bb:18:bb:94:59:4f:3d:06:0a:e2:7c:be:13:36:b9:
f6:2f:53:20:31:e4:de:ee:97:53:42:ac:11:91:f9:f5:30:23:
d2:6d:ae:b5:79:dc:e6:cb:cf:46:a0:e6:2e:6e:a2:c7:7c:9b:
3d:56:28:2e:e6:e8:11:51:93:5d:63:b8:4a:da:fe:a7:9d:5d:
94:e9:d2:e1:57:13:1b:66:b6:59:62:c6:6c:84:45:98:68:13:
2d:0e:3e:49:0d:f0:30:39:16:08:a8:89:1b:38:1d:06:72:69:
81:32:80:1e:2c:7b:ea:36:c2:ba:3e:a5:9f:eb:50:23:c2:cd:
ad:57:31:6e:ca:ae:3f:a5:39:49:17:6d:3c:47:89:1a:4a:7b:
30:9e:4c:6e:f9:2f:14:27:44:1f:fe:c6:e3:f6:66:7c:5e:f8:
3a:52:a7:5f:f7:75:21:7f:1f:a4:5b:ff:77:de:bb:11:aa:a6:
0e:1e:6d:7e:41:59:ab:c4:84:c2:39:9d:e2:6a:af:93:69:ef:
bd:25:84:f2:db:9f:7d:63:19:34:48:69:89:5b:fb:04:15:51:
37:bb:e5:63:5f:c2:ec:a7:1b:c2:5d:b8:6f:c0:42:b0:88:b4:
1f:17:86:59:8b:ca:dc:6f:0f:7a:ac:6e:fc:9c:d3:79:da:5a:
ba:17:fe:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrdlY4Q85AiqmTTHAD0XlOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTI4MjA1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ4MjU5NzlkOTlmOTZmNmU2ZjAwYzYzN2Q4MWNmMmQ3OTIxNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/UtYQkkdOTJrHb5GbOrL+TGkR9/
1gkVFOxDWjnT0HfTmp93KkUXK/d17B2+EEqEOsNopeDQjSdq9qBZDo83YwHT5PZx
f1VCQujY4dNONfUxEKzz33Mqjy66EGq4QqftMa66BWJc0BoVTXWaRA8Cs6bnYTzi
fVMhj6a+CR1wYYEvMcx96o/mU64GOCZnH4a7VJfwoUwzzyTC/GtLXCwb68Gx0+vw
rqF2Q8Vp4tZD7OrcLzVPQNW93sPs4ybUQeddQ0E6gcC1rlN4UXcnPChR7ra3hVX4
YT6ddz9PhQqubhHGNcY5oeu4Llv/9+Y6wvRXLJUmWGs9XqO60UAujITG9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN3YJZedmflvbm8AxjfYHPLXkhT4MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvM2RnbGw1MlotVzl1YndER045Z2M4dGVTRlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWIAwQA
owXTMA0GCSqGSIb3DQEBCwUAA4IBAQBXC7m7GLuUWU89BgrifL4TNrn2L1MgMeTe
7pdTQqwRkfn1MCPSba61edzmy89GoOYubqLHfJs9Vigu5ugRUZNdY7hK2v6nnV2U
6dLhVxMbZrZZYsZshEWYaBMtDj5JDfAwORYIqIkbOB0GcmmBMoAeLHvqNsK6PqWf
61Ajws2tVzFuyq4/pTlJF208R4kaSnswnkxu+S8UJ0Qf/sbj9mZ8Xvg6Uqdf93Uh
fx+kW/933rsRqqYOHm1+QVmrxITCOZ3iaq+Tae+9JYTy2599Yxk0SGmJW/sEFVE3
u+VjX8LspxvCXbhvwEKwiLQfF4ZZi8rcbw96rG78nNN52lq6F/5j
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org