Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3nO-aWF3-rMLPGbitTYEqQoj684.roa
File: 3nO-aWF3-rMLPGbitTYEqQoj684.roa (raw, json)
Hash identifier: zvsIrKxcyU9E5IMuWqsytYtJ5BZFpgrWm5AlqY+6J4A=
Subject key identifier: DE:73:BE:69:61:77:FA:B3:0B:3C:66:E2:B5:36:04:A9:0A:23:EB:CE
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0187B16383CC207D0EFD06103FE98DDFA881
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3nO-aWF3-rMLPGbitTYEqQoj684.roa
Signing time: Mon 24 Apr 2023 03:51:41 +0000
ROA not before: Mon 24 Apr 2023 03:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 163.5.212.0/24 maxlen: 24
163.5.105.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.115.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.242.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b1:63:83:cc:20:7d:0e:fd:06:10:3f:e9:8d:df:a8:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 24 03:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de73be696177fab30b3c66e2b53604a90a23ebce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:af:e6:89:2a:ef:9c:bf:2a:47:53:74:fd:b6:
81:ae:52:d7:80:bb:5c:26:82:86:99:7c:78:51:6f:
94:c9:23:20:c5:54:9f:6b:f6:c5:e5:bd:d3:ae:66:
37:99:ea:b8:49:77:8d:d6:af:d7:3d:75:82:27:bc:
ef:fb:74:c3:f9:9a:3f:cb:c9:c2:20:1c:4e:39:c2:
ef:64:75:8f:92:86:8d:cd:39:c1:d4:be:fb:c2:bd:
03:63:24:32:52:f6:6c:b9:e0:d8:20:e3:7f:d0:94:
36:0d:83:59:4f:69:f9:f5:8e:b0:52:6c:3b:ae:bd:
31:f5:d5:c6:5a:bb:6f:36:47:4d:c6:18:90:6a:81:
53:a7:b6:fd:07:bb:9b:5b:e4:06:68:d0:0f:32:01:
89:c2:75:70:bb:02:d7:29:b4:70:b8:12:5f:1c:0a:
6e:1b:50:cd:0e:bc:cf:01:54:50:54:25:08:fb:e2:
54:44:13:69:b2:d7:67:da:42:90:77:be:59:0e:93:
c6:16:c7:c7:71:5c:bb:72:13:07:ed:76:ce:76:84:
5e:06:2e:dc:21:fd:38:7e:44:32:12:43:66:73:9f:
5d:db:4e:ce:87:a6:d7:3e:2d:7c:8c:21:b5:2f:cc:
81:ac:ac:cb:ac:b5:45:73:d1:a1:2a:9b:79:51:a5:
65:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:73:BE:69:61:77:FA:B3:0B:3C:66:E2:B5:36:04:A9:0A:23:EB:CE
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3nO-aWF3-rMLPGbitTYEqQoj684.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.105.0-163.5.106.255
163.5.115.0/24
163.5.118.0/23
163.5.153.0/24
163.5.159.0/24
163.5.168.0/24
163.5.212.0/24
163.5.220.0/24
163.5.242.0/24
Signature Algorithm: sha256WithRSAEncryption
91:db:4e:df:76:90:db:84:fd:8e:30:e3:7d:7f:18:14:d9:80:
4e:c2:43:8e:54:6b:77:79:e8:1c:2d:46:19:54:05:22:6f:4f:
36:32:6c:00:47:8b:e1:08:0f:4c:fa:6b:97:36:c2:5a:a5:32:
af:c5:b5:42:42:3e:47:e5:3e:c9:4f:be:53:2b:12:7d:94:f7:
eb:4f:68:89:d3:ab:5b:37:00:f8:ac:b8:31:51:d2:3a:41:b1:
5c:8c:f5:bd:a5:90:0c:0e:22:86:89:c9:7e:39:72:e4:a8:da:
3a:3e:63:3e:66:22:dd:42:58:ac:0f:0e:68:d3:63:7a:f7:6c:
a1:31:e0:61:aa:ac:36:50:b1:20:dc:12:98:ea:30:6b:33:6f:
87:f9:4c:6c:e5:05:d7:4f:1c:5e:5d:8b:7c:ec:fb:6c:03:f0:
b1:32:30:e8:51:b9:3f:03:cb:6b:89:55:9d:11:24:30:c9:66:
80:38:dc:db:56:ec:f0:19:5f:77:40:d1:33:87:13:86:a4:00:
6f:18:ad:9e:72:61:92:de:43:ad:47:49:a0:aa:e2:1e:b3:a3:
6a:78:37:fc:3a:13:6c:8e:e4:84:22:17:70:d5:94:c4:7b:53:
60:a3:e4:8b:85:d4:06:9a:4c:18:bf:65:90:50:47:9a:73:1c:
a4:9a:a3:45
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYexY4PMIH0O/QYQP+mN36iBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDI0MDM1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTczYmU2OTYxNzdmYWIzMGIzYzY2ZTJiNTM2MDRhOTBhMjNlYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga/miSrvnL8qR1N0/baBrlLXgLtc
JoKGmXx4UW+UySMgxVSfa/bF5b3TrmY3meq4SXeN1q/XPXWCJ7zv+3TD+Zo/y8nC
IBxOOcLvZHWPkoaNzTnB1L77wr0DYyQyUvZsueDYION/0JQ2DYNZT2n59Y6wUmw7
rr0x9dXGWrtvNkdNxhiQaoFTp7b9B7ubW+QGaNAPMgGJwnVwuwLXKbRwuBJfHApu
G1DNDrzPAVRQVCUI++JURBNpstdn2kKQd75ZDpPGFsfHcVy7chMH7XbOdoReBi7c
If04fkQyEkNmc59d207Oh6bXPi18jCG1L8yBrKzLrLVFc9GhKpt5UaVldwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFN5zvmlhd/qzCzxm4rU2BKkKI+vOMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvM25PLWFXRjMtck1MUEdiaXRUWUVxUW9qNjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAowUgMAwD
BACjBWkDBACjBWoDBACjBXMDBAGjBXYDBACjBZkDBACjBZ8DBACjBagDBACjBdQD
BACjBdwDBACjBfIwDQYJKoZIhvcNAQELBQADggEBAJHbTt92kNuE/Y4w431/GBTZ
gE7CQ45Ua3d56BwtRhlUBSJvTzYybABHi+EID0z6a5c2wlqlMq/FtUJCPkflPslP
vlMrEn2U9+tPaInTq1s3APisuDFR0jpBsVyM9b2lkAwOIoaJyX45cuSo2jo+Yz5m
It1CWKwPDmjTY3r3bKEx4GGqrDZQsSDcEpjqMGszb4f5TGzlBddPHF5di3zs+2wD
8LEyMOhRuT8Dy2uJVZ0RJDDJZoA43NtW7PAZX3dA0TOHE4akAG8YrZ5yYZLeQ61H
SaCq4h6zo2p4N/w6E2yO5IQiF3DVlMR7U2Cj5IuF1AaaTBi/ZZBQR5pzHKSao0U=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:19 2023 by rpki-client on console-fra.rpki-client.org