Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3zrcddXgllZ_pnKrS7DLIKVgrI0.roa
File: 3zrcddXgllZ_pnKrS7DLIKVgrI0.roa (raw, json)
Hash identifier: MvlSSgf9KxnzfwPEcRT9SBHzkUXtp4YP8jRaJ/2t0JQ=
Subject key identifier: DF:3A:DC:75:D5:E0:96:56:7F:A6:72:AB:4B:B0:CB:20:A5:60:AC:8D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042C98DD2483FE3CD89F1576520B106
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3zrcddXgllZ_pnKrS7DLIKVgrI0.roa
Signing time: Mon 02 Jan 2023 02:15:03 +0000
ROA not before: Mon 02 Jan 2023 02:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209181
IP address blocks: 163.5.218.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:c9:8d:d2:48:3f:e3:cd:89:f1:57:65:20:b1:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df3adc75d5e096567fa672ab4bb0cb20a560ac8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:90:cc:49:f7:45:2d:82:ed:b2:69:32:3b:7e:
d8:df:c8:57:d9:99:80:cd:1a:a5:fe:4c:81:03:16:
b9:5a:d0:93:1b:d8:99:f1:b0:4b:3a:57:44:e9:da:
a6:20:4a:e1:67:d0:29:ee:3a:50:6d:91:e2:f2:e7:
43:88:21:ff:2d:bd:42:bd:55:e8:1c:14:01:f6:59:
00:a2:3e:55:92:c4:80:14:4f:96:32:62:83:2f:f1:
59:89:dc:a8:7a:04:59:06:83:08:bd:0f:23:8d:ad:
69:c2:cb:fa:ca:81:0e:4c:06:2e:2f:bb:80:22:81:
13:33:c1:a3:59:1d:85:37:63:af:91:a8:31:ac:51:
87:c0:18:1d:e8:b8:7a:34:e0:90:44:3f:fb:a4:fe:
48:f5:1d:ee:b7:d1:e7:b3:70:74:d3:5a:fc:a5:9f:
93:4c:07:08:2d:e2:3a:33:bf:7a:cd:6e:cd:5a:59:
af:ca:00:d7:1d:39:3f:f3:13:40:0c:69:38:8e:ba:
71:a0:88:2a:41:8e:ed:3b:be:37:a6:30:79:23:51:
ef:07:7c:09:e8:40:36:d7:d6:fd:f0:64:e9:f7:5e:
e2:a4:62:c3:c5:ef:8a:42:d0:bd:dc:51:3d:b1:96:
aa:cd:ef:cb:da:e9:68:ba:47:ca:ae:18:3a:ee:59:
f8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3A:DC:75:D5:E0:96:56:7F:A6:72:AB:4B:B0:CB:20:A5:60:AC:8D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3zrcddXgllZ_pnKrS7DLIKVgrI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.218.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:5c:59:23:0a:96:08:a1:e5:46:3c:cd:f1:9f:bc:69:17:77:
04:b8:c6:f7:ca:c5:86:12:0c:d0:84:77:8b:dd:19:9c:4d:40:
3e:3d:b6:b2:1b:7b:45:a4:e7:f2:01:fa:55:ab:48:98:26:66:
f2:d4:76:bc:8b:60:b1:d8:53:b5:1a:3a:b9:dc:42:73:c1:f7:
b6:14:7c:5f:9d:bd:da:e2:84:b5:ee:24:05:74:d2:f4:cb:ef:
9f:eb:fc:7a:e4:2e:d7:77:64:d7:45:92:bc:dd:f5:28:a4:c5:
30:f5:0f:2c:bf:9f:51:03:9c:01:4a:ce:58:df:74:94:a4:18:
ca:03:8d:fe:a1:22:b8:93:23:09:09:3b:10:89:6d:ac:be:10:
ed:26:ad:0c:fd:a4:6f:72:3f:64:e6:62:59:95:15:6a:e2:64:
70:1b:97:2b:e8:19:30:dd:51:41:2f:97:73:21:0d:32:a4:15:
b8:62:62:23:c2:e6:9f:10:c5:11:cb:1c:3d:69:c3:60:3e:ba:
a4:97:68:5b:75:18:53:51:70:5e:ea:f8:c4:06:47:f7:48:22:
e6:03:a5:89:2e:7c:bf:84:13:92:16:eb:6a:53:c6:e6:9a:87:
c9:a6:f8:57:89:f8:3c:fe:ff:d5:ea:03:b9:be:a5:43:ab:fb:
4b:78:40:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQsmN0kg/482J8VdlILEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjNhZGM3NWQ1ZTA5NjU2N2ZhNjcyYWI0YmIwY2IyMGE1NjBhYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZDMSfdFLYLtsmkyO37Y38hX2ZmA
zRql/kyBAxa5WtCTG9iZ8bBLOldE6dqmIErhZ9Ap7jpQbZHi8udDiCH/Lb1CvVXo
HBQB9lkAoj5VksSAFE+WMmKDL/FZidyoegRZBoMIvQ8jja1pwsv6yoEOTAYuL7uA
IoETM8GjWR2FN2OvkagxrFGHwBgd6Lh6NOCQRD/7pP5I9R3ut9Hns3B001r8pZ+T
TAcILeI6M796zW7NWlmvygDXHTk/8xNADGk4jrpxoIgqQY7tO743pjB5I1HvB3wJ
6EA219b98GTp917ipGLDxe+KQtC93FE9sZaqze/L2uloukfKrhg67ln4dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN863HXV4JZWf6Zyq0uwyyClYKyNMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvM3pyY2RkWGdsbFpfcG5LclM3RExJS1ZnckkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXaMA0G
CSqGSIb3DQEBCwUAA4IBAQCpXFkjCpYIoeVGPM3xn7xpF3cEuMb3ysWGEgzQhHeL
3RmcTUA+PbayG3tFpOfyAfpVq0iYJmby1Ha8i2Cx2FO1Gjq53EJzwfe2FHxfnb3a
4oS17iQFdNL0y++f6/x65C7Xd2TXRZK83fUopMUw9Q8sv59RA5wBSs5Y33SUpBjK
A43+oSK4kyMJCTsQiW2svhDtJq0M/aRvcj9k5mJZlRVq4mRwG5cr6Bkw3VFBL5dz
IQ0ypBW4YmIjwuafEMURyxw9acNgPrqkl2hbdRhTUXBe6vjEBkf3SCLmA6WJLny/
hBOSFutqU8bmmofJpvhXifg8/v/V6gO5vqVDq/tLeECj
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:18 2024 by rpki-client on console-fra.rpki-client.org