Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4YQj2-yKNM8cynTFfCPsTA4hsJU.roa
File: 4YQj2-yKNM8cynTFfCPsTA4hsJU.roa (raw, json)
Hash identifier: kNQRLY13+IWk8lEwrp5/KxpaJ+G0b9QrTeRbkzAvHA8=
Subject key identifier: E1:84:23:DB:EC:8A:34:CF:1C:CA:74:C5:7C:23:EC:4C:0E:21:B0:95
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0185C9977318CCAC2DCE175334A8C918E426
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4YQj2-yKNM8cynTFfCPsTA4hsJU.roa
Signing time: Thu 19 Jan 2023 10:33:43 +0000
ROA not before: Thu 19 Jan 2023 10:33:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 163.5.183.0/24 maxlen: 24
163.5.122.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:97:73:18:cc:ac:2d:ce:17:53:34:a8:c9:18:e4:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 19 10:33:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e18423dbec8a34cf1cca74c57c23ec4c0e21b095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6a:e1:2a:f0:62:35:f5:bc:6a:eb:27:89:82:
c9:20:96:93:a4:4e:39:85:05:bb:57:8c:8d:71:8a:
d4:44:51:6c:f5:fe:cb:9f:6a:f4:c6:f3:d7:7d:02:
5b:c6:a3:9e:20:e5:76:f7:71:25:2f:66:28:76:ae:
af:8d:e3:e9:8c:db:bc:73:ac:d1:5a:d3:09:93:6b:
78:b1:d8:b2:3d:1a:04:5c:5d:43:9e:87:65:e0:e8:
32:56:77:e0:d1:95:00:10:30:ef:07:64:3c:de:65:
04:47:f5:e9:4a:1e:95:4f:da:7f:45:8d:04:c8:0a:
92:38:83:62:1b:81:6a:85:80:8b:88:55:6d:21:83:
a7:42:9f:66:ed:57:bc:2b:14:9b:49:e6:04:f5:ff:
64:de:2e:0a:af:32:de:0d:cd:b7:df:4f:72:49:00:
44:fe:39:d5:a6:b6:1e:b5:a3:12:1c:bb:63:81:77:
c5:8d:a0:97:26:fb:40:ee:e6:7f:fc:ad:de:79:1a:
e3:f3:29:c3:a4:8c:eb:a9:eb:ca:8a:62:d9:9a:91:
a3:9a:49:54:a1:6b:34:fd:8e:ab:0e:43:57:d3:14:
3a:e9:6b:95:54:30:92:ac:09:87:d4:a2:d3:63:96:
93:1f:41:92:01:35:07:70:93:9b:23:23:5f:74:35:
b4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:84:23:DB:EC:8A:34:CF:1C:CA:74:C5:7C:23:EC:4C:0E:21:B0:95
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4YQj2-yKNM8cynTFfCPsTA4hsJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.122.0/24
163.5.139.0/24
163.5.183.0/24
163.5.238.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:fb:81:62:04:0e:18:b8:f6:83:60:ac:12:ac:6a:4f:39:d9:
7d:c2:00:f1:bd:80:83:67:8e:e8:c3:c2:b4:59:e4:c8:c5:4d:
ff:1d:15:16:b8:91:1b:92:f1:bd:65:95:e6:4c:1a:d2:08:33:
2b:78:df:2f:e9:d5:17:01:e9:a3:9a:c9:cf:32:5c:60:6b:bc:
be:e6:ec:39:d1:5b:d0:5e:b7:bc:8b:41:71:93:95:a0:62:a3:
06:71:50:fb:c3:00:f5:d5:e7:ee:fa:75:bb:e6:46:bd:ea:85:
5c:12:c5:29:16:cb:fd:9b:44:72:3c:9b:91:90:bb:cc:37:b3:
02:e7:b0:41:4b:0a:ba:f5:15:d5:4c:02:e5:af:9b:d5:e8:e5:
7f:e8:44:ca:7a:53:cb:f2:23:cb:09:30:2f:2c:de:e2:78:43:
b3:26:95:b3:41:37:cf:19:1f:b2:ff:55:6f:2b:69:a6:93:5b:
c5:56:44:c9:32:8d:46:4f:50:82:a8:15:ae:ee:d8:dc:a8:b4:
72:20:35:d1:16:dc:a5:0b:d5:8a:0b:92:c5:39:24:a9:c2:81:
3c:4e:54:db:70:67:11:39:20:99:b2:de:37:cf:20:ae:f3:ca:
c5:a6:3e:bf:f8:17:39:5e:6e:66:b2:91:1a:44:de:b3:52:d6:
c9:bc:53:fc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYXJl3MYzKwtzhdTNKjJGOQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTE5MTAzMzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTg0MjNkYmVjOGEzNGNmMWNjYTc0YzU3YzIzZWM0YzBlMjFiMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWrhKvBiNfW8ausniYLJIJaTpE45
hQW7V4yNcYrURFFs9f7Ln2r0xvPXfQJbxqOeIOV293ElL2Yodq6vjePpjNu8c6zR
WtMJk2t4sdiyPRoEXF1Dnodl4OgyVnfg0ZUAEDDvB2Q83mUER/XpSh6VT9p/RY0E
yAqSOINiG4FqhYCLiFVtIYOnQp9m7Ve8KxSbSeYE9f9k3i4KrzLeDc23309ySQBE
/jnVprYetaMSHLtjgXfFjaCXJvtA7uZ//K3eeRrj8ynDpIzrqevKimLZmpGjmklU
oWs0/Y6rDkNX0xQ66WuVVDCSrAmH1KLTY5aTH0GSATUHcJObIyNfdDW0dQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOGEI9vsijTPHMp0xXwj7EwOIbCVMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNFlRajIteUtOTThjeW5URmZDUHNUQTRoc0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowV6AwQA
owWLAwQAowW3AwQAowXuAwQAowX/MA0GCSqGSIb3DQEBCwUAA4IBAQAL+4FiBA4Y
uPaDYKwSrGpPOdl9wgDxvYCDZ47ow8K0WeTIxU3/HRUWuJEbkvG9ZZXmTBrSCDMr
eN8v6dUXAemjmsnPMlxga7y+5uw50VvQXre8i0Fxk5WgYqMGcVD7wwD11efu+nW7
5ka96oVcEsUpFsv9m0RyPJuRkLvMN7MC57BBSwq69RXVTALlr5vV6OV/6ETKelPL
8iPLCTAvLN7ieEOzJpWzQTfPGR+y/1VvK2mmk1vFVkTJMo1GT1CCqBWu7tjcqLRy
IDXRFtylC9WKC5LFOSSpwoE8TlTbcGcROSCZst43zyCu88rFpj6/+Bc5Xm5mspEa
RN6zUtbJvFP8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:19 2023 by rpki-client on console-fra.rpki-client.org