Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4jfLgmwtg0hFzxmOoRqIX1V6b-0.roa
File: 4jfLgmwtg0hFzxmOoRqIX1V6b-0.roa (raw, json)
Hash identifier: lWQSRKMOkTMZ9sVKvRw+HNk2vJLTaUEQl66P/S+gQV8=
Subject key identifier: E2:37:CB:82:6C:2D:83:48:45:CF:19:8E:A1:1A:88:5F:55:7A:6F:ED
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C4561DAA65F5F901E11E5022CFC7C06B9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4jfLgmwtg0hFzxmOoRqIX1V6b-0.roa
Signing time: Thu 07 Dec 2023 17:44:49 +0000
ROA not before: Thu 07 Dec 2023 17:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24875
IP address blocks: 163.5.191.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:45:61:da:a6:5f:5f:90:1e:11:e5:02:2c:fc:7c:06:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 7 17:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e237cb826c2d834845cf198ea11a885f557a6fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:15:f1:7b:ab:27:8a:aa:0f:9b:d2:2f:2b:db:
48:46:b5:3e:c1:bf:f5:34:cd:1c:2d:9e:05:ce:d4:
16:43:04:a4:69:88:ee:80:e0:b9:e3:8d:f6:36:1f:
ba:09:84:67:d3:47:9e:c8:be:62:a6:6b:4e:36:7c:
01:d6:ac:9d:be:a6:c0:63:2e:de:66:4b:3d:fb:21:
8d:af:c8:c6:b9:aa:f1:ab:e0:93:2f:12:7b:b6:70:
d7:e0:87:ec:66:27:fc:4c:b3:f1:4a:f9:2b:d8:ef:
57:60:e9:60:63:bf:5f:9d:16:ce:4f:8e:a1:92:cc:
77:c3:e6:6f:f3:b7:79:37:95:cb:b2:68:47:ec:f1:
02:51:83:5b:cf:c3:71:e2:fa:e9:06:48:e2:6c:8e:
55:25:79:3b:68:cf:4b:bd:47:13:e1:3d:90:b0:3e:
8e:d7:20:e8:cb:55:87:a3:c9:01:13:71:4c:64:6f:
3c:98:ca:02:b0:e3:22:9d:b6:c0:d0:53:fc:86:be:
0a:81:11:ab:6e:ce:51:68:30:9e:c3:67:1d:8d:59:
ff:2e:48:6c:19:3e:21:3a:b6:07:4f:c5:06:3e:a5:
94:2f:aa:5e:62:a2:fe:ef:1c:68:2d:bc:54:22:72:
c8:ec:ef:3b:85:d1:46:f7:29:93:0f:8c:df:a9:61:
59:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:37:CB:82:6C:2D:83:48:45:CF:19:8E:A1:1A:88:5F:55:7A:6F:ED
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4jfLgmwtg0hFzxmOoRqIX1V6b-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.191.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:c5:53:00:76:e5:3b:51:03:bf:45:72:b0:a9:93:73:91:0b:
da:60:96:51:ba:7f:fc:0f:99:f7:8f:c0:22:c4:14:ba:b9:0d:
85:49:fd:74:6d:26:48:ee:bb:77:e7:4e:a1:3b:cf:f2:43:85:
e2:a2:0a:0a:1f:ce:60:2a:7b:61:e7:ee:48:d6:c3:e9:cf:ef:
78:9d:76:b7:df:3f:52:29:2c:9c:d7:6a:73:2a:49:cc:f9:fc:
77:a8:51:a0:e6:d0:f8:d0:ed:89:ae:ab:46:d6:c5:6e:e6:e6:
bb:3c:08:25:fd:c5:bf:8c:e8:a3:0e:35:64:23:eb:21:91:99:
a6:59:ba:e4:80:5a:01:a4:b8:75:2f:7d:79:f2:63:3b:75:8d:
b1:e0:d3:ee:62:ad:9f:24:b2:5f:d0:a1:fc:60:5c:bb:74:2a:
61:f4:5c:e3:9a:5a:0f:40:40:86:e9:bb:64:e1:aa:7b:7f:60:
65:63:22:34:66:1b:83:b3:3c:13:16:6c:81:d1:0b:9e:75:0f:
05:cc:8a:aa:56:3a:4b:47:17:a1:eb:f3:4d:7f:9a:f2:d3:83:
3e:42:b9:98:d7:95:df:80:a4:a1:85:3f:23:86:31:f2:dd:9d:
d8:43:67:a1:c9:93:2d:7f:7f:d3:87:fd:ee:ee:77:c2:ca:82:
e1:fe:e7:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxFYdqmX1+QHhHlAiz8fAa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjA3MTc0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjM3Y2I4MjZjMmQ4MzQ4NDVjZjE5OGVhMTFhODg1ZjU1N2E2ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xXxe6sniqoPm9IvK9tIRrU+wb/1
NM0cLZ4FztQWQwSkaYjugOC54432Nh+6CYRn00eeyL5ipmtONnwB1qydvqbAYy7e
Zks9+yGNr8jGuarxq+CTLxJ7tnDX4IfsZif8TLPxSvkr2O9XYOlgY79fnRbOT46h
ksx3w+Zv87d5N5XLsmhH7PECUYNbz8Nx4vrpBkjibI5VJXk7aM9LvUcT4T2QsD6O
1yDoy1WHo8kBE3FMZG88mMoCsOMinbbA0FP8hr4KgRGrbs5RaDCew2cdjVn/Lkhs
GT4hOrYHT8UGPqWUL6peYqL+7xxoLbxUInLI7O87hdFG9ymTD4zfqWFZHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOI3y4JsLYNIRc8ZjqEaiF9Vem/tMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNGpmTGdtd3RnMGhGenhtT29ScUlYMVY2Yi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowW/MA0G
CSqGSIb3DQEBCwUAA4IBAQCexVMAduU7UQO/RXKwqZNzkQvaYJZRun/8D5n3j8Ai
xBS6uQ2FSf10bSZI7rt3506hO8/yQ4XiogoKH85gKnth5+5I1sPpz+94nXa33z9S
KSyc12pzKknM+fx3qFGg5tD40O2JrqtG1sVu5ua7PAgl/cW/jOijDjVkI+shkZmm
WbrkgFoBpLh1L3158mM7dY2x4NPuYq2fJLJf0KH8YFy7dCph9FzjmloPQECG6btk
4ap7f2BlYyI0ZhuDszwTFmyB0QuedQ8FzIqqVjpLRxeh6/NNf5ry04M+QrmY15Xf
gKShhT8jhjHy3Z3YQ2ehyZMtf3/Th/3u7nfCyoLh/uc+
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org