Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/85aEdfu0QK8_xURrapdvvRcD0oc.roa
File: 85aEdfu0QK8_xURrapdvvRcD0oc.roa (raw, json)
Hash identifier: /m0J9arG3nHua7QKBXX0lAG2E9gUdLle71M9ly9Sk80=
Subject key identifier: F3:96:84:75:FB:B4:40:AF:3F:C5:44:6B:6A:97:6F:BD:17:03:D2:87
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC42552529277DA5B3F704820032F1919
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/85aEdfu0QK8_xURrapdvvRcD0oc.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 15:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:52:52:92:77:da:5b:3f:70:48:20:03:2f:19:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3968475fbb440af3fc5446b6a976fbd1703d287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:03:a5:1a:bd:37:c1:d0:a8:d0:6c:ca:ab:2c:
4d:52:75:0d:66:0e:d4:bd:9f:19:b3:fe:3d:ae:34:
e1:c1:5e:3e:4f:20:6a:5f:27:9f:79:7a:a1:8a:8e:
06:45:2e:f1:46:52:b3:f7:3f:6f:58:c3:51:2f:6a:
a8:ba:c6:d1:85:3a:f3:f5:99:56:6a:86:af:26:26:
6d:d4:2d:34:b5:5b:47:3c:ea:39:f5:dc:0d:77:5a:
18:3a:90:4a:d8:a4:1d:32:98:5b:1b:89:64:e9:a8:
0b:55:c7:b9:55:83:61:67:8d:d0:b0:9b:98:7d:39:
00:58:66:3f:c5:90:8d:04:0d:5f:e6:24:78:af:36:
f1:7b:67:6c:e2:5e:89:6f:15:4b:06:e3:94:14:56:
e9:3b:59:03:68:e9:c9:96:ac:48:e8:6f:85:18:71:
38:f8:1a:4a:12:50:e4:f9:f0:05:50:c8:83:5a:d7:
a8:9d:2b:af:1f:17:ed:69:3a:72:49:d5:1a:33:3e:
cb:bd:46:02:ee:37:00:e5:58:84:19:2d:a3:b7:64:
71:c3:ad:98:c0:c3:b4:2c:e4:bd:00:dc:a1:87:49:
e7:21:cd:72:39:9f:0c:16:0d:09:b1:28:36:7b:7d:
15:11:f7:db:63:77:79:1b:ab:af:42:8e:01:d5:d2:
8b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:96:84:75:FB:B4:40:AF:3F:C5:44:6B:6A:97:6F:BD:17:03:D2:87
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/85aEdfu0QK8_xURrapdvvRcD0oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.86.0/24
163.5.97.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c9:8a:56:59:d0:9a:80:36:c8:a6:6b:f0:a7:6f:81:2b:8e:
1b:97:b0:86:65:07:6f:7b:0a:03:ba:a5:47:02:4b:bf:fd:2e:
2c:7c:95:ae:f2:db:c5:e3:48:80:8d:0e:90:5d:b0:f5:bc:97:
48:f3:e8:da:19:50:03:5c:1a:14:cc:54:8c:0f:6e:22:e0:43:
e9:f2:06:55:2d:df:f5:ff:69:fb:1e:ea:5b:17:a0:05:dd:9b:
7e:db:ae:6a:20:76:d0:1b:1c:c1:22:a7:eb:7c:42:3c:cd:cc:
d7:39:30:f8:1d:b5:d5:3a:c6:66:1a:56:9e:2a:c2:ca:0f:fa:
81:9e:c7:d3:77:56:74:0e:ef:56:81:c9:eb:28:c3:9a:a9:5d:
c4:a5:fc:ad:e8:b1:56:29:ee:38:7d:76:f1:55:4e:23:2a:3c:
ea:c5:45:8e:5d:0e:de:1d:4a:d2:83:6f:ab:01:96:fe:97:44:
45:ea:65:c7:ed:ed:40:44:8d:89:a9:d7:f2:f3:df:11:89:4a:
c7:79:ec:fd:96:43:92:e7:b0:6f:0c:f2:00:ee:b8:f5:36:61:
a4:a0:16:fd:de:18:ca:b0:f5:47:c2:aa:8e:bb:99:22:ce:ac:
c2:bb:64:f6:2f:7c:54:7b:a5:98:fd:03:ea:52:37:f9:72:7c:
4a:58:57:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJVJSknfaWz9wSCADLxkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzk2ODQ3NWZiYjQ0MGFmM2ZjNTQ0NmI2YTk3NmZiZDE3MDNkMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwOlGr03wdCo0GzKqyxNUnUNZg7U
vZ8Zs/49rjThwV4+TyBqXyefeXqhio4GRS7xRlKz9z9vWMNRL2qousbRhTrz9ZlW
aoavJiZt1C00tVtHPOo59dwNd1oYOpBK2KQdMphbG4lk6agLVce5VYNhZ43QsJuY
fTkAWGY/xZCNBA1f5iR4rzbxe2ds4l6JbxVLBuOUFFbpO1kDaOnJlqxI6G+FGHE4
+BpKElDk+fAFUMiDWteonSuvHxftaTpySdUaMz7LvUYC7jcA5ViEGS2jt2Rxw62Y
wMO0LOS9ANyhh0nnIc1yOZ8MFg0JsSg2e30VEffbY3d5G6uvQo4B1dKLAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPOWhHX7tECvP8VEa2qXb70XA9KHMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvODVhRWRmdTBRSzhfeFVScmFwZHZ2UmNEMG9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVWAwQA
owVhMA0GCSqGSIb3DQEBCwUAA4IBAQAwyYpWWdCagDbIpmvwp2+BK44bl7CGZQdv
ewoDuqVHAku//S4sfJWu8tvF40iAjQ6QXbD1vJdI8+jaGVADXBoUzFSMD24i4EPp
8gZVLd/1/2n7HupbF6AF3Zt+265qIHbQGxzBIqfrfEI8zczXOTD4HbXVOsZmGlae
KsLKD/qBnsfTd1Z0Du9WgcnrKMOaqV3Epfyt6LFWKe44fXbxVU4jKjzqxUWOXQ7e
HUrSg2+rAZb+l0RF6mXH7e1ARI2Jqdfy898RiUrHeez9lkOS57BvDPIA7rj1NmGk
oBb93hjKsPVHwqqOu5kizqzCu2T2L3xUe6WY/QPqUjf5cnxKWFdz
-----END CERTIFICATE-----
Generated at Thu Jan 25 20:48:58 2024 by rpki-client on console-fra.rpki-client.org