Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9YLNaiIP2eaM2cGMDj8RGsRgMYA.roa
File: 9YLNaiIP2eaM2cGMDj8RGsRgMYA.roa (raw, json)
Hash identifier: nOycYb+fhyPDt83b8S2iR34BjK4+Nt6fpo/3B6pbbKY=
Subject key identifier: F5:82:CD:6A:22:0F:D9:E6:8C:D9:C1:8C:0E:3F:11:1A:C4:60:31:80
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188A07AA63380A58B7F520AB763D465298E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9YLNaiIP2eaM2cGMDj8RGsRgMYA.roa
Signing time: Fri 09 Jun 2023 14:06:12 +0000
ROA not before: Fri 09 Jun 2023 14:06:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 163.5.105.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:7a:a6:33:80:a5:8b:7f:52:0a:b7:63:d4:65:29:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 9 14:06:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f582cd6a220fd9e68cd9c18c0e3f111ac4603180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1f:4e:a5:94:aa:93:ca:68:8a:ab:22:3d:79:
17:20:70:8f:38:d7:64:38:7a:e1:d9:60:16:d5:e5:
ef:70:a4:44:47:f5:09:59:c3:a6:04:04:69:b4:70:
ea:b3:0b:39:ce:69:b1:39:87:d8:68:0b:f1:be:3c:
d1:29:75:2e:93:4d:f0:86:67:9b:d4:39:21:34:b5:
71:82:00:7a:c9:ae:81:35:43:ce:88:5b:91:44:a7:
10:cc:bc:fc:5c:64:96:9e:9d:98:5b:86:99:d8:0f:
06:7b:cb:ca:5d:dc:38:b7:72:39:8c:2a:f1:a3:c4:
bf:cd:2f:43:50:88:3c:6c:47:11:6b:a9:9f:22:2d:
4c:f9:f0:fe:e8:37:01:74:97:79:86:7e:a4:13:39:
c6:2a:16:e8:34:66:61:27:7c:a4:1c:78:40:00:2b:
ee:2d:8e:74:c5:60:d9:c4:8b:1b:11:ff:3a:52:89:
a1:14:7a:c3:4f:9c:08:aa:cb:c4:f8:1c:41:c8:91:
3f:28:57:2b:3b:95:b1:94:3a:c5:06:95:16:66:c6:
83:36:ee:d8:7c:68:18:df:a3:1d:c1:5c:c3:6c:e1:
70:31:6a:fe:31:52:e9:a6:82:a8:01:c9:03:12:09:
28:3e:a7:1d:e1:b1:4d:c0:3e:97:a7:8b:d3:fb:fa:
42:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:82:CD:6A:22:0F:D9:E6:8C:D9:C1:8C:0E:3F:11:1A:C4:60:31:80
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9YLNaiIP2eaM2cGMDj8RGsRgMYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.105.0-163.5.106.255
163.5.159.0/24
163.5.168.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:ef:c7:7b:73:97:9a:40:ee:49:c8:31:36:5c:ca:2f:d4:39:
8c:2a:a6:ae:df:b9:69:50:d8:e2:af:d3:83:8c:8b:29:42:02:
76:8d:ad:1c:f9:08:91:15:db:a5:0d:b4:f5:99:f7:7a:40:0b:
aa:12:91:3b:09:77:93:75:f3:cb:ac:f5:f1:38:cd:56:fa:82:
4f:51:e5:4d:53:c3:2b:aa:8a:53:36:85:b4:ff:64:e8:97:e9:
bd:82:4d:b4:59:5a:38:bf:2c:6b:a2:d6:f0:92:09:1f:6d:6a:
24:25:bf:fd:41:de:39:20:cd:af:86:91:83:bd:a4:13:c6:0c:
80:21:a3:c3:b9:8a:34:eb:da:59:23:94:63:d2:b4:dd:92:c5:
8a:65:55:76:6a:1c:11:a6:97:4d:ed:0b:66:30:81:8c:df:a3:
ae:1b:00:e2:19:15:3a:fa:e9:e5:cb:2b:c3:3f:7a:b0:6a:4b:
05:0d:d6:3b:1c:99:6d:3b:01:7e:52:b9:68:0b:1b:0a:26:bb:
0e:65:ef:be:eb:55:51:ac:b4:e4:46:ef:97:db:d7:2c:eb:10:
6d:c4:5c:c8:4f:35:9a:52:07:1c:6b:86:03:19:3f:fd:90:2e:
e2:44:32:16:27:f0:4b:10:ae:c6:f0:d7:f8:95:ba:b2:df:85:
c5:bb:6f:95
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYigeqYzgKWLf1IKt2PUZSmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjA5MTQwNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTgyY2Q2YTIyMGZkOWU2OGNkOWMxOGMwZTNmMTExYWM0NjAzMTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhB9OpZSqk8poiqsiPXkXIHCPONdk
OHrh2WAW1eXvcKRER/UJWcOmBARptHDqsws5zmmxOYfYaAvxvjzRKXUuk03whmeb
1DkhNLVxggB6ya6BNUPOiFuRRKcQzLz8XGSWnp2YW4aZ2A8Ge8vKXdw4t3I5jCrx
o8S/zS9DUIg8bEcRa6mfIi1M+fD+6DcBdJd5hn6kEznGKhboNGZhJ3ykHHhAACvu
LY50xWDZxIsbEf86UomhFHrDT5wIqsvE+BxByJE/KFcrO5WxlDrFBpUWZsaDNu7Y
fGgY36MdwVzDbOFwMWr+MVLppoKoAckDEgkoPqcd4bFNwD6Xp4vT+/pCXwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPWCzWoiD9nmjNnBjA4/ERrEYDGAMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOVlMTmFpSVAyZWFNMmNHTURqOFJHc1JnTVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowUgMAwD
BACjBWkDBACjBWoDBACjBZ8DBACjBagwDQYJKoZIhvcNAQELBQADggEBAG/vx3tz
l5pA7knIMTZcyi/UOYwqpq7fuWlQ2OKv04OMiylCAnaNrRz5CJEV26UNtPWZ93pA
C6oSkTsJd5N188us9fE4zVb6gk9R5U1TwyuqilM2hbT/ZOiX6b2CTbRZWji/LGui
1vCSCR9taiQlv/1B3jkgza+GkYO9pBPGDIAho8O5ijTr2lkjlGPStN2SxYplVXZq
HBGml03tC2YwgYzfo64bAOIZFTr66eXLK8M/erBqSwUN1jscmW07AX5SuWgLGwom
uw5l777rVVGstORG75fb1yzrEG3EXMhPNZpSBxxrhgMZP/2QLuJEMhYn8EsQrsbw
1/iVurLfhcW7b5U=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:08 2023 by rpki-client on console-ams.rpki-client.org