Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ANqcFO6FQP3RfuWR3WVM56pozB4.roa
File: ANqcFO6FQP3RfuWR3WVM56pozB4.roa (raw, json)
Hash identifier: MfqTIgfxnNMfYDXBTyQd5eLcagPflaGQGMmCafdkUPs=
Subject key identifier: 00:DA:9C:14:EE:85:40:FD:D1:7E:E5:91:DD:65:4C:E7:AA:68:CC:1E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042B65CE6D099F32A162238914963E2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ANqcFO6FQP3RfuWR3WVM56pozB4.roa
Signing time: Mon 02 Jan 2023 02:14:58 +0000
ROA not before: Mon 02 Jan 2023 02:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14445
IP address blocks: 163.5.174.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
163.5.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Mar 2023 11:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:b6:5c:e6:d0:99:f3:2a:16:22:38:91:49:63:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00da9c14ee8540fdd17ee591dd654ce7aa68cc1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5c:3f:b0:d6:e7:94:98:f1:13:0f:d4:f2:fc:
48:bd:ae:eb:11:21:16:14:65:da:87:d8:68:1a:25:
47:d8:7f:49:5f:b6:10:1d:a2:29:a6:9a:e0:4c:99:
2d:e5:11:e5:4d:ca:85:8c:5a:14:25:58:48:a0:60:
a5:39:69:51:ae:ec:44:69:74:58:98:6f:86:f0:08:
1d:7a:72:c8:42:3d:44:15:8a:64:79:40:77:be:48:
20:f2:ca:85:62:e8:c5:6f:04:3f:f7:bf:90:96:31:
8c:e7:10:2c:6b:0b:5c:e1:88:0b:d3:31:d0:32:95:
1c:35:eb:c5:ba:87:04:60:12:a6:58:00:8c:d4:c2:
d8:96:75:69:7c:71:66:6e:37:23:54:b9:c5:8c:3c:
3e:df:06:94:d0:85:e4:54:83:5d:0c:eb:22:fd:55:
aa:4e:c1:92:4e:51:22:3c:59:dc:1d:3f:49:25:c9:
69:13:e5:d7:99:c8:a8:31:da:72:95:99:7e:df:1c:
ae:ca:3f:4a:64:7a:f2:3d:fe:16:ba:d4:0a:af:55:
6b:13:0b:88:aa:d4:0a:fa:ef:94:8d:40:5f:4b:ac:
df:23:b1:f8:0b:26:6c:88:bf:39:49:b9:73:04:b6:
fe:08:61:80:79:cf:d0:bc:e7:14:de:e0:b1:1c:2d:
78:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:DA:9C:14:EE:85:40:FD:D1:7E:E5:91:DD:65:4C:E7:AA:68:CC:1E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ANqcFO6FQP3RfuWR3WVM56pozB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.171.0-163.5.172.255
163.5.174.0/24
Signature Algorithm: sha256WithRSAEncryption
43:97:c4:84:34:3f:82:d7:69:57:03:41:66:c7:84:43:94:6a:
e2:03:23:42:24:93:fc:38:5c:82:b4:55:46:a5:42:d2:48:38:
01:58:d7:4a:e2:ae:5b:80:62:0e:1a:50:7d:38:91:ae:1a:04:
c6:5c:1e:80:9c:30:92:f2:e5:90:3c:23:5b:2e:31:85:fe:85:
d5:c4:e4:67:97:74:21:a0:f0:a2:59:41:ef:e0:ef:ca:52:e5:
14:cd:f2:79:d0:92:6f:ab:12:39:ca:b2:52:00:bf:e6:2c:46:
6b:57:e8:ab:ce:60:b6:52:e6:d1:cd:7a:44:ad:da:c3:41:4d:
f9:e4:a0:c6:a1:7f:4d:83:8a:09:06:b7:32:ea:b0:34:49:db:
ae:a8:e1:99:41:90:ee:e4:5b:b2:32:2e:0e:57:87:5c:47:6c:
d5:cf:34:49:28:9c:ea:9d:7e:fa:3b:2e:94:40:ed:70:5e:64:
a6:68:8c:9a:2b:8f:c7:fa:52:68:71:b8:d0:4a:48:ff:d6:dd:
71:1a:16:b2:44:89:7b:93:44:52:7b:5a:49:19:20:fd:c9:42:
c3:b0:5c:97:22:b8:49:3c:2b:4b:44:f1:6d:b2:01:89:3b:a2:
74:a7:d5:04:f0:c5:87:4f:95:5a:ab:6b:58:f2:2c:c6:55:c6:
1a:36:7b:b4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVwQrZc5tCZ8yoWIjiRSWPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGRhOWMxNGVlODU0MGZkZDE3ZWU1OTFkZDY1NGNlN2FhNjhjYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlw/sNbnlJjxEw/U8vxIva7rESEW
FGXah9hoGiVH2H9JX7YQHaIppprgTJkt5RHlTcqFjFoUJVhIoGClOWlRruxEaXRY
mG+G8AgdenLIQj1EFYpkeUB3vkgg8sqFYujFbwQ/97+QljGM5xAsawtc4YgL0zHQ
MpUcNevFuocEYBKmWACM1MLYlnVpfHFmbjcjVLnFjDw+3waU0IXkVINdDOsi/VWq
TsGSTlEiPFncHT9JJclpE+XXmcioMdpylZl+3xyuyj9KZHryPf4WutQKr1VrEwuI
qtQK+u+UjUBfS6zfI7H4CyZsiL85SblzBLb+CGGAec/QvOcU3uCxHC14CQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFADanBTuhUD90X7lkd1lTOeqaMweMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQU5xY0ZPNkZRUDNSZnVXUjNXVk01NnBvekI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACjBasD
BACjBawDBACjBa4wDQYJKoZIhvcNAQELBQADggEBAEOXxIQ0P4LXaVcDQWbHhEOU
auIDI0Ikk/w4XIK0VUalQtJIOAFY10rirluAYg4aUH04ka4aBMZcHoCcMJLy5ZA8
I1suMYX+hdXE5GeXdCGg8KJZQe/g78pS5RTN8nnQkm+rEjnKslIAv+YsRmtX6KvO
YLZS5tHNekSt2sNBTfnkoMahf02DigkGtzLqsDRJ266o4ZlBkO7kW7IyLg5Xh1xH
bNXPNEkonOqdfvo7LpRA7XBeZKZojJorj8f6UmhxuNBKSP/W3XEaFrJEiXuTRFJ7
WkkZIP3JQsOwXJciuEk8K0tE8W2yAYk7onSn1QTwxYdPlVqra1jyLMZVxho2e7Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org