Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/C2FD-ebCbPa0xkqS1PeR_dJtI18.roa
File: C2FD-ebCbPa0xkqS1PeR_dJtI18.roa (raw, json)
Hash identifier: FzTKElxJmvgBedRVZu+oQUdizslX26DMA3LdxtoUCrk=
Subject key identifier: 0B:61:43:F9:E6:C2:6C:F6:B4:C6:4A:92:D4:F7:91:FD:D2:6D:23:5F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018586909CE8C198A1C67A1D67045BC8F4D7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/C2FD-ebCbPa0xkqS1PeR_dJtI18.roa
Signing time: Fri 06 Jan 2023 10:11:42 +0000
ROA not before: Fri 06 Jan 2023 10:11:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 163.5.91.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.152.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.169.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:90:9c:e8:c1:98:a1:c6:7a:1d:67:04:5b:c8:f4:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 6 10:11:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b6143f9e6c26cf6b4c64a92d4f791fdd26d235f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:44:81:2d:06:cd:02:33:c5:55:0b:a8:c5:2d:
41:01:7f:3b:92:c6:83:cf:51:9b:5e:21:85:fa:bd:
5b:b7:f6:23:9e:08:45:62:ad:de:0f:0d:27:20:34:
e2:a5:06:0b:76:c5:ae:6d:91:eb:c4:92:66:de:31:
f5:d6:cc:ed:6c:d7:60:65:4b:83:63:52:ca:d2:04:
2b:35:0a:4e:fa:85:a0:d1:8d:dc:b3:1f:42:9e:ef:
55:45:1a:55:9b:54:20:d9:1c:c0:8c:2b:81:a4:f4:
1d:a6:51:79:b4:3a:b2:ae:50:c5:e5:99:0c:21:12:
ef:98:8c:5f:34:c3:29:fa:5d:6b:e5:5c:03:9e:bf:
46:b7:d4:16:6a:95:f5:d6:0d:53:44:05:6a:95:60:
04:94:df:41:4f:5a:9d:90:e6:18:68:27:e7:18:09:
91:28:2b:dc:e7:10:ad:e9:c3:0b:99:f6:dc:56:de:
56:24:36:eb:66:a3:ed:2b:cd:54:d7:38:d4:34:c7:
14:71:69:0a:d3:00:a3:5d:ee:22:58:95:89:57:bf:
22:e1:e4:66:d4:1b:d1:00:44:02:d3:3b:b6:73:d2:
d0:34:cf:79:88:a6:f0:82:3c:23:cf:08:5f:20:13:
bb:27:63:5d:ff:1e:8a:66:ca:5f:7f:4a:c0:b3:71:
46:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:61:43:F9:E6:C2:6C:F6:B4:C6:4A:92:D4:F7:91:FD:D2:6D:23:5F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/C2FD-ebCbPa0xkqS1PeR_dJtI18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.33.0-163.5.34.255
163.5.38.0/24
163.5.91.0/24
163.5.97.0/24
163.5.114.0/24
163.5.131.0/24
163.5.152.0/24
163.5.169.0/24
163.5.249.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:d4:5a:4d:2a:4e:99:58:85:a2:d0:c7:31:77:a2:28:59:91:
c7:66:fe:16:62:a1:60:a3:2a:f5:15:b6:49:23:9d:a8:37:9d:
1b:a8:25:7e:3b:12:97:4b:d9:a2:a0:93:90:8d:f6:28:97:b7:
72:de:ae:aa:72:0f:fe:de:78:e2:6a:50:3f:cf:b5:08:00:1c:
d4:98:90:16:9d:30:0a:71:fb:13:12:59:09:81:ed:f4:36:e8:
0f:f7:f3:c6:c0:4b:58:64:8e:dd:76:76:35:42:7a:08:a7:ec:
04:44:9f:a4:ca:3d:6f:48:57:3e:85:79:ab:67:a9:92:2d:79:
c9:fc:9b:71:20:21:e7:ec:8f:62:4b:d1:fb:54:d3:cd:79:9c:
fc:9a:e8:6a:ff:f5:3e:3b:09:c6:89:29:8d:46:44:db:17:47:
aa:9c:32:e2:e5:79:1f:29:b1:cb:5d:3f:61:5c:76:de:ee:53:
90:14:f9:8e:ba:50:d2:77:39:fb:da:e8:24:39:3d:c8:65:d9:
fd:60:e9:14:25:06:b9:1b:ee:e5:88:d9:09:10:14:19:28:14:
22:99:f2:8c:dc:df:c3:8e:12:a7:f6:0c:3f:7a:64:f5:b9:ba:
29:6a:a3:0e:b9:44:4e:b6:f8:86:cf:c5:e7:b2:6c:49:81:be:
56:e8:ac:4b
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYWGkJzowZihxnodZwRbyPTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTA2MTAxMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjYxNDNmOWU2YzI2Y2Y2YjRjNjRhOTJkNGY3OTFmZGQyNmQyMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ESBLQbNAjPFVQuoxS1BAX87ksaD
z1GbXiGF+r1bt/YjnghFYq3eDw0nIDTipQYLdsWubZHrxJJm3jH11sztbNdgZUuD
Y1LK0gQrNQpO+oWg0Y3csx9Cnu9VRRpVm1Qg2RzAjCuBpPQdplF5tDqyrlDF5ZkM
IRLvmIxfNMMp+l1r5VwDnr9Gt9QWapX11g1TRAVqlWAElN9BT1qdkOYYaCfnGAmR
KCvc5xCt6cMLmfbcVt5WJDbrZqPtK81U1zjUNMcUcWkK0wCjXe4iWJWJV78i4eRm
1BvRAEQC0zu2c9LQNM95iKbwgjwjzwhfIBO7J2Nd/x6KZspff0rAs3FGaQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFAthQ/nmwmz2tMZKktT3kf3SbSNfMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQzJGRC1lYkNiUGEweGtxUzFQZVJfZEp0STE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBACjBSED
BACjBSIDBACjBSYDBACjBVsDBACjBWEDBACjBXIDBACjBYMDBACjBZgDBACjBakD
BACjBfkDBACjBf4wDQYJKoZIhvcNAQELBQADggEBAFrUWk0qTplYhaLQxzF3oihZ
kcdm/hZioWCjKvUVtkkjnag3nRuoJX47EpdL2aKgk5CN9iiXt3LerqpyD/7eeOJq
UD/PtQgAHNSYkBadMApx+xMSWQmB7fQ26A/388bAS1hkjt12djVCegin7AREn6TK
PW9IVz6FeatnqZItecn8m3EgIefsj2JL0ftU0815nPya6Gr/9T47CcaJKY1GRNsX
R6qcMuLleR8psctdP2Fcdt7uU5AU+Y66UNJ3Ofva6CQ5Pchl2f1g6RQlBrkb7uWI
2QkQFBkoFCKZ8ozc38OOEqf2DD96ZPW5uilqow65RE62+IbPxeeybEmBvlborEs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org