Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/D_mfcZy3g3IJlnunY4crUNEQtXE.roa
File: D_mfcZy3g3IJlnunY4crUNEQtXE.roa (raw, json)
Hash identifier: UKTdWu8vwVKZaDIiCArKbGqSzGPk1zSCC+zG1g0sB7k=
Subject key identifier: 0F:F9:9F:71:9C:B7:83:72:09:96:7B:A7:63:87:2B:50:D1:10:B5:71
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018BBDE536E9A0916CE65C7A97425FD7F4CC
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/D_mfcZy3g3IJlnunY4crUNEQtXE.roa
Signing time: Sat 11 Nov 2023 10:19:57 +0000
ROA not before: Sat 11 Nov 2023 10:19:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 163.5.194.0/24 maxlen: 24
163.5.104.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:e5:36:e9:a0:91:6c:e6:5c:7a:97:42:5f:d7:f4:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 11 10:19:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ff99f719cb7837209967ba763872b50d110b571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fc:89:2c:a1:bc:e4:73:31:5f:74:94:17:11:
85:4e:af:5f:c1:77:16:02:5f:19:51:56:0e:5b:2f:
f1:d6:2d:c5:dc:b3:ed:76:9e:48:18:e3:bc:f8:7b:
16:e4:ae:9f:19:47:65:11:89:70:cc:ee:b6:4c:d6:
e6:2f:c0:35:fe:ac:f6:70:15:3f:af:47:7f:75:8d:
a5:c0:6e:e2:9f:29:1f:1e:0e:ae:25:3f:ab:d9:90:
ac:04:ce:65:11:a8:eb:69:61:c2:a4:9c:8e:f3:b5:
b2:1c:6c:93:69:f7:db:82:f2:35:21:ec:47:d2:ec:
92:92:37:75:44:73:c2:76:97:a6:29:76:5a:fc:5c:
e7:7c:9d:3e:59:fc:97:a4:a3:93:e2:0e:56:1d:8b:
c1:79:ea:79:33:7c:10:35:28:b7:7c:ac:44:b4:6f:
56:5e:51:00:37:ea:2c:64:f3:d0:11:8d:86:36:f5:
71:b2:81:7e:e3:17:97:ab:f0:0f:9d:1a:47:a0:cb:
64:80:9a:e9:9f:7c:3c:bd:29:49:f5:e0:dc:39:4e:
5d:b1:24:13:0c:c3:3f:d7:29:c0:b6:6d:50:23:26:
6b:6f:5b:35:e6:b8:0e:af:00:54:88:1f:e9:28:1d:
15:98:7d:27:d2:c5:98:a1:b9:31:cf:b4:fc:67:74:
f0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F9:9F:71:9C:B7:83:72:09:96:7B:A7:63:87:2B:50:D1:10:B5:71
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/D_mfcZy3g3IJlnunY4crUNEQtXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.104.0/24
163.5.129.0/24
163.5.157.0/24
163.5.194.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:4b:78:f1:79:b6:0d:a5:70:89:d5:02:74:c0:b1:e1:8b:d5:
07:f2:79:d8:dc:d6:27:d9:de:15:d8:56:0a:81:4c:41:ef:9e:
c1:af:c2:42:91:e0:0a:6b:6e:93:fe:de:00:9f:a5:ac:79:1a:
aa:38:03:33:8c:58:70:65:d0:a3:3c:0e:66:cd:5f:a8:c7:66:
a1:f4:02:27:7f:82:00:f8:76:58:ac:c6:cb:0e:e9:57:8d:32:
22:5b:c0:dc:c5:e2:17:2f:7a:43:30:85:40:13:71:3c:ad:76:
f1:6d:86:85:53:d3:19:18:1d:51:2e:64:cb:d5:97:2e:81:5f:
fe:d8:29:b4:c1:22:e8:75:2c:78:59:e7:4d:8b:7c:1e:00:b2:
34:8e:87:31:cb:a9:1e:d7:a6:3c:65:90:c6:77:57:33:21:b5:
72:50:f9:b4:75:64:f0:66:32:ab:71:2e:c5:c7:60:52:52:5a:
da:a0:bd:2a:48:f1:b9:61:78:55:d1:84:3b:bc:57:da:4f:ab:
31:cd:02:71:01:97:10:8d:61:bc:15:34:b3:b2:bc:f8:4c:c1:
02:1c:74:a4:7c:96:88:ec:97:64:52:ad:2f:9e:42:9c:88:bf:
54:7c:1a:8a:47:22:5e:7a:3d:76:2d:72:99:aa:78:b9:51:51:
ab:2f:74:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYu95TbpoJFs5lx6l0Jf1/TMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTExMTAxOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmY5OWY3MTljYjc4MzcyMDk5NjdiYTc2Mzg3MmI1MGQxMTBiNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/yJLKG85HMxX3SUFxGFTq9fwXcW
Al8ZUVYOWy/x1i3F3LPtdp5IGOO8+HsW5K6fGUdlEYlwzO62TNbmL8A1/qz2cBU/
r0d/dY2lwG7inykfHg6uJT+r2ZCsBM5lEajraWHCpJyO87WyHGyTaffbgvI1IexH
0uySkjd1RHPCdpemKXZa/FznfJ0+WfyXpKOT4g5WHYvBeep5M3wQNSi3fKxEtG9W
XlEAN+osZPPQEY2GNvVxsoF+4xeXq/APnRpHoMtkgJrpn3w8vSlJ9eDcOU5dsSQT
DMM/1ynAtm1QIyZrb1s15rgOrwBUiB/pKB0VmH0n0sWYobkxz7T8Z3TwywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA/5n3Gct4NyCZZ7p2OHK1DRELVxMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRF9tZmNaeTNnM0lKbG51blk0Y3JVTkVRdFhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVoAwQA
owWBAwQAowWdAwQAowXCMA0GCSqGSIb3DQEBCwUAA4IBAQBNS3jxebYNpXCJ1QJ0
wLHhi9UH8nnY3NYn2d4V2FYKgUxB757Br8JCkeAKa26T/t4An6WseRqqOAMzjFhw
ZdCjPA5mzV+ox2ah9AInf4IA+HZYrMbLDulXjTIiW8DcxeIXL3pDMIVAE3E8rXbx
bYaFU9MZGB1RLmTL1ZcugV/+2Cm0wSLodSx4WedNi3weALI0jocxy6ke16Y8ZZDG
d1czIbVyUPm0dWTwZjKrcS7Fx2BSUlraoL0qSPG5YXhV0YQ7vFfaT6sxzQJxAZcQ
jWG8FTSzsrz4TMECHHSkfJaI7JdkUq0vnkKciL9UfBqKRyJeej12LXKZqni5UVGr
L3Qj
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:19 2024 by rpki-client on console-fra.rpki-client.org