Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EKjfScqk22M34-FKq73QS3OsbfE.roa
File: EKjfScqk22M34-FKq73QS3OsbfE.roa (raw, json)
Hash identifier: DBOWFwYe1uxZhJQOgo1dFyEt6a+MoCU2LM0azf4n4L8=
Subject key identifier: 10:A8:DF:49:CA:A4:DB:63:37:E3:E1:4A:AB:BD:D0:4B:73:AC:6D:F1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0186B6914B5397295A058BB415AF23B96C2C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EKjfScqk22M34-FKq73QS3OsbfE.roa
Signing time: Mon 06 Mar 2023 10:57:00 +0000
ROA not before: Mon 06 Mar 2023 10:57:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55720
IP address blocks: 163.5.139.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:91:4b:53:97:29:5a:05:8b:b4:15:af:23:b9:6c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 6 10:57:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10a8df49caa4db6337e3e14aabbdd04b73ac6df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ec:3a:14:59:d2:da:fa:7f:7e:e3:17:dc:07:
e3:8d:79:14:27:9c:3a:62:1e:94:10:bc:94:9f:c3:
73:82:35:ed:ee:31:25:0c:ec:51:bb:5b:7f:f5:25:
df:37:d6:df:00:a9:a5:50:66:18:53:23:de:c2:97:
b3:82:76:14:46:87:f6:eb:03:78:fd:a8:cb:ed:76:
12:fa:41:09:8d:31:10:a2:bf:21:3c:38:cd:56:0c:
0b:ea:8a:35:74:c7:22:05:40:c7:06:8d:3b:d4:dc:
82:5c:35:f4:93:5a:6c:38:23:8d:af:a2:0f:12:81:
8b:6c:5d:0c:a8:ce:df:6f:8f:2b:9c:55:db:12:70:
16:0e:ce:84:80:13:05:d2:e0:2f:32:ba:79:54:51:
b8:3c:65:45:d4:3d:53:49:5b:0d:8a:32:f5:87:ce:
5c:89:54:f8:ac:a1:58:89:7d:c6:28:99:4a:8d:a2:
d0:fe:b2:c7:1b:74:1d:5c:05:b5:5e:1d:15:0a:4d:
3a:82:f8:5b:9c:d5:0d:19:bf:e8:86:91:71:bb:28:
31:ae:58:9a:e6:b6:34:4d:81:d7:9a:12:fe:c3:74:
5e:e4:c7:78:08:66:1c:e3:4f:87:e5:15:ef:88:31:
f7:6b:45:a2:85:f1:19:34:f4:31:59:9d:b8:df:06:
bf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A8:DF:49:CA:A4:DB:63:37:E3:E1:4A:AB:BD:D0:4B:73:AC:6D:F1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EKjfScqk22M34-FKq73QS3OsbfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.139.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0d:08:fd:2f:25:62:1b:19:87:6b:0f:92:57:ae:16:f1:26:
f6:b2:6d:41:b2:bd:05:90:4d:83:23:c0:13:43:9e:fd:c3:bb:
1b:05:f3:58:2a:7d:c8:19:99:0b:b1:33:1e:e8:ee:fc:0d:00:
fe:67:72:50:89:6d:42:1b:03:5d:15:ff:34:8f:4f:8d:56:2a:
bf:c9:09:9b:d6:cb:4d:a6:0a:1d:81:04:81:a6:e7:ce:f8:7d:
b6:61:7e:22:3a:4c:85:9d:64:2f:83:16:48:f8:c2:56:88:7f:
de:84:b3:9b:3b:ef:b9:41:fc:28:69:a1:3b:8e:81:66:2c:32:
d0:4e:80:d5:99:0b:e9:61:0a:17:7b:41:cd:62:f7:f2:3e:c6:
3f:3c:5e:e8:52:dd:cf:a0:a8:4a:83:40:9a:60:4e:23:88:94:
dc:3f:43:6c:4e:84:56:f7:32:6f:4d:b5:81:cc:01:18:f4:dd:
63:15:31:1a:4c:3e:ff:7d:d3:c0:0a:f4:34:db:6c:5d:f7:7b:
d2:9c:97:19:06:82:75:e0:c5:90:5a:09:94:c5:69:17:be:df:
50:cf:02:26:d1:69:6b:33:1a:38:0a:1f:2a:48:67:b4:6a:15:
3e:65:89:ac:f6:8e:70:e3:c3:3c:c4:a9:5d:07:29:a7:42:90:
09:89:4c:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa2kUtTlylaBYu0Fa8juWwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMzA2MTA1NzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGE4ZGY0OWNhYTRkYjYzMzdlM2UxNGFhYmJkZDA0YjczYWM2ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+w6FFnS2vp/fuMX3AfjjXkUJ5w6
Yh6UELyUn8NzgjXt7jElDOxRu1t/9SXfN9bfAKmlUGYYUyPewpezgnYURof26wN4
/ajL7XYS+kEJjTEQor8hPDjNVgwL6oo1dMciBUDHBo071NyCXDX0k1psOCONr6IP
EoGLbF0MqM7fb48rnFXbEnAWDs6EgBMF0uAvMrp5VFG4PGVF1D1TSVsNijL1h85c
iVT4rKFYiX3GKJlKjaLQ/rLHG3QdXAW1Xh0VCk06gvhbnNUNGb/ohpFxuygxrlia
5rY0TYHXmhL+w3Re5Md4CGYc40+H5RXviDH3a0WihfEZNPQxWZ243wa/3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCo30nKpNtjN+PhSqu90EtzrG3xMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRUtqZlNjcWsyMk0zNC1GS3E3M1FTM09zYmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWLMA0G
CSqGSIb3DQEBCwUAA4IBAQBaDQj9LyViGxmHaw+SV64W8Sb2sm1Bsr0FkE2DI8AT
Q579w7sbBfNYKn3IGZkLsTMe6O78DQD+Z3JQiW1CGwNdFf80j0+NViq/yQmb1stN
pgodgQSBpufO+H22YX4iOkyFnWQvgxZI+MJWiH/ehLObO++5QfwoaaE7joFmLDLQ
ToDVmQvpYQoXe0HNYvfyPsY/PF7oUt3PoKhKg0CaYE4jiJTcP0NsToRW9zJvTbWB
zAEY9N1jFTEaTD7/fdPACvQ022xd93vSnJcZBoJ14MWQWgmUxWkXvt9QzwIm0Wlr
Mxo4Ch8qSGe0ahU+ZYms9o5w48M8xKldBymnQpAJiUxX
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org