Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EM07y05R6z62AwwycjWmLUDK2yg.roa
File: EM07y05R6z62AwwycjWmLUDK2yg.roa (raw, json)
Hash identifier: nyJniP6LeV5OHfqxSsO/h/gxLtC6CN8BMl3jOekBSSo=
Subject key identifier: 10:CD:3B:CB:4E:51:EB:3E:B6:03:0C:32:72:35:A6:2D:40:CA:DB:28
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018ABBEA6E22797D661BD8439623DFAD199B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EM07y05R6z62AwwycjWmLUDK2yg.roa
Signing time: Fri 22 Sep 2023 08:03:37 +0000
ROA not before: Fri 22 Sep 2023 08:03:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.83.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bb:ea:6e:22:79:7d:66:1b:d8:43:96:23:df:ad:19:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 22 08:03:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10cd3bcb4e51eb3eb6030c327235a62d40cadb28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bc:eb:c8:c4:1f:57:f3:d1:c7:d1:7d:86:50:
2c:45:41:97:49:91:21:29:8b:60:20:97:8c:11:f7:
1d:dd:ca:27:3c:43:3f:f7:df:81:bb:94:b3:48:f1:
ad:21:f8:9e:20:57:93:5e:4a:91:37:45:02:6e:ab:
33:5e:48:1c:74:f6:26:ba:84:a3:ec:25:07:de:64:
30:ba:64:8c:54:8b:75:69:94:d9:e5:8a:d7:f2:92:
7f:06:bc:af:fd:78:57:3c:47:0a:98:d4:26:1f:36:
d7:18:5d:2f:12:3b:c6:9b:7a:3f:1b:67:df:46:15:
9e:03:88:6e:aa:a7:1e:17:ce:bd:4d:eb:db:13:9b:
eb:47:2b:d3:6e:be:e6:70:5b:27:88:c0:a7:42:1b:
90:d9:a9:ab:ef:c2:2b:e3:fd:fc:70:ea:ac:27:d1:
4e:40:23:ae:9b:10:ac:e7:fb:46:9d:fd:7f:b0:2d:
f4:ef:d1:71:0a:8e:ec:d5:97:cb:eb:44:57:09:15:
86:24:a3:6a:a9:a2:73:16:40:6c:6c:02:72:47:40:
19:db:be:b6:8b:f0:b9:92:c3:62:c4:3e:dd:78:ec:
2c:a0:fe:c9:7b:dc:20:69:bd:82:7c:75:c1:9f:7e:
5a:fe:b1:3a:f7:d5:11:1b:f7:79:54:52:5b:aa:0b:
6f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CD:3B:CB:4E:51:EB:3E:B6:03:0C:32:72:35:A6:2D:40:CA:DB:28
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EM07y05R6z62AwwycjWmLUDK2yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.59.0/24
163.5.83.0/24
163.5.142.0-163.5.144.255
163.5.154.0/24
163.5.192.0/23
163.5.214.0/23
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:7e:3b:ca:64:1e:c6:05:c6:8c:fe:21:7f:01:f6:08:9c:7b:
ae:ff:e1:dc:fa:11:5f:c4:63:32:58:cf:af:70:7a:02:c7:06:
ce:48:85:9f:21:6e:92:b7:65:d5:03:9e:d6:ef:0f:48:4a:1e:
c2:cc:ed:19:b7:59:bd:54:fb:c1:05:03:4b:0e:53:a9:7e:30:
6d:e7:49:46:de:66:22:a7:87:c6:43:06:2f:74:4d:7b:d2:63:
6c:25:3e:e4:d6:56:d5:70:c8:ed:9c:d3:92:21:f6:3d:2f:a4:
cd:e1:c4:5b:d9:2f:13:f6:14:19:6b:3c:ef:9b:1f:77:c3:36:
84:6d:cd:2b:d4:5e:23:5a:f9:cb:d5:6d:0c:10:c9:48:3f:7d:
0a:b0:21:0e:2f:1d:fc:19:37:61:60:84:8f:e4:3d:86:9a:dd:
1b:20:72:22:45:2b:cb:7b:9b:71:af:ba:45:1e:69:04:46:35:
28:45:4e:19:ba:6c:de:99:3a:fb:ce:d2:f3:0f:2a:92:b0:46:
f0:98:34:75:b6:eb:9a:4b:9c:8b:9f:e4:78:63:fd:a2:50:ee:
c1:5d:fe:42:07:fe:3b:7e:56:51:b1:31:f4:b4:b1:55:c9:15:
65:16:12:ee:b9:55:5c:f7:e7:2a:3c:fb:10:0d:79:4f:99:00:
5d:7b:ae:d4
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYq76m4ieX1mG9hDliPfrRmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTIyMDgwMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNkM2JjYjRlNTFlYjNlYjYwMzBjMzI3MjM1YTYyZDQwY2FkYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rzryMQfV/PRx9F9hlAsRUGXSZEh
KYtgIJeMEfcd3conPEM/99+Bu5SzSPGtIfieIFeTXkqRN0UCbqszXkgcdPYmuoSj
7CUH3mQwumSMVIt1aZTZ5YrX8pJ/Bryv/XhXPEcKmNQmHzbXGF0vEjvGm3o/G2ff
RhWeA4huqqceF869TevbE5vrRyvTbr7mcFsniMCnQhuQ2amr78Ir4/38cOqsJ9FO
QCOumxCs5/tGnf1/sC3079FxCo7s1ZfL60RXCRWGJKNqqaJzFkBsbAJyR0AZ2762
i/C5ksNixD7deOwsoP7Je9wgab2CfHXBn35a/rE699URG/d5VFJbqgtvYQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBDNO8tOUes+tgMMMnI1pi1AytsoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRU0wN3kwNVI2ejYyQXd3eWNqV21MVURLMnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAowU7AwQA
owVTMAwDBAGjBY4DBACjBZADBACjBZoDBAGjBcADBAGjBdYDBAC5/TYwDQYJKoZI
hvcNAQELBQADggEBAJ9+O8pkHsYFxoz+IX8B9gice67/4dz6EV/EYzJYz69wegLH
Bs5IhZ8hbpK3ZdUDntbvD0hKHsLM7Rm3Wb1U+8EFA0sOU6l+MG3nSUbeZiKnh8ZD
Bi90TXvSY2wlPuTWVtVwyO2c05Ih9j0vpM3hxFvZLxP2FBlrPO+bH3fDNoRtzSvU
XiNa+cvVbQwQyUg/fQqwIQ4vHfwZN2FghI/kPYaa3RsgciJFK8t7m3GvukUeaQRG
NShFThm6bN6ZOvvO0vMPKpKwRvCYNHW265pLnIuf5Hhj/aJQ7sFd/kIH/jt+VlGx
MfS0sVXJFWUWEu65VVz35yo8+xANeU+ZAF17rtQ=
-----END CERTIFICATE-----
Generated at Mon Oct 16 11:49:51 2023 by rpki-client on console-ams.rpki-client.org