Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FNyYP58EjC9Cr2Kmf_jLl7jK76A.roa
File: FNyYP58EjC9Cr2Kmf_jLl7jK76A.roa (raw, json)
Hash identifier: msLwoSli8YYtTSw/kNaalN25yT8Q4bK3K9DohcjRuMw=
Subject key identifier: 14:DC:98:3F:9F:04:8C:2F:42:AF:62:A6:7F:F8:CB:97:B8:CA:EF:A0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B3447B2CCA005E38D1E4763507DCE51A1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FNyYP58EjC9Cr2Kmf_jLl7jK76A.roa
Signing time: Sun 15 Oct 2023 16:59:55 +0000
ROA not before: Sun 15 Oct 2023 16:59:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198607
IP address blocks: 163.5.87.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.239.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:34:47:b2:cc:a0:05:e3:8d:1e:47:63:50:7d:ce:51:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 15 16:59:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14dc983f9f048c2f42af62a67ff8cb97b8caefa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ca:69:02:f8:12:e2:d0:22:3a:f7:49:0f:d8:
74:a7:58:06:4c:29:32:06:0c:9c:e9:86:cb:6f:63:
bb:25:21:69:32:2c:24:4c:63:51:99:b4:71:0d:62:
20:3e:39:94:73:a6:51:39:67:06:66:57:8b:58:48:
0a:6e:71:2a:80:0a:89:6c:df:53:c7:d5:de:96:0c:
f2:9f:83:00:19:df:4f:32:eb:86:6f:2c:9d:1b:b0:
d5:1a:37:1d:18:1e:8d:6d:aa:a6:6b:9b:ff:69:b7:
45:19:f8:02:2f:57:9f:cf:a5:3c:79:86:b6:ec:54:
47:d9:e3:25:5d:a1:d3:ac:e5:c5:b4:b1:c0:5d:de:
ed:91:cc:82:6c:10:03:09:64:6f:a4:a6:04:ab:35:
fa:cd:74:dd:9c:2d:d9:cd:ea:3e:c6:4f:08:e0:89:
5f:8a:c7:e4:31:d1:98:e2:56:35:fd:3c:5f:3f:99:
d6:42:14:8b:fb:c8:3a:d4:07:19:50:8b:92:bd:3e:
1b:7f:18:f1:88:2c:d9:f4:2e:f2:0e:2b:2d:79:25:
de:43:e4:67:5f:f5:5e:d8:e2:dd:53:d6:9e:90:45:
7c:49:a1:25:b4:d1:22:69:c9:6a:2e:f0:b2:de:83:
cf:b4:5c:fa:45:1b:96:73:1d:be:60:d6:b8:7d:f0:
eb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DC:98:3F:9F:04:8C:2F:42:AF:62:A6:7F:F8:CB:97:B8:CA:EF:A0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FNyYP58EjC9Cr2Kmf_jLl7jK76A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.87.0/24
163.5.127.0/24
163.5.202.0/24
163.5.239.0/24
Signature Algorithm: sha256WithRSAEncryption
36:3a:e2:37:98:f2:3e:71:dc:62:f6:f4:76:38:ab:a4:1a:87:
00:80:be:a6:af:73:92:af:38:3d:d3:64:b4:25:15:e6:6c:f2:
4d:72:f6:05:e4:bb:33:4b:e5:29:cd:12:f5:a0:1d:41:4b:c2:
b8:56:fb:7f:10:a0:20:4e:6c:6d:39:b3:94:85:8a:cf:0a:c5:
85:ce:1d:4a:1d:07:0e:81:03:18:17:4b:94:13:3b:ac:38:4b:
8c:86:41:76:5f:55:63:ed:fa:42:2d:44:ce:46:dd:70:ca:0b:
e0:71:11:e8:50:b9:a7:52:ab:33:25:7e:2a:21:b6:9d:35:66:
fd:59:b9:3b:a2:e3:4c:55:04:fc:43:d5:68:85:de:0e:5e:90:
eb:b5:ac:04:fd:e9:a7:3b:c7:64:c2:6a:16:f1:4a:be:d7:5d:
7a:0c:0d:87:2b:a1:97:d2:7e:5d:36:c6:65:c7:ec:ef:dd:7f:
4a:e1:61:a9:68:39:e3:0d:60:0c:71:70:ef:6a:77:8b:c0:01:
7a:2c:16:8f:d2:9c:1d:b4:e9:1d:5e:dd:2b:d6:b1:b1:4f:2f:
79:28:20:d9:0c:31:d2:4a:3b:94:c9:36:df:9d:98:4f:e3:43:
cc:da:c6:ec:71:45:f3:39:6b:5f:89:35:d8:83:09:a3:66:5a:
83:ba:0a:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYs0R7LMoAXjjR5HY1B9zlGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDE1MTY1OTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGRjOTgzZjlmMDQ4YzJmNDJhZjYyYTY3ZmY4Y2I5N2I4Y2FlZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sppAvgS4tAiOvdJD9h0p1gGTCky
Bgyc6YbLb2O7JSFpMiwkTGNRmbRxDWIgPjmUc6ZROWcGZleLWEgKbnEqgAqJbN9T
x9Xelgzyn4MAGd9PMuuGbyydG7DVGjcdGB6Nbaqma5v/abdFGfgCL1efz6U8eYa2
7FRH2eMlXaHTrOXFtLHAXd7tkcyCbBADCWRvpKYEqzX6zXTdnC3Zzeo+xk8I4Ilf
isfkMdGY4lY1/TxfP5nWQhSL+8g61AcZUIuSvT4bfxjxiCzZ9C7yDisteSXeQ+Rn
X/Ve2OLdU9aekEV8SaEltNEiaclqLvCy3oPPtFz6RRuWcx2+YNa4ffDr4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBTcmD+fBIwvQq9ipn/4y5e4yu+gMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRk55WVA1OEVqQzlDcjJLbWZfakxsN2pLNzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVXAwQA
owV/AwQAowXKAwQAowXvMA0GCSqGSIb3DQEBCwUAA4IBAQA2OuI3mPI+cdxi9vR2
OKukGocAgL6mr3OSrzg902S0JRXmbPJNcvYF5LszS+UpzRL1oB1BS8K4Vvt/EKAg
TmxtObOUhYrPCsWFzh1KHQcOgQMYF0uUEzusOEuMhkF2X1Vj7fpCLUTORt1wygvg
cRHoULmnUqszJX4qIbadNWb9Wbk7ouNMVQT8Q9Vohd4OXpDrtawE/emnO8dkwmoW
8Uq+1116DA2HK6GX0n5dNsZlx+zv3X9K4WGpaDnjDWAMcXDvaneLwAF6LBaP0pwd
tOkdXt0r1rGxTy95KCDZDDHSSjuUyTbfnZhP40PM2sbscUXzOWtfiTXYgwmjZlqD
ugqt
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:19 2024 by rpki-client on console-fra.rpki-client.org