Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GhqujaDYqJc5ShTuFqY0ZVDhyBQ.roa
File: GhqujaDYqJc5ShTuFqY0ZVDhyBQ.roa (raw, json)
Hash identifier: lgmQmrLPY4ySRXVXbySq7mvBWDwIuJlhb7lud8DCMOo=
Subject key identifier: 1A:1A:AE:8D:A0:D8:A8:97:39:4A:14:EE:16:A6:34:65:50:E1:C8:14
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042B41E1536234BE156C9B53F5631C1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GhqujaDYqJc5ShTuFqY0ZVDhyBQ.roa
Signing time: Mon 02 Jan 2023 02:14:57 +0000
ROA not before: Mon 02 Jan 2023 02:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 163.5.199.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:b4:1e:15:36:23:4b:e1:56:c9:b5:3f:56:31:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a1aae8da0d8a897394a14ee16a6346550e1c814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:11:10:21:41:df:2f:17:c0:da:b6:20:46:13:
0d:7b:38:ec:b9:57:a2:f0:0b:2e:e4:62:9b:2a:e1:
62:4b:04:5d:03:8b:1a:9d:9b:66:cd:1c:bb:dc:16:
14:a1:15:a3:39:03:54:b4:f3:c9:bc:09:a1:3f:b2:
f0:fe:ae:36:c5:b0:03:f3:80:fd:76:4c:70:42:aa:
af:5e:d2:5a:36:13:73:32:1c:f7:69:23:9f:12:09:
26:78:79:e7:d4:40:b1:53:ba:30:70:07:3f:42:47:
d2:96:cb:03:81:db:94:1f:88:e6:e9:e5:98:c4:20:
6a:1c:1a:0c:58:50:47:19:b0:3b:b5:9d:6f:76:3c:
a3:96:df:90:ad:8e:49:6f:85:8d:12:98:a6:2b:6b:
66:cb:55:c9:21:a8:f8:95:23:e9:66:2a:09:3d:44:
e2:b2:e7:0e:3e:f0:6f:3b:2e:58:1e:2b:2a:24:53:
eb:cf:1a:90:bd:83:d0:75:86:5f:89:4a:a9:05:f1:
27:a7:5f:16:9c:cb:4a:02:c1:0f:63:92:72:b5:a5:
cb:f9:f7:c0:a0:91:8f:72:49:fa:01:19:34:0d:bd:
a1:31:5a:07:cb:52:5c:70:e7:80:5c:2e:dc:50:64:
1b:5d:7f:0a:88:17:7b:41:99:e1:fc:dc:19:3a:65:
51:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1A:AE:8D:A0:D8:A8:97:39:4A:14:EE:16:A6:34:65:50:E1:C8:14
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GhqujaDYqJc5ShTuFqY0ZVDhyBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.164.0/24
163.5.199.0/24
Signature Algorithm: sha256WithRSAEncryption
86:29:10:41:e9:7d:74:35:d4:c3:be:0b:70:71:18:48:b6:fb:
4c:08:d2:40:54:a5:94:d2:e4:87:76:85:f7:6d:e6:9e:11:f9:
65:8a:e1:dd:20:89:3a:22:08:af:0f:ec:d9:53:ba:39:00:20:
4d:fb:35:25:15:d4:82:98:80:f6:6d:6c:bb:bc:2e:f4:ff:e9:
14:bc:51:29:68:71:db:35:cb:3c:73:5d:de:25:b6:b9:ab:8f:
8f:82:b4:2c:1e:9f:0e:b8:b1:bd:a8:ef:a9:a1:7d:fc:99:ba:
f7:1f:80:3a:de:95:c4:29:2f:e8:1e:d5:fa:c9:e7:75:7b:4b:
18:4c:9e:fa:10:cc:5c:66:88:a0:bf:8e:8a:9a:af:f3:0c:7a:
9b:b1:2d:aa:30:90:3a:38:fe:1e:fa:8a:46:b4:13:39:55:b1:
15:61:27:4a:83:5f:3d:5f:0a:84:d6:6a:62:9c:f4:45:3a:2b:
0e:dc:a0:63:3a:99:bd:d5:e3:44:20:1d:43:69:5f:82:7d:aa:
07:d3:16:67:c7:50:06:71:95:f7:99:03:db:28:18:24:e1:b1:
60:aa:b6:d0:e1:d7:9b:98:ca:f4:0c:ca:e0:8b:d3:60:1c:e1:
ac:52:ba:f6:0a:b2:38:59:d4:90:cc:25:7f:88:f7:22:17:7b:
d7:af:0d:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwQrQeFTYjS+FWybU/VjHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTFhYWU4ZGEwZDhhODk3Mzk0YTE0ZWUxNmE2MzQ2NTUwZTFjODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxREQIUHfLxfA2rYgRhMNezjsuVei
8Asu5GKbKuFiSwRdA4sanZtmzRy73BYUoRWjOQNUtPPJvAmhP7Lw/q42xbAD84D9
dkxwQqqvXtJaNhNzMhz3aSOfEgkmeHnn1ECxU7owcAc/QkfSlssDgduUH4jm6eWY
xCBqHBoMWFBHGbA7tZ1vdjyjlt+QrY5Jb4WNEpimK2tmy1XJIaj4lSPpZioJPUTi
sucOPvBvOy5YHisqJFPrzxqQvYPQdYZfiUqpBfEnp18WnMtKAsEPY5JytaXL+ffA
oJGPckn6ARk0Db2hMVoHy1JccOeAXC7cUGQbXX8KiBd7QZnh/NwZOmVRcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBoaro2g2KiXOUoU7hamNGVQ4cgUMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvR2hxdWphRFlxSmM1U2hUdUZxWTBaVkRoeUJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWkAwQA
owXHMA0GCSqGSIb3DQEBCwUAA4IBAQCGKRBB6X10NdTDvgtwcRhItvtMCNJAVKWU
0uSHdoX3beaeEflliuHdIIk6IgivD+zZU7o5ACBN+zUlFdSCmID2bWy7vC70/+kU
vFEpaHHbNcs8c13eJba5q4+PgrQsHp8OuLG9qO+poX38mbr3H4A63pXEKS/oHtX6
yed1e0sYTJ76EMxcZoigv46Kmq/zDHqbsS2qMJA6OP4e+opGtBM5VbEVYSdKg189
XwqE1mpinPRFOisO3KBjOpm91eNEIB1DaV+CfaoH0xZnx1AGcZX3mQPbKBgk4bFg
qrbQ4debmMr0DMrgi9NgHOGsUrr2CrI4WdSQzCV/iPciF3vXrw0a
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org