Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GzE7WoIqc7cdxMVrlU48eJYgpNg.roa
File: GzE7WoIqc7cdxMVrlU48eJYgpNg.roa (raw, json)
Hash identifier: onrIyVPwKLal60vYqR6jZSyws+xvhKXWIi4VGEWfkYo=
Subject key identifier: 1B:31:3B:5A:82:2A:73:B7:1D:C4:C5:6B:95:4E:3C:78:96:20:A4:D8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01861D74F6A2755AE254482488D912818832
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GzE7WoIqc7cdxMVrlU48eJYgpNg.roa
Signing time: Sat 04 Feb 2023 17:24:09 +0000
ROA not before: Sat 04 Feb 2023 17:24:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.83.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1d:74:f6:a2:75:5a:e2:54:48:24:88:d9:12:81:88:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 4 17:24:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b313b5a822a73b71dc4c56b954e3c789620a4d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a7:a3:08:a3:57:1c:3a:a1:72:0c:de:f6:a7:
f1:0d:e6:c9:b5:d7:39:42:1a:ee:d2:45:50:42:de:
c4:d4:2d:f2:fc:bd:25:5c:0a:f4:48:f2:ab:5c:5e:
07:d6:5c:01:c7:b2:aa:41:06:5a:c2:20:51:f0:85:
9d:bc:88:5d:28:ca:35:8a:2b:64:0c:93:b3:61:ac:
6c:45:26:79:67:68:34:0e:b4:b5:91:89:e1:97:77:
72:78:3b:a3:fe:4f:b6:fd:39:0f:94:94:0c:ac:49:
a9:3d:aa:c6:8e:3c:f4:d0:be:a4:c1:05:2c:60:73:
dc:55:8e:53:e6:89:8b:89:1a:59:cf:5e:34:ef:71:
a0:2a:57:b7:2a:de:d4:61:76:e7:e4:89:8e:df:93:
3e:9f:75:da:17:37:a5:14:06:66:17:5d:48:cc:60:
9b:4d:13:7c:e3:59:09:4e:5a:fb:10:55:45:36:14:
18:3e:71:f5:55:4a:c6:d4:19:79:cb:0f:88:48:bd:
7c:a8:71:47:05:c9:4d:47:5e:2e:d6:b6:f2:2a:c9:
f0:12:ef:53:7e:8e:a3:89:ad:2c:b7:71:6c:28:a8:
f6:f7:f7:73:09:e2:1b:c5:38:d0:51:78:5f:f0:72:
f4:7d:05:6a:09:bc:d8:fe:b6:82:97:ec:b2:d1:29:
db:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:31:3B:5A:82:2A:73:B7:1D:C4:C5:6B:95:4E:3C:78:96:20:A4:D8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GzE7WoIqc7cdxMVrlU48eJYgpNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.38.0/24
163.5.83.0/24
163.5.120.0/24
163.5.143.0/24
163.5.154.0/24
163.5.192.0/24
163.5.214.0/24
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
90:61:69:1b:60:32:b1:01:8a:a5:2b:8c:ca:f0:35:71:2c:06:
3a:9f:d5:34:10:e9:70:f4:2b:81:01:91:d3:3f:5b:c7:7c:bc:
15:26:97:c6:a9:c0:6e:77:31:04:3a:dd:25:28:cd:0a:56:e4:
1f:ee:09:b5:40:f3:b0:d4:4f:71:87:d3:c7:84:46:ea:3d:cc:
12:48:9f:66:5b:5d:6c:3e:4b:f1:8d:e9:62:a6:06:07:d3:df:
79:3b:49:97:84:d5:53:ef:14:9f:c1:dd:cc:ed:dc:70:08:10:
fc:71:97:68:4d:4c:a1:16:ac:1e:25:16:b8:d9:a3:48:32:af:
4c:4e:3a:3f:eb:1d:ab:76:15:bf:3a:3d:83:1e:fa:04:eb:c1:
9a:96:d1:4a:7d:61:a5:6d:21:c2:d5:3c:ed:54:50:59:57:f0:
12:52:f7:08:1a:3f:e7:70:f4:71:f1:8e:b0:a2:97:ef:cc:31:
51:52:53:4c:d0:06:e5:e9:16:74:8a:6f:46:bb:6e:28:26:c5:
44:e2:88:a8:bb:66:51:e5:8c:ca:1e:c9:35:2d:21:c3:79:90:
dd:7f:84:dd:6a:c0:21:0d:04:f0:08:50:04:b2:31:41:81:f9:
c4:c5:01:22:a0:40:7e:55:62:cd:0b:aa:71:c7:e9:3a:d1:bd:
09:74:f1:9c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYYddPaidVriVEgkiNkSgYgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMjA0MTcyNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjMxM2I1YTgyMmE3M2I3MWRjNGM1NmI5NTRlM2M3ODk2MjBhNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaejCKNXHDqhcgze9qfxDebJtdc5
Qhru0kVQQt7E1C3y/L0lXAr0SPKrXF4H1lwBx7KqQQZawiBR8IWdvIhdKMo1iitk
DJOzYaxsRSZ5Z2g0DrS1kYnhl3dyeDuj/k+2/TkPlJQMrEmpParGjjz00L6kwQUs
YHPcVY5T5omLiRpZz14073GgKle3Kt7UYXbn5ImO35M+n3XaFzelFAZmF11IzGCb
TRN841kJTlr7EFVFNhQYPnH1VUrG1Bl5yw+ISL18qHFHBclNR14u1rbyKsnwEu9T
fo6jia0st3FsKKj29/dzCeIbxTjQUXhf8HL0fQVqCbzY/raCl+yy0SnbrQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBsxO1qCKnO3HcTFa5VOPHiWIKTYMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvR3pFN1dvSXFjN2NkeE1WcmxVNDhlSllncE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAowUmAwQA
owVTAwQAowV4AwQAowWPAwQAowWaAwQAowXAAwQAowXWAwQAuf02MA0GCSqGSIb3
DQEBCwUAA4IBAQCQYWkbYDKxAYqlK4zK8DVxLAY6n9U0EOlw9CuBAZHTP1vHfLwV
JpfGqcBudzEEOt0lKM0KVuQf7gm1QPOw1E9xh9PHhEbqPcwSSJ9mW11sPkvxjeli
pgYH0995O0mXhNVT7xSfwd3M7dxwCBD8cZdoTUyhFqweJRa42aNIMq9MTjo/6x2r
dhW/Oj2DHvoE68GaltFKfWGlbSHC1TztVFBZV/ASUvcIGj/ncPRx8Y6wopfvzDFR
UlNM0Abl6RZ0im9Gu24oJsVE4oiou2ZR5YzKHsk1LSHDeZDdf4TdasAhDQTwCFAE
sjFBgfnExQEioEB+VWLNC6pxx+k60b0JdPGc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org