Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IRdmVuz9EcrM10SXOL4QtkEuLbU.roa
File: IRdmVuz9EcrM10SXOL4QtkEuLbU.roa (raw, json)
Hash identifier: 6zQQQMnRutJYIiFOn2J6CpksY3mbVn8Kj14Yl1Bg2PY=
Subject key identifier: 21:17:66:56:EC:FD:11:CA:CC:D7:44:97:38:BE:10:B6:41:2E:2D:B5
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042BA751DA9BCCAA7C8AD968EC68B6F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IRdmVuz9EcrM10SXOL4QtkEuLbU.roa
Signing time: Mon 02 Jan 2023 02:14:59 +0000
ROA not before: Mon 02 Jan 2023 02:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43043
IP address blocks: 163.5.137.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:ba:75:1d:a9:bc:ca:a7:c8:ad:96:8e:c6:8b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21176656ecfd11caccd7449738be10b6412e2db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:11:7f:89:05:3f:8b:2b:d3:b3:5c:df:a4:30:
ab:ae:68:eb:5e:fa:11:d2:e7:af:c7:3e:2b:c6:e8:
c6:fe:9f:55:e6:c9:4c:5c:44:5f:d2:b5:8a:01:dd:
d8:2a:07:52:ae:75:c7:c9:85:7c:7e:32:c4:ee:03:
eb:ef:0d:64:29:5c:af:86:11:0c:ea:a5:cb:92:b8:
7a:6a:9f:0f:b9:03:da:48:cc:f0:fe:62:da:6d:e4:
9f:dc:a8:c2:b0:8a:d3:f4:60:72:ea:d4:39:d7:d3:
9c:21:45:a3:e1:e1:0d:5d:8b:ca:61:1a:47:f6:2f:
e9:a2:c4:a9:8d:47:6b:50:ed:2e:90:03:ff:a5:a9:
f6:e8:c4:63:bd:61:07:c0:d6:89:b7:29:a8:e4:63:
a2:37:cd:45:3c:97:72:d0:81:f7:ff:51:e9:5c:0f:
96:b5:2d:c7:db:6a:9c:0f:30:e1:bf:e1:51:e2:13:
47:87:a0:e0:40:6e:bb:53:5b:f1:e3:ef:c0:f3:88:
08:11:63:72:2e:51:d7:f3:05:c2:21:4b:47:e5:7f:
e5:d3:14:7c:ad:fb:94:dd:32:67:ed:55:8a:69:14:
80:ef:ae:3e:c3:8d:68:a0:dd:01:c3:1f:c8:c9:09:
8c:b7:fb:46:8a:46:13:0e:7d:ef:25:3d:f2:a2:23:
e5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:17:66:56:EC:FD:11:CA:CC:D7:44:97:38:BE:10:B6:41:2E:2D:B5
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IRdmVuz9EcrM10SXOL4QtkEuLbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.137.0/24
Signature Algorithm: sha256WithRSAEncryption
01:22:c7:25:fb:d0:56:7b:6d:3c:80:8a:9c:7e:ce:4d:c9:2b:
30:75:3b:29:4f:80:ef:48:8d:16:76:ee:f4:95:2f:59:6c:30:
f4:ad:3f:84:51:11:a0:64:bd:75:2b:bd:7e:79:36:0c:ef:79:
3d:ea:be:0e:ef:eb:d6:f8:13:b8:d7:6e:4b:b1:6d:36:ff:d4:
f0:48:b1:c0:10:4f:c5:dc:e0:68:d1:2f:63:89:60:56:50:2a:
4e:67:3f:5b:24:84:f5:2a:0b:83:f7:df:8c:0c:2f:bf:c2:f4:
73:23:94:59:48:d6:1a:46:66:03:d6:9a:ae:12:62:4a:9e:e7:
8a:3f:d1:c3:bd:b6:e8:2f:7e:df:10:0f:84:80:81:ff:2e:f9:
9a:e4:4b:55:3d:b8:99:48:50:51:80:4d:06:e4:e3:27:cd:68:
9a:90:32:bc:2f:a3:5e:38:b1:a1:04:a9:ee:52:aa:1f:2d:40:
7f:f2:4c:91:e7:a3:f2:ad:bb:2e:86:aa:12:4f:c2:b9:6a:ce:
5f:d8:89:bb:99:68:11:5d:ca:cd:73:61:5a:4f:c6:70:4f:5c:
fc:d7:b7:7d:7a:8f:53:27:d1:5a:ee:8e:95:1c:b1:ba:3a:b4:
a7:05:14:e8:d1:e9:45:16:59:85:b0:b4:cb:7e:c2:28:34:d8:
f9:c3:69:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQrp1Ham8yqfIrZaOxotvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTE3NjY1NmVjZmQxMWNhY2NkNzQ0OTczOGJlMTBiNjQxMmUyZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BF/iQU/iyvTs1zfpDCrrmjrXvoR
0uevxz4rxujG/p9V5slMXERf0rWKAd3YKgdSrnXHyYV8fjLE7gPr7w1kKVyvhhEM
6qXLkrh6ap8PuQPaSMzw/mLabeSf3KjCsIrT9GBy6tQ519OcIUWj4eENXYvKYRpH
9i/posSpjUdrUO0ukAP/pan26MRjvWEHwNaJtymo5GOiN81FPJdy0IH3/1HpXA+W
tS3H22qcDzDhv+FR4hNHh6DgQG67U1vx4+/A84gIEWNyLlHX8wXCIUtH5X/l0xR8
rfuU3TJn7VWKaRSA764+w41ooN0Bwx/IyQmMt/tGikYTDn3vJT3yoiPlxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEXZlbs/RHKzNdElzi+ELZBLi21MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSVJkbVZ1ejlFY3JNMTBTWE9MNFF0a0V1TGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWJMA0G
CSqGSIb3DQEBCwUAA4IBAQABIscl+9BWe208gIqcfs5NySswdTspT4DvSI0Wdu70
lS9ZbDD0rT+EURGgZL11K71+eTYM73k96r4O7+vW+BO4125LsW02/9TwSLHAEE/F
3OBo0S9jiWBWUCpOZz9bJIT1KguD99+MDC+/wvRzI5RZSNYaRmYD1pquEmJKnueK
P9HDvbboL37fEA+EgIH/Lvma5EtVPbiZSFBRgE0G5OMnzWiakDK8L6NeOLGhBKnu
UqofLUB/8kyR56PyrbsuhqoST8K5as5f2Im7mWgRXcrNc2FaT8ZwT1z817d9eo9T
J9Fa7o6VHLG6OrSnBRTo0elFFlmFsLTLfsIoNNj5w2n9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org