Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IUHUk4fVdbzwAV5glzVIIru_uy8.roa
File: IUHUk4fVdbzwAV5glzVIIru_uy8.roa (raw, json)
Hash identifier: 2GAvctbbV63FiuKZ99/WxD51YZgrJFfM3V11g7cOzE0=
Subject key identifier: 21:41:D4:93:87:D5:75:BC:F0:01:5E:60:97:35:48:22:BB:BF:BB:2F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01863BAE102BEEAC15E82886EF97D3941ACB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IUHUk4fVdbzwAV5glzVIIru_uy8.roa
Signing time: Fri 10 Feb 2023 14:15:08 +0000
ROA not before: Fri 10 Feb 2023 14:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.83.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3b:ae:10:2b:ee:ac:15:e8:28:86:ef:97:d3:94:1a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 10 14:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2141d49387d575bcf0015e6097354822bbbfbb2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:19:fe:89:8d:ad:46:a0:ad:0d:c3:02:e2:10:
3b:a9:24:3c:31:37:ea:f0:e8:b8:ed:a2:1b:dc:94:
7d:fa:44:7a:35:5c:5a:86:02:ce:60:d1:e3:0a:67:
3c:ce:5c:4e:f3:4c:e7:c3:9e:df:3e:2d:9d:49:6a:
a8:e8:2b:59:11:85:7f:1c:c2:62:68:b9:1b:b8:07:
1e:ff:7b:e8:b4:c6:54:bf:70:4d:b0:97:13:e0:33:
7b:db:b8:3c:58:50:bf:ab:1f:4f:9c:99:cc:6d:33:
56:5a:5f:57:bd:ca:90:65:0a:e1:a9:13:69:15:e9:
d2:10:ed:ff:68:5d:0e:48:db:18:e9:13:b0:52:d2:
82:15:16:28:70:96:8c:4d:e9:ea:60:73:b0:a9:bd:
32:c6:cf:5c:c3:3f:21:2e:3e:25:4e:66:92:bc:72:
f7:f6:7e:e7:41:3e:11:79:f1:37:ac:47:af:1e:b5:
f9:3d:fa:8b:37:9f:a2:ec:98:47:73:12:19:3e:e6:
5a:32:4f:24:17:68:7e:a4:dd:f5:ae:2a:a9:1c:80:
8f:0d:5e:0b:a1:eb:1f:3e:b1:2f:e9:80:df:41:8c:
ac:0a:db:09:33:68:fe:a5:60:e3:91:ab:25:b4:bd:
1c:05:6f:e1:f8:b9:39:10:78:cc:52:02:1a:85:a9:
b3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:41:D4:93:87:D5:75:BC:F0:01:5E:60:97:35:48:22:BB:BF:BB:2F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IUHUk4fVdbzwAV5glzVIIru_uy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.38.0/24
163.5.59.0/24
163.5.83.0/24
163.5.120.0/24
163.5.143.0/24
163.5.154.0/24
163.5.192.0/24
163.5.214.0/24
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
51:2b:03:cf:3b:40:55:87:4a:e5:7b:f6:39:61:14:01:cb:8e:
10:f2:d0:bf:c5:4e:a0:c0:bc:c2:65:8e:fa:4a:ed:c2:3d:09:
ba:c1:92:d9:57:35:32:e2:63:9a:96:c1:a0:4a:51:1d:3b:e8:
09:a2:aa:e8:3a:96:e9:95:ef:c8:cf:62:a1:1c:58:50:f2:07:
77:96:02:c0:cb:5a:37:b4:4e:64:37:52:ce:3c:c7:e2:5f:b2:
51:da:b9:ab:e7:e4:6b:ab:17:2f:b6:93:d6:a1:5d:a8:78:8e:
22:db:cb:15:c9:13:2f:a5:89:59:52:2f:28:58:69:c1:58:56:
5a:54:bc:bc:fa:dc:53:f4:71:b0:cc:dd:fb:52:86:fb:a0:d4:
79:8e:d0:ef:48:dc:fd:70:54:d1:8d:dc:b9:ca:be:30:40:14:
b2:66:14:ea:48:8b:39:96:d7:d1:3c:32:95:22:30:80:3d:27:
84:25:13:f0:df:ef:f3:b5:0e:53:89:24:03:6c:9d:41:ab:52:
6c:cc:4b:16:ec:f2:09:3f:71:ef:24:a6:bf:28:e3:4c:23:46:
06:36:b5:a3:62:8c:89:6b:67:95:ae:af:f9:85:01:2e:6c:48:
a5:84:bb:a9:c5:8b:10:2e:e8:36:7b:48:c6:6c:b0:dc:66:b7:
8c:15:0a:b4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYY7rhAr7qwV6CiG75fTlBrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMjEwMTQxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQxZDQ5Mzg3ZDU3NWJjZjAwMTVlNjA5NzM1NDgyMmJiYmZiYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Rn+iY2tRqCtDcMC4hA7qSQ8MTfq
8Oi47aIb3JR9+kR6NVxahgLOYNHjCmc8zlxO80znw57fPi2dSWqo6CtZEYV/HMJi
aLkbuAce/3votMZUv3BNsJcT4DN727g8WFC/qx9PnJnMbTNWWl9XvcqQZQrhqRNp
FenSEO3/aF0OSNsY6ROwUtKCFRYocJaMTenqYHOwqb0yxs9cwz8hLj4lTmaSvHL3
9n7nQT4RefE3rEevHrX5PfqLN5+i7JhHcxIZPuZaMk8kF2h+pN31riqpHICPDV4L
oesfPrEv6YDfQYysCtsJM2j+pWDjkasltL0cBW/h+Lk5EHjMUgIahamzqQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCFB1JOH1XW88AFeYJc1SCK7v7svMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSVVIVWs0ZlZkYnp3QVY1Z2x6VklJcnVfdXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAowUmAwQA
owU7AwQAowVTAwQAowV4AwQAowWPAwQAowWaAwQAowXAAwQAowXWAwQAuf02MA0G
CSqGSIb3DQEBCwUAA4IBAQBRKwPPO0BVh0rle/Y5YRQBy44Q8tC/xU6gwLzCZY76
Su3CPQm6wZLZVzUy4mOalsGgSlEdO+gJoqroOpbple/Iz2KhHFhQ8gd3lgLAy1o3
tE5kN1LOPMfiX7JR2rmr5+RrqxcvtpPWoV2oeI4i28sVyRMvpYlZUi8oWGnBWFZa
VLy8+txT9HGwzN37Uob7oNR5jtDvSNz9cFTRjdy5yr4wQBSyZhTqSIs5ltfRPDKV
IjCAPSeEJRPw3+/ztQ5TiSQDbJ1Bq1JszEsW7PIJP3HvJKa/KONMI0YGNrWjYoyJ
a2eVrq/5hQEubEilhLupxYsQLug2e0jGbLDcZreMFQq0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org