Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IdkR3zGL2Uobp5ol1kqkPmfFAnU.roa
File: IdkR3zGL2Uobp5ol1kqkPmfFAnU.roa (raw, json)
Hash identifier: 2W3ly/9Uf9s9tSX68CEU72yiE5yzBNOwPtIbLbpJ19I=
Subject key identifier: 21:D9:11:DF:31:8B:D9:4A:1B:A7:9A:25:D6:4A:A4:3E:67:C5:02:75
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042BE2DCADE745422055101294969F1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IdkR3zGL2Uobp5ol1kqkPmfFAnU.roa
Signing time: Mon 02 Jan 2023 02:15:00 +0000
ROA not before: Mon 02 Jan 2023 02:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54252
IP address blocks: 163.5.179.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:be:2d:ca:de:74:54:22:05:51:01:29:49:69:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21d911df318bd94a1ba79a25d64aa43e67c50275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c6:ca:53:ee:8b:f1:fd:8d:1e:6e:cc:71:e5:
0e:ec:9c:08:72:8b:a7:23:a0:ed:ba:2e:91:ae:b8:
01:1f:8b:2a:85:c8:68:4d:5d:1d:8e:0f:21:25:cb:
c7:63:aa:e8:bb:cd:34:a7:8e:f6:e3:e8:9d:32:f7:
3b:4b:b7:5d:49:fc:26:95:27:e1:be:4e:42:df:9d:
73:88:97:4c:02:e7:9b:db:3c:f8:7c:22:c1:7d:d3:
75:66:26:ba:a7:b8:44:ce:a8:3b:0d:b8:a8:35:bc:
94:d7:51:90:8c:c8:8f:1c:a5:e6:4b:95:67:94:aa:
6e:a7:dc:82:32:fa:ea:ca:37:a4:e6:1a:b8:5f:bb:
8f:2f:76:78:b2:9c:84:2c:a0:2a:a6:b5:e8:61:8d:
71:3f:9f:af:14:43:ae:c0:cd:00:67:82:3c:16:a0:
f7:1d:9c:6f:8b:bd:e8:15:45:5b:ea:39:42:43:51:
32:74:83:29:96:a9:72:f1:c0:d8:a9:a1:9b:09:41:
b4:ab:fa:2b:59:77:c9:ca:72:c8:5c:a2:a8:1c:2b:
8f:d0:0c:36:b6:a9:e3:ef:d0:5e:33:48:f0:89:9c:
2a:e9:b8:cd:6e:3f:d4:66:13:9a:fa:76:2f:c0:39:
51:0a:7c:a0:21:8e:ca:03:04:c1:b3:8b:88:7d:99:
88:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D9:11:DF:31:8B:D9:4A:1B:A7:9A:25:D6:4A:A4:3E:67:C5:02:75
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IdkR3zGL2Uobp5ol1kqkPmfFAnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.125.0/24
163.5.179.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:0e:0c:bd:c1:99:a1:60:58:81:9d:a0:11:7a:20:7a:dd:71:
dd:c5:10:c4:96:78:f0:4f:b4:38:e1:80:89:8b:87:bd:97:3e:
ef:83:8e:06:bc:2d:4b:2e:c7:91:b3:fb:ff:e3:a6:10:45:b8:
dc:90:54:a4:9f:d1:de:39:b8:ff:32:d0:e1:a9:91:16:de:32:
7b:83:11:e5:ed:12:42:9e:2b:83:3a:d7:04:29:66:5e:dc:f2:
ec:ab:d8:49:56:c8:e9:64:94:48:f0:0b:fd:37:dc:d9:4d:1c:
46:1c:dd:e6:f5:6e:2d:7c:be:e0:fb:66:d7:73:67:a0:a8:df:
20:3d:2b:6a:d0:1a:cc:56:4e:e0:e8:b4:22:3f:25:3e:f2:a9:
4c:5b:fd:a4:c8:6b:b3:43:a9:3f:a7:b8:8c:a3:22:84:7b:b2:
43:89:f7:3c:f6:10:43:46:d2:56:12:0a:8d:60:ad:58:d0:89:
fc:75:2e:8e:e5:04:d1:64:6c:e0:90:69:8d:3f:69:29:da:9c:
8b:70:79:c4:35:63:cc:fc:27:74:ea:e9:8d:b1:9a:e1:96:72:
a2:29:9c:dd:25:0d:ce:c7:74:2d:32:6c:3c:90:b9:51:b9:d1:
74:e7:49:6a:48:1f:97:ed:16:41:8b:bc:b0:07:61:ec:83:a6:
d7:ce:27:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwQr4tyt50VCIFUQEpSWnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ5MTFkZjMxOGJkOTRhMWJhNzlhMjVkNjRhYTQzZTY3YzUwMjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MbKU+6L8f2NHm7MceUO7JwIcoun
I6Dtui6RrrgBH4sqhchoTV0djg8hJcvHY6rou800p4724+idMvc7S7ddSfwmlSfh
vk5C351ziJdMAueb2zz4fCLBfdN1Zia6p7hEzqg7DbioNbyU11GQjMiPHKXmS5Vn
lKpup9yCMvrqyjek5hq4X7uPL3Z4spyELKAqprXoYY1xP5+vFEOuwM0AZ4I8FqD3
HZxvi73oFUVb6jlCQ1EydIMplqly8cDYqaGbCUG0q/orWXfJynLIXKKoHCuP0Aw2
tqnj79BeM0jwiZwq6bjNbj/UZhOa+nYvwDlRCnygIY7KAwTBs4uIfZmIRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCHZEd8xi9lKG6eaJdZKpD5nxQJ1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSWRrUjN6R0wyVW9icDVvbDFrcWtQbWZGQW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowUeAwQA
owV9AwQAowWzMA0GCSqGSIb3DQEBCwUAA4IBAQCiDgy9wZmhYFiBnaAReiB63XHd
xRDElnjwT7Q44YCJi4e9lz7vg44GvC1LLseRs/v/46YQRbjckFSkn9HeObj/MtDh
qZEW3jJ7gxHl7RJCniuDOtcEKWZe3PLsq9hJVsjpZJRI8Av9N9zZTRxGHN3m9W4t
fL7g+2bXc2egqN8gPStq0BrMVk7g6LQiPyU+8qlMW/2kyGuzQ6k/p7iMoyKEe7JD
ifc89hBDRtJWEgqNYK1Y0In8dS6O5QTRZGzgkGmNP2kp2pyLcHnENWPM/Cd06umN
sZrhlnKiKZzdJQ3Ox3QtMmw8kLlRudF050lqSB+X7RZBi7ywB2Hsg6bXziec
-----END CERTIFICATE-----
Generated at Sun Aug 6 10:21:29 2023 by rpki-client on console-fra.rpki-client.org