Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Jos0CUVaVTChX0KcN8QscBLGx3o.roa
File: Jos0CUVaVTChX0KcN8QscBLGx3o.roa (raw, json)
Hash identifier: q4OBuB6yf/gRgJojbJsZXIZaOUDiOa7zyZXIHxRSA+U=
Subject key identifier: 26:8B:34:09:45:5A:55:30:A1:5F:42:9C:37:C4:2C:70:12:C6:C7:7A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01891C68634CBC0F52090E4CB1130E16C646
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Jos0CUVaVTChX0KcN8QscBLGx3o.roa
Signing time: Mon 03 Jul 2023 15:39:10 +0000
ROA not before: Mon 03 Jul 2023 15:39:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 163.5.114.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.236.0/24 maxlen: 24
163.5.234.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:68:63:4c:bc:0f:52:09:0e:4c:b1:13:0e:16:c6:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 3 15:39:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=268b3409455a5530a15f429c37c42c7012c6c77a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2f:d2:11:9e:90:29:67:b6:a9:85:aa:4a:d5:
bc:dd:84:bc:01:00:27:98:8f:2a:0b:8f:1e:fb:41:
90:5c:0a:de:ee:49:24:20:cd:77:9d:80:75:f8:03:
60:c5:76:d5:82:3a:98:6c:ac:e9:f2:94:58:1c:8c:
3e:3c:58:2d:92:e6:c4:a0:b7:c0:5b:2f:bf:e4:b5:
f9:86:2c:4d:a2:86:88:b6:f8:95:17:8e:25:20:55:
0f:0f:4d:82:b8:49:9d:36:40:1c:09:11:4a:04:af:
47:6d:08:df:20:37:a4:3b:2c:17:2c:53:ea:71:f0:
a8:98:94:5b:dc:37:df:a8:43:e7:5d:20:cc:17:7e:
60:c7:b6:f5:37:51:73:26:f8:c0:f3:ca:4e:85:06:
be:88:c4:83:a6:d5:b3:44:7b:d9:a3:1b:da:a5:be:
a4:52:7b:9d:47:93:19:9f:dd:58:a2:98:5c:32:fb:
3a:e1:6c:17:96:e3:c9:ec:66:34:04:c3:ae:f7:5f:
d2:c7:0b:dd:f5:03:46:c8:97:ba:f7:cc:9e:d1:f0:
1c:99:1c:9d:df:3a:3f:10:00:29:bf:10:88:83:b7:
8c:51:f7:39:e3:d9:ff:ea:8a:e7:8a:25:9b:7f:c7:
c3:d4:51:7b:71:9c:90:90:c0:2b:50:5a:7c:7a:8c:
26:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:8B:34:09:45:5A:55:30:A1:5F:42:9C:37:C4:2C:70:12:C6:C7:7A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Jos0CUVaVTChX0KcN8QscBLGx3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.113.0-163.5.114.255
163.5.141.0/24
163.5.146.0/24
163.5.224.0/24
163.5.234.0/24
163.5.236.0/24
Signature Algorithm: sha256WithRSAEncryption
77:bd:73:3e:39:57:a0:1c:1c:82:ce:c4:6b:0c:af:73:5e:ae:
11:6e:26:b9:1e:9c:f3:86:63:85:b2:2a:f7:52:3e:d3:3f:6f:
de:13:04:fa:7c:52:b1:db:ff:77:33:69:89:cf:ba:8d:c4:46:
5a:b1:d0:0d:ff:94:02:e1:89:2d:68:ce:b4:d6:57:fe:d1:60:
ed:1c:81:c5:4f:0f:cb:00:4b:d5:c7:27:9f:55:0a:8e:4e:f4:
95:60:02:b4:5c:97:4d:83:cf:7f:74:ab:b3:e6:d1:11:19:33:
67:20:17:eb:dc:58:bb:92:77:f0:1b:72:28:84:a6:8d:f4:da:
6d:55:b0:94:d7:78:a6:38:a9:4d:97:7c:fc:90:e2:91:9a:62:
ec:3b:41:9d:90:91:2b:cd:96:9d:83:d7:43:fd:1d:e8:dc:64:
6c:c0:77:05:f5:17:c0:21:3e:88:27:8d:0f:82:b9:ef:03:04:
bb:e5:f6:5e:2d:32:bd:3c:13:b0:a7:49:11:61:db:82:46:15:
e1:7b:62:78:9e:2f:a4:33:dc:80:10:85:a2:9d:b8:3e:aa:36:
ed:09:03:9a:e5:17:bc:fe:15:dd:51:e0:c4:9b:12:63:b0:13:
d3:19:a6:6a:1e:8b:fe:30:45:18:11:a1:8e:4b:51:3d:57:7f:
04:7e:67:be
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYkcaGNMvA9SCQ5MsRMOFsZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzAzMTUzOTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjhiMzQwOTQ1NWE1NTMwYTE1ZjQyOWMzN2M0MmM3MDEyYzZjNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4S/SEZ6QKWe2qYWqStW83YS8AQAn
mI8qC48e+0GQXAre7kkkIM13nYB1+ANgxXbVgjqYbKzp8pRYHIw+PFgtkubEoLfA
Wy+/5LX5hixNooaItviVF44lIFUPD02CuEmdNkAcCRFKBK9HbQjfIDekOywXLFPq
cfComJRb3DffqEPnXSDMF35gx7b1N1FzJvjA88pOhQa+iMSDptWzRHvZoxvapb6k
UnudR5MZn91YophcMvs64WwXluPJ7GY0BMOu91/Sxwvd9QNGyJe698ye0fAcmRyd
3zo/EAApvxCIg7eMUfc549n/6orniiWbf8fD1FF7cZyQkMArUFp8eowmQQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCaLNAlFWlUwoV9CnDfELHASxsd6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSm9zMENVVmFWVENoWDBLY044UXNjQkxHeDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBACjBXED
BACjBXIDBACjBY0DBACjBZIDBACjBeADBACjBeoDBACjBewwDQYJKoZIhvcNAQEL
BQADggEBAHe9cz45V6AcHILOxGsMr3NerhFuJrkenPOGY4WyKvdSPtM/b94TBPp8
UrHb/3czaYnPuo3ERlqx0A3/lALhiS1ozrTWV/7RYO0cgcVPD8sAS9XHJ59VCo5O
9JVgArRcl02Dz390q7Pm0REZM2cgF+vcWLuSd/AbciiEpo302m1VsJTXeKY4qU2X
fPyQ4pGaYuw7QZ2QkSvNlp2D10P9HejcZGzAdwX1F8AhPognjQ+Cue8DBLvl9l4t
Mr08E7CnSRFh24JGFeF7YnieL6Qz3IAQhaKduD6qNu0JA5rlF7z+Fd1R4MSbEmOw
E9MZpmoei/4wRRgRoY5LUT1XfwR+Z74=
-----END CERTIFICATE-----
Generated at Mon Nov 6 05:01:40 2023 by rpki-client on console-ams.rpki-client.org