Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KzFXQmgo7dy-aKmIMzPOq3tdl2A.roa
File: KzFXQmgo7dy-aKmIMzPOq3tdl2A.roa (raw, json)
Hash identifier: V7aXr3JsYAT8Z2qOz7u6j4gLT/lbCe6dFXvO03VQGB8=
Subject key identifier: 2B:31:57:42:68:28:ED:DC:BE:68:A9:88:33:33:CE:AB:7B:5D:97:60
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01896EC19188C45F3BAD6D0CEDE086B3728E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KzFXQmgo7dy-aKmIMzPOq3tdl2A.roa
Signing time: Wed 19 Jul 2023 15:25:26 +0000
ROA not before: Wed 19 Jul 2023 15:25:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211603
IP address blocks: 163.5.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:c1:91:88:c4:5f:3b:ad:6d:0c:ed:e0:86:b3:72:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 19 15:25:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b3157426828eddcbe68a9883333ceab7b5d9760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f5:b8:9f:86:c2:00:82:97:83:12:98:5b:fe:
fa:52:a4:bc:cf:be:3a:ef:ea:af:22:c0:4f:26:04:
44:60:86:63:ad:e9:97:eb:ae:7d:4c:71:d0:a7:b0:
6f:c7:aa:65:a1:ca:73:a3:c1:b0:fa:a6:2e:40:2c:
da:05:9c:8f:e6:25:1a:fb:93:f1:7f:06:59:40:02:
f1:65:33:98:97:da:4f:35:40:00:c6:ee:53:14:4e:
a7:2a:a7:2e:01:dd:ae:41:11:20:c4:54:a5:45:6e:
30:fd:1a:b5:32:29:9b:2b:a9:45:78:3a:9b:b2:50:
31:6a:98:ae:92:25:b4:fb:6f:0a:7c:d7:90:99:8f:
fe:20:01:39:33:d6:18:c6:f3:e9:cc:70:34:15:21:
78:59:59:82:c7:d9:04:e9:9d:75:21:72:63:2a:6d:
13:c3:3a:77:a9:ff:2d:a8:84:8f:af:a6:20:cf:0e:
b7:4c:a6:f0:2f:e2:24:ab:28:15:a9:32:86:68:33:
41:01:1c:42:fb:1a:54:1d:fe:56:7f:75:1c:43:53:
52:01:51:1f:31:2a:d5:20:8a:70:13:1a:ed:39:ce:
53:a1:05:db:eb:40:63:e7:b0:39:4a:73:ff:65:05:
d8:6d:6f:32:73:d5:48:ae:19:23:fe:9a:f8:a6:5e:
d4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:31:57:42:68:28:ED:DC:BE:68:A9:88:33:33:CE:AB:7B:5D:97:60
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KzFXQmgo7dy-aKmIMzPOq3tdl2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.227.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:52:24:cd:af:f8:3b:c9:6c:e1:af:7c:81:d2:aa:09:90:d4:
65:4f:8d:f9:f8:76:4d:f7:a5:05:13:1f:82:63:75:e3:3a:6e:
81:d4:1f:14:47:1f:06:e7:ad:bf:c0:35:a4:be:b4:d3:bd:00:
b8:69:3a:73:cd:1c:13:d5:6b:38:77:33:a7:e3:39:48:a1:1d:
89:22:a2:e7:0e:e7:c1:4a:59:89:4a:fa:65:d7:06:d1:93:a0:
b3:d7:61:99:52:a3:6a:a1:a3:c7:79:97:8e:35:e0:28:65:f5:
27:66:e3:3b:7e:47:8e:24:8b:e4:6e:e3:08:29:11:80:76:7f:
98:65:80:f4:3c:cc:0e:d3:dc:eb:2e:c5:35:3c:ec:69:00:5e:
7c:b9:a8:58:a7:bc:a4:77:00:16:2c:93:10:9a:f1:ba:9c:5f:
24:02:2a:27:e0:0d:0c:ca:6a:51:c1:34:f3:d2:94:f6:a4:f3:
39:e5:bf:12:7b:f3:f7:ae:b0:bc:70:5e:59:6c:59:10:37:79:
e6:2b:7b:ba:17:fa:59:0c:7e:f1:3c:fb:4c:02:af:a8:5e:2c:
6e:f8:07:59:eb:74:e9:ec:d9:2b:2a:e5:50:0b:6c:b8:c8:3f:
8e:64:3e:c0:1d:8a:8c:71:49:19:b0:1f:8e:fe:ca:68:d9:3c:
e9:d3:33:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYluwZGIxF87rW0M7eCGs3KOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzE5MTUyNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjMxNTc0MjY4MjhlZGRjYmU2OGE5ODgzMzMzY2VhYjdiNWQ5NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/W4n4bCAIKXgxKYW/76UqS8z746
7+qvIsBPJgREYIZjremX6659THHQp7Bvx6plocpzo8Gw+qYuQCzaBZyP5iUa+5Px
fwZZQALxZTOYl9pPNUAAxu5TFE6nKqcuAd2uQREgxFSlRW4w/Rq1MimbK6lFeDqb
slAxapiukiW0+28KfNeQmY/+IAE5M9YYxvPpzHA0FSF4WVmCx9kE6Z11IXJjKm0T
wzp3qf8tqISPr6Ygzw63TKbwL+IkqygVqTKGaDNBARxC+xpUHf5Wf3UcQ1NSAVEf
MSrVIIpwExrtOc5ToQXb60Bj57A5SnP/ZQXYbW8yc9VIrhkj/pr4pl7UPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsxV0JoKO3cvmipiDMzzqt7XZdgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvS3pGWFFtZ283ZHktYUttSU16UE9xM3RkbDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXjMA0G
CSqGSIb3DQEBCwUAA4IBAQAbUiTNr/g7yWzhr3yB0qoJkNRlT435+HZN96UFEx+C
Y3XjOm6B1B8URx8G562/wDWkvrTTvQC4aTpzzRwT1Ws4dzOn4zlIoR2JIqLnDufB
SlmJSvpl1wbRk6Cz12GZUqNqoaPHeZeONeAoZfUnZuM7fkeOJIvkbuMIKRGAdn+Y
ZYD0PMwO09zrLsU1POxpAF58uahYp7ykdwAWLJMQmvG6nF8kAion4A0MympRwTTz
0pT2pPM55b8Se/P3rrC8cF5ZbFkQN3nmK3u6F/pZDH7xPPtMAq+oXixu+AdZ63Tp
7NkrKuVQC2y4yD+OZD7AHYqMcUkZsB+O/spo2Tzp0zOz
-----END CERTIFICATE-----
Generated at Sun Aug 6 10:23:24 2023 by rpki-client on console-ams.rpki-client.org