Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LIk_5tghllP70LjJ9S4nMhxaazU.roa
File: LIk_5tghllP70LjJ9S4nMhxaazU.roa (raw, json)
Hash identifier: 7w3+KLZtjalqo1oh55IodXFzb7lJ22ko4JeqdqLqeiU=
Subject key identifier: 2C:89:3F:E6:D8:21:96:53:FB:D0:B8:C9:F5:2E:27:32:1C:5A:6B:35
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0186B1080F00E72138EFE03F1F700B6B1A7C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LIk_5tghllP70LjJ9S4nMhxaazU.roa
Signing time: Sun 05 Mar 2023 09:09:00 +0000
ROA not before: Sun 05 Mar 2023 09:09:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b1:08:0f:00:e7:21:38:ef:e0:3f:1f:70:0b:6b:1a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 5 09:09:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c893fe6d8219653fbd0b8c9f52e27321c5a6b35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b1:ce:1c:47:50:b5:12:e8:03:41:a6:14:78:
1d:a2:06:26:5b:c7:90:18:32:0d:ea:b9:3e:ee:5c:
ae:ee:18:68:27:d9:95:64:9a:5e:29:bd:96:d5:bb:
93:e5:b2:4d:ad:e2:fc:f0:3a:e0:86:d9:aa:59:3b:
e0:8b:e3:3e:33:ef:fc:30:4e:45:f1:e3:46:61:aa:
55:05:a4:ee:41:ee:6a:f4:de:09:8f:13:3f:90:00:
ec:22:76:53:ff:05:9a:05:27:8d:0d:87:a6:e6:60:
6a:87:7d:95:68:15:f7:85:57:2a:28:72:93:b5:3f:
70:d9:74:9c:6b:bf:e4:d8:ea:0f:0b:d8:f5:b8:d0:
fa:c9:37:ae:3a:ea:e0:f2:d5:61:ec:fc:37:62:6b:
e7:5a:2f:d7:18:27:4a:bc:d3:99:72:12:ea:b7:e1:
4c:43:9c:73:e0:1e:c9:c8:6f:49:77:be:f0:0d:5e:
24:16:9e:68:3b:3a:0f:46:a7:de:6b:5c:3c:c1:43:
b9:37:63:63:fd:68:95:39:92:85:05:03:e5:c2:38:
7e:00:b2:ba:95:7d:3f:b5:f9:c8:f7:f2:35:85:2a:
80:bc:1c:f9:d2:94:41:d4:12:b0:4b:f5:c5:ed:1d:
b2:3b:0a:e5:74:a0:2e:fb:16:24:d5:5a:0a:00:24:
01:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:89:3F:E6:D8:21:96:53:FB:D0:B8:C9:F5:2E:27:32:1C:5A:6B:35
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LIk_5tghllP70LjJ9S4nMhxaazU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.134.0/24
163.5.192.0/24
163.5.228.0/24
163.5.238.0/24
Signature Algorithm: sha256WithRSAEncryption
18:c2:6c:bd:78:32:23:02:7f:b6:65:01:d1:b4:d5:95:a2:9d:
33:4c:9d:67:45:6a:22:a3:7b:e8:06:e4:27:d6:ef:b8:87:c2:
8a:9f:1b:db:5b:9c:3c:8a:4b:4b:ae:ab:e7:f3:04:d9:0c:ae:
79:7e:7e:a7:c8:ac:7c:26:87:4d:dd:00:11:90:97:3c:6c:a5:
fc:08:38:4b:1d:aa:38:f9:53:02:e6:80:16:73:71:ba:69:09:
dc:cb:42:c2:94:d0:29:67:e3:d6:93:cf:7b:ed:7c:d5:6b:ed:
be:ac:5a:f8:1b:57:23:d9:b0:f9:f7:b4:61:9a:b6:29:0d:72:
60:73:cf:dc:4c:cb:34:34:0c:2c:ee:a8:48:cf:f2:3a:4e:12:
5f:09:66:1c:28:d5:e0:b8:cd:e3:1c:a6:74:f4:d2:6e:ca:59:
c5:d9:e3:b0:4e:03:a5:f4:13:35:65:26:d9:73:24:a5:e1:1b:
77:1f:ec:10:4f:c4:e8:bb:1f:5c:4c:1d:e6:bb:ae:9f:b5:98:
b3:45:35:51:37:00:6d:db:da:90:79:f7:3d:56:81:0f:c3:6e:
3a:31:c3:03:aa:97:ad:09:8b:e9:0d:42:d9:57:91:0c:ca:e1:
40:05:41:6c:7d:95:29:da:01:b4:a9:41:83:eb:2e:0e:8a:e7:
c3:59:49:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaxCA8A5yE47+A/H3ALaxp8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMzA1MDkwOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzg5M2ZlNmQ4MjE5NjUzZmJkMGI4YzlmNTJlMjczMjFjNWE2YjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7HOHEdQtRLoA0GmFHgdogYmW8eQ
GDIN6rk+7lyu7hhoJ9mVZJpeKb2W1buT5bJNreL88DrghtmqWTvgi+M+M+/8ME5F
8eNGYapVBaTuQe5q9N4JjxM/kADsInZT/wWaBSeNDYem5mBqh32VaBX3hVcqKHKT
tT9w2XSca7/k2OoPC9j1uND6yTeuOurg8tVh7Pw3YmvnWi/XGCdKvNOZchLqt+FM
Q5xz4B7JyG9Jd77wDV4kFp5oOzoPRqfea1w8wUO5N2Nj/WiVOZKFBQPlwjh+ALK6
lX0/tfnI9/I1hSqAvBz50pRB1BKwS/XF7R2yOwrldKAu+xYk1VoKACQBvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCyJP+bYIZZT+9C4yfUuJzIcWms1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTElrXzV0Z2hsbFA3MExqSjlTNG5NaHhhYXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowWGAwQA
owXAAwQAowXkAwQAowXuMA0GCSqGSIb3DQEBCwUAA4IBAQAYwmy9eDIjAn+2ZQHR
tNWVop0zTJ1nRWoio3voBuQn1u+4h8KKnxvbW5w8iktLrqvn8wTZDK55fn6nyKx8
JodN3QARkJc8bKX8CDhLHao4+VMC5oAWc3G6aQncy0LClNApZ+PWk8977XzVa+2+
rFr4G1cj2bD597RhmrYpDXJgc8/cTMs0NAws7qhIz/I6ThJfCWYcKNXguM3jHKZ0
9NJuylnF2eOwTgOl9BM1ZSbZcySl4Rt3H+wQT8Toux9cTB3mu66ftZizRTVRNwBt
29qQefc9VoEPw246McMDqpetCYvpDULZV5EMyuFABUFsfZUp2gG0qUGD6y4OiufD
WUmH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org