Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MGYjkycI8-bwx2qlLvPQNdgfczc.roa
File: MGYjkycI8-bwx2qlLvPQNdgfczc.roa (raw, json)
Hash identifier: gPmdpwrKe7AF22S7f6Oh3EOSUWwu+x5GANb28OEYn2c=
Subject key identifier: 30:66:23:93:27:08:F3:E6:F0:C7:6A:A5:2E:F3:D0:35:D8:1F:73:37
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188F84A466D1703548BF6DADB6929D9A604
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MGYjkycI8-bwx2qlLvPQNdgfczc.roa
Signing time: Mon 26 Jun 2023 15:19:57 +0000
ROA not before: Mon 26 Jun 2023 15:19:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 163.5.137.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f8:4a:46:6d:17:03:54:8b:f6:da:db:69:29:d9:a6:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 26 15:19:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=306623932708f3e6f0c76aa52ef3d035d81f7337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ae:d9:00:88:75:32:cd:d2:37:b6:80:0c:79:
58:77:51:0c:70:9d:30:68:b0:e6:9e:a7:6e:03:f7:
01:8c:f3:23:d7:72:8e:54:ab:e2:af:7f:08:d5:6c:
ef:ae:bd:21:7b:42:d0:de:de:e8:ee:fa:a4:89:32:
94:3e:33:d7:0e:5f:7d:1a:6a:5f:d1:ca:dc:c6:35:
30:de:33:53:00:33:df:c3:b3:3a:29:f5:5c:9d:07:
29:5e:10:9a:a4:6a:53:75:3d:c2:c8:04:6c:a7:59:
c7:d9:b5:54:65:e9:19:77:5d:ec:a2:7e:5c:92:99:
f0:bf:48:a8:2b:1f:84:d7:7f:b4:18:59:31:2c:76:
40:99:9b:3f:20:78:cf:9d:8b:d2:ef:2e:42:c3:9e:
d8:3c:c9:d2:86:77:28:55:a6:df:5e:73:f7:4b:40:
40:b3:3c:27:68:b8:81:24:86:33:8d:ff:59:37:e6:
67:7e:db:1e:a7:ca:3c:e7:d4:40:b7:46:18:76:d6:
f3:8e:4f:93:83:a4:2d:8c:fa:e5:72:1b:4f:2d:26:
dd:98:7e:57:d3:c8:d7:c2:11:4c:27:88:ec:b8:cb:
95:e4:72:80:80:b1:6f:81:e5:a6:bc:c1:a9:7e:d1:
24:71:6b:5b:f9:14:45:27:8f:7b:1f:1d:2e:14:03:
3c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:66:23:93:27:08:F3:E6:F0:C7:6A:A5:2E:F3:D0:35:D8:1F:73:37
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MGYjkycI8-bwx2qlLvPQNdgfczc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.137.0/24
163.5.156.0/23
163.5.159.0/24
Signature Algorithm: sha256WithRSAEncryption
11:04:b4:b8:e8:ff:e2:a7:f1:8a:76:9a:8f:5f:04:d1:07:7a:
67:66:9a:25:a0:a8:c9:30:1c:10:58:21:44:d4:44:27:c0:51:
34:c0:2d:71:c1:60:48:48:16:ff:02:a0:d8:3d:38:61:a9:22:
1b:61:d3:ee:f3:c5:cc:d1:01:d2:08:df:ab:5c:10:64:74:dd:
04:8a:57:eb:ca:a3:0f:96:cb:f5:f9:0a:d4:c1:39:4f:92:6d:
ea:5c:f7:f1:7e:66:91:5b:c6:50:07:c8:dc:9a:f0:31:cf:58:
3d:14:60:19:c6:8d:a7:3d:94:5f:6b:9d:85:55:0f:14:a9:13:
2c:13:df:2c:d4:28:41:a9:ea:5c:7a:0b:f1:2f:ea:6c:ae:59:
55:96:57:53:c4:60:47:06:c0:cb:81:c0:07:35:a7:f3:44:de:
ef:6d:ac:0d:72:16:74:9b:45:92:b3:54:05:b6:99:47:a4:5b:
56:b7:ac:0b:4f:7c:db:85:98:f8:f6:fc:17:c1:c5:b7:6b:75:
9a:9d:91:16:29:e4:0c:c3:7d:e6:47:b8:84:d2:79:09:2a:04:
52:91:86:f7:c5:8a:44:a1:bb:70:4a:55:af:f9:d3:5c:59:86:
26:26:13:36:06:e7:dd:e8:50:13:f7:9b:a7:5f:6d:57:bd:9c:
5c:1f:d7:18
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYj4SkZtFwNUi/ba22kp2aYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjI2MTUxOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY2MjM5MzI3MDhmM2U2ZjBjNzZhYTUyZWYzZDAzNWQ4MWY3MzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga7ZAIh1Ms3SN7aADHlYd1EMcJ0w
aLDmnqduA/cBjPMj13KOVKvir38I1Wzvrr0he0LQ3t7o7vqkiTKUPjPXDl99Gmpf
0crcxjUw3jNTADPfw7M6KfVcnQcpXhCapGpTdT3CyARsp1nH2bVUZekZd13son5c
kpnwv0ioKx+E13+0GFkxLHZAmZs/IHjPnYvS7y5Cw57YPMnShncoVabfXnP3S0BA
szwnaLiBJIYzjf9ZN+Znftsep8o859RAt0YYdtbzjk+Tg6QtjPrlchtPLSbdmH5X
08jXwhFMJ4jsuMuV5HKAgLFvgeWmvMGpftEkcWtb+RRFJ497Hx0uFAM8gwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDBmI5MnCPPm8MdqpS7z0DXYH3M3MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTUdZamt5Y0k4LWJ3eDJxbEx2UFFOZGdmY3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWJAwQB
owWcAwQAowWfMA0GCSqGSIb3DQEBCwUAA4IBAQARBLS46P/ip/GKdpqPXwTRB3pn
ZpoloKjJMBwQWCFE1EQnwFE0wC1xwWBISBb/AqDYPThhqSIbYdPu88XM0QHSCN+r
XBBkdN0EilfryqMPlsv1+QrUwTlPkm3qXPfxfmaRW8ZQB8jcmvAxz1g9FGAZxo2n
PZRfa52FVQ8UqRMsE98s1ChBqepcegvxL+psrllVlldTxGBHBsDLgcAHNafzRN7v
bawNchZ0m0WSs1QFtplHpFtWt6wLT3zbhZj49vwXwcW3a3WanZEWKeQMw33mR7iE
0nkJKgRSkYb3xYpEobtwSlWv+dNcWYYmJhM2Bufd6FAT95unX21XvZxcH9cY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org