Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MYjbgj7eyzU9BpxeMnYgftAo_X4.roa
File: MYjbgj7eyzU9BpxeMnYgftAo_X4.roa (raw, json)
Hash identifier: bcwsKN7PQAt4+dpNw4JvJSIwIbDDTQzY3X4iQfI5c6c=
Subject key identifier: 31:88:DB:82:3E:DE:CB:35:3D:06:9C:5E:32:76:20:7E:D0:28:FD:7E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC4254E2B7FC7FC8D56B8B8D40E2085CF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MYjbgj7eyzU9BpxeMnYgftAo_X4.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 163.5.211.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 15:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4e:2b:7f:c7:fc:8d:56:b8:b8:d4:0e:20:85:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3188db823edecb353d069c5e3276207ed028fd7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4a:be:3b:99:5e:42:84:ce:c8:ba:19:10:19:
fb:cf:77:81:a2:9e:ee:06:93:04:30:13:15:cb:c5:
f7:11:91:0a:6a:5b:4e:cd:e0:67:53:ab:ff:de:62:
6d:9e:66:8d:13:25:84:dd:55:81:cd:7a:37:2b:4c:
70:c8:b6:b9:ef:f6:65:2b:2b:db:40:81:1a:89:9a:
4f:ea:de:18:cb:72:ce:30:15:61:d0:88:82:01:b1:
80:43:34:36:01:f0:ce:3a:ee:ca:a3:3d:9a:bc:fd:
37:2a:f6:6c:93:65:8f:80:79:54:b3:16:a8:80:82:
88:69:a6:a8:23:8a:32:3e:9d:39:7f:fa:b1:87:d7:
53:da:de:70:5e:ef:1b:85:cc:f2:7b:76:a7:79:c9:
78:4e:42:6b:5a:38:98:00:33:f6:9a:f4:1c:1f:28:
10:f9:b0:5a:2c:4b:75:ab:c4:e7:92:f4:ab:46:b5:
a1:4c:91:53:3f:42:99:ce:cf:e1:ae:06:11:9e:5c:
6a:89:37:a5:e1:fe:e6:97:71:ae:7e:60:3a:32:42:
7e:a9:11:70:89:a4:4e:78:9b:c5:e4:2b:6d:cd:fd:
ef:67:96:a2:bb:df:46:25:47:35:9b:81:50:7f:45:
97:b4:70:40:4a:10:61:e5:21:68:a2:03:52:81:96:
d6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:88:DB:82:3E:DE:CB:35:3D:06:9C:5E:32:76:20:7E:D0:28:FD:7E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MYjbgj7eyzU9BpxeMnYgftAo_X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.136.0/24
163.5.211.0/24
Signature Algorithm: sha256WithRSAEncryption
23:03:a0:27:a0:ca:1c:82:d1:c3:9f:e5:03:5f:60:ab:e2:6b:
44:b9:e1:fa:26:cf:8a:37:27:ed:8c:c0:10:1a:9d:57:a0:73:
9f:f7:e4:c5:80:85:9d:b7:e8:33:a7:26:1e:b6:ff:d3:c7:8f:
bd:b4:f2:d4:00:47:e2:3c:aa:d7:d5:ea:51:a7:08:0a:15:6c:
d2:dd:df:03:d5:3e:bf:33:9e:13:eb:61:63:56:ef:35:d9:ac:
04:53:72:e8:4a:1f:26:6f:e1:ae:41:fd:62:ab:84:7b:6e:dc:
74:29:33:60:90:fd:91:2d:5f:44:87:eb:a1:f7:e2:34:18:40:
bd:e1:4e:ea:34:cc:1c:9b:2e:4d:06:99:8f:53:95:ee:fd:00:
93:72:28:d3:49:58:40:e5:d0:7b:4f:a6:9e:2b:fa:4c:76:f9:
7e:bb:24:d7:ba:98:29:5f:d9:5b:07:b6:85:48:e2:b5:4e:16:
c4:64:e9:30:75:32:08:17:54:f7:c8:f8:2a:6f:d4:b1:b1:bf:
02:7e:72:ff:d5:cf:67:dc:2b:11:86:74:3d:77:84:8c:f9:b5:
92:81:fc:e4:2d:9f:d3:ec:8d:fb:7f:1b:b7:79:6e:93:3a:64:
09:ae:3d:3c:43:05:4c:b2:8b:86:6b:05:c8:df:49:2d:0b:9f:
dc:9d:40:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJU4rf8f8jVa4uNQOIIXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTg4ZGI4MjNlZGVjYjM1M2QwNjljNWUzMjc2MjA3ZWQwMjhmZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkq+O5leQoTOyLoZEBn7z3eBop7u
BpMEMBMVy8X3EZEKaltOzeBnU6v/3mJtnmaNEyWE3VWBzXo3K0xwyLa57/ZlKyvb
QIEaiZpP6t4Yy3LOMBVh0IiCAbGAQzQ2AfDOOu7Koz2avP03KvZsk2WPgHlUsxao
gIKIaaaoI4oyPp05f/qxh9dT2t5wXu8bhczye3anecl4TkJrWjiYADP2mvQcHygQ
+bBaLEt1q8TnkvSrRrWhTJFTP0KZzs/hrgYRnlxqiTel4f7ml3GufmA6MkJ+qRFw
iaROeJvF5Cttzf3vZ5aiu99GJUc1m4FQf0WXtHBAShBh5SFoogNSgZbWyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDGI24I+3ss1PQacXjJ2IH7QKP1+MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTVlqYmdqN2V5elU5QnB4ZU1uWWdmdEFvX1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWIAwQA
owXTMA0GCSqGSIb3DQEBCwUAA4IBAQAjA6AnoMocgtHDn+UDX2Cr4mtEueH6Js+K
NyftjMAQGp1XoHOf9+TFgIWdt+gzpyYetv/Tx4+9tPLUAEfiPKrX1epRpwgKFWzS
3d8D1T6/M54T62FjVu812awEU3LoSh8mb+GuQf1iq4R7btx0KTNgkP2RLV9Eh+uh
9+I0GEC94U7qNMwcmy5NBpmPU5Xu/QCTcijTSVhA5dB7T6aeK/pMdvl+uyTXupgp
X9lbB7aFSOK1ThbEZOkwdTIIF1T3yPgqb9Sxsb8CfnL/1c9n3CsRhnQ9d4SM+bWS
gfzkLZ/T7I37fxu3eW6TOmQJrj08QwVMsouGawXI30ktC5/cnUAi
-----END CERTIFICATE-----
Generated at Thu Jan 25 18:43:16 2024 by rpki-client on console-ams.rpki-client.org