Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MctvSwRqkBdOElnMmPgdIKKVOvI.roa
File: MctvSwRqkBdOElnMmPgdIKKVOvI.roa (raw, json)
Hash identifier: LuVutfCAiKyza4GjX+Ry76Bd4EzRupxCy9Nog0VwOP8=
Subject key identifier: 31:CB:6F:4B:04:6A:90:17:4E:12:59:CC:98:F8:1D:20:A2:95:3A:F2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B381E388CBBBC38D352AED633F7317616
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MctvSwRqkBdOElnMmPgdIKKVOvI.roa
Signing time: Mon 16 Oct 2023 10:53:06 +0000
ROA not before: Mon 16 Oct 2023 10:53:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216159
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:1e:38:8c:bb:bc:38:d3:52:ae:d6:33:f7:31:76:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 16 10:53:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31cb6f4b046a90174e1259cc98f81d20a2953af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:67:8f:ac:f0:e2:64:da:68:89:e5:f6:01:6a:
9c:da:cb:84:18:96:16:5a:52:ae:1b:59:23:8b:90:
93:bd:ee:04:7d:63:3f:b4:56:53:90:db:6e:b4:62:
f3:9e:ff:64:74:94:8d:6e:b7:bb:c3:a1:ba:ae:1b:
bb:23:10:fa:6d:8f:ea:fb:e1:dc:38:5e:73:84:f0:
ca:8d:5d:36:7e:20:43:9a:72:e1:3d:b0:b9:2b:8b:
16:f2:52:da:03:bf:b4:f2:d2:85:9b:c5:91:c6:f7:
fe:e7:49:c6:85:8b:48:1c:59:3e:a5:e7:9e:69:2a:
d7:8b:ca:a5:fd:a7:67:7a:a0:75:23:c5:9b:d3:40:
ad:66:8d:39:f4:c7:6b:ac:6d:e9:6e:1b:98:5e:02:
50:f6:2e:10:03:a6:a4:d0:64:b6:29:ef:c9:66:0f:
e4:f8:f9:ff:d0:c4:bb:42:2d:34:11:51:5a:7e:c3:
4a:fe:ec:56:21:db:d2:8e:b9:c1:08:a5:74:0d:47:
62:37:a2:31:ef:ca:a4:4e:ac:49:88:c4:ff:47:eb:
0f:3b:17:61:42:03:88:1a:5b:b1:89:b2:0e:f3:6e:
f6:47:d6:b2:88:bd:23:fd:7c:bf:c0:08:1a:d0:eb:
8d:f6:1c:5b:d4:f2:5b:6f:f0:29:49:ff:9a:42:99:
29:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CB:6F:4B:04:6A:90:17:4E:12:59:CC:98:F8:1D:20:A2:95:3A:F2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/MctvSwRqkBdOElnMmPgdIKKVOvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.144.0/24
163.5.154.0/24
163.5.192.0/23
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
16:76:82:c7:bd:e8:56:2d:30:58:76:63:98:49:e6:d7:1b:bc:
b0:ca:29:0d:68:ed:9a:9c:da:2b:71:08:d4:0a:4c:9a:25:8a:
de:57:2f:56:60:b9:c0:89:1c:45:0f:60:a8:51:50:49:2d:e6:
a5:a4:2c:3b:45:47:1d:0d:80:04:f7:ec:58:82:50:a9:29:6f:
91:e7:d3:3c:a0:05:0c:77:c0:e4:3a:59:92:c0:e0:24:1b:bb:
fd:ca:8c:b4:39:64:e3:51:11:a0:25:49:d8:69:c8:20:28:46:
e0:ac:e2:ba:3b:b1:f9:f1:28:95:e7:da:77:0c:5c:28:8e:db:
3e:f7:3b:7a:0f:db:65:1f:6a:a1:9c:f7:bd:f8:00:d0:72:c4:
4e:21:10:ed:1a:88:98:0c:c9:7c:83:9f:87:f6:14:6f:53:a4:
d0:80:54:5f:9e:b8:ac:d4:5b:eb:c5:81:9c:4d:98:5b:4f:e7:
d0:16:b8:29:aa:ea:3a:1c:77:87:8c:27:fd:67:0c:2e:13:88:
05:eb:b7:84:1c:bc:97:cd:52:93:9a:99:fd:65:de:46:73:6f:
e8:ec:ee:43:9b:a3:87:e5:4a:b7:d2:d0:90:62:ea:8f:65:05:
dc:cd:e0:c1:87:4f:ca:52:a6:a4:8c:02:ad:bb:e1:b7:d2:5a:
17:e8:9b:c7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYs4HjiMu7w401Ku1jP3MXYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDE2MTA1MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWNiNmY0YjA0NmE5MDE3NGUxMjU5Y2M5OGY4MWQyMGEyOTUzYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWePrPDiZNpoieX2AWqc2suEGJYW
WlKuG1kji5CTve4EfWM/tFZTkNtutGLznv9kdJSNbre7w6G6rhu7IxD6bY/q++Hc
OF5zhPDKjV02fiBDmnLhPbC5K4sW8lLaA7+08tKFm8WRxvf+50nGhYtIHFk+peee
aSrXi8ql/adneqB1I8Wb00CtZo059MdrrG3pbhuYXgJQ9i4QA6ak0GS2Ke/JZg/k
+Pn/0MS7Qi00EVFafsNK/uxWIdvSjrnBCKV0DUdiN6Ix78qkTqxJiMT/R+sPOxdh
QgOIGluxibIO8272R9ayiL0j/Xy/wAga0OuN9hxb1PJbb/ApSf+aQpkpxQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDHLb0sEapAXThJZzJj4HSCilTryMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTWN0dlN3UnFrQmRPRWxuTW1QZ2RJS0tWT3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowWQAwQA
owWaAwQBowXAMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBABZ2gse9
6FYtMFh2Y5hJ5tcbvLDKKQ1o7Zqc2itxCNQKTJolit5XL1ZgucCJHEUPYKhRUEkt
5qWkLDtFRx0NgAT37FiCUKkpb5Hn0zygBQx3wOQ6WZLA4CQbu/3KjLQ5ZONREaAl
SdhpyCAoRuCs4ro7sfnxKJXn2ncMXCiO2z73O3oP22UfaqGc9734ANByxE4hEO0a
iJgMyXyDn4f2FG9TpNCAVF+euKzUW+vFgZxNmFtP59AWuCmq6jocd4eMJ/1nDC4T
iAXrt4QcvJfNUpOamf1l3kZzb+js7kObo4flSrfS0JBi6o9lBdzN4MGHT8pSpqSM
Aq274bfSWhfom8c=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org