Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ms-XC5vknTEbr7TijOegRQqRd3Q.roa
File: Ms-XC5vknTEbr7TijOegRQqRd3Q.roa (raw, json)
Hash identifier: /qrUw+ZWQsWjvHJkaWeh+jZYxso+g0vBJ87frD2pGDs=
Subject key identifier: 32:CF:97:0B:9B:E4:9D:31:1B:AF:B4:E2:8C:E7:A0:45:0A:91:77:74
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0185BF45C9DBBD6D04B3D0201DD14D7B5A19
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ms-XC5vknTEbr7TijOegRQqRd3Q.roa
Signing time: Tue 17 Jan 2023 10:28:19 +0000
ROA not before: Tue 17 Jan 2023 10:28:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 163.5.79.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:45:c9:db:bd:6d:04:b3:d0:20:1d:d1:4d:7b:5a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 17 10:28:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32cf970b9be49d311bafb4e28ce7a0450a917774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1a:bd:49:ae:ae:83:d5:03:76:48:2b:e0:af:
72:11:77:08:db:0a:68:f3:ec:79:49:55:7c:fc:2a:
a6:fb:cf:c4:4a:57:b1:7e:95:f4:3e:0f:ff:40:36:
5a:2e:be:85:05:36:30:6a:7f:f4:11:b8:50:3c:4c:
7a:a2:40:fe:6c:a4:4c:fe:d8:fa:e8:6b:e6:59:3e:
55:9e:5a:95:d0:52:90:6a:9d:f6:5d:28:f1:df:a3:
02:45:25:45:11:f4:c7:33:31:e2:00:31:14:33:86:
6c:f2:d8:b2:b3:1d:af:c9:b9:a2:3d:e0:77:0f:b7:
36:d0:02:21:6f:ca:4a:6c:ca:9d:16:27:91:37:49:
be:3b:7e:6f:c4:ff:41:6f:d0:71:7b:dc:2a:0e:d4:
64:69:c3:dc:c2:5f:a4:72:e1:af:40:82:e2:18:cf:
17:f9:96:9d:53:ef:5f:b6:50:d1:a4:14:27:9d:ba:
f8:67:26:61:50:23:ac:35:56:74:ca:c9:b9:c6:a7:
a8:45:76:fa:6c:87:67:cf:6a:3f:03:9b:94:f2:ab:
e5:ff:ad:d3:e8:02:52:0a:bc:a3:88:96:fc:b8:54:
de:a0:22:a2:51:d4:e2:91:7b:65:37:96:c4:45:62:
89:8e:a4:66:a8:7c:cd:2a:76:79:e4:07:4e:0e:40:
0a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CF:97:0B:9B:E4:9D:31:1B:AF:B4:E2:8C:E7:A0:45:0A:91:77:74
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ms-XC5vknTEbr7TijOegRQqRd3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.79.0/24
163.5.134.0/24
Signature Algorithm: sha256WithRSAEncryption
01:80:b1:a9:bf:e1:16:7f:4d:b1:49:4e:f3:cc:04:48:2f:60:
14:86:3f:03:f5:a8:06:9b:63:2a:af:4b:d9:14:39:1c:75:d2:
39:d6:29:03:04:79:de:33:30:33:52:36:25:1e:3e:3a:1c:1e:
b9:d4:d0:61:9f:07:2c:b1:23:f9:08:1a:95:88:66:d4:5a:90:
47:f1:98:39:ac:e0:50:31:d6:92:36:ee:76:75:da:af:1d:d0:
e7:08:a3:74:57:c2:82:d8:24:8f:30:04:25:13:8b:70:cb:eb:
cc:81:d7:fa:9f:03:b8:d1:b9:6a:7f:39:a4:67:42:5e:69:2d:
9d:b8:98:f3:12:d8:3b:ec:41:21:60:a4:e5:f7:38:f0:82:53:
40:ab:25:63:ce:d0:b0:34:82:3d:21:b9:60:81:8e:eb:53:b5:
bc:e7:22:97:1f:2e:07:35:43:a5:44:c1:88:c9:e0:25:8f:ef:
c1:a1:e5:32:19:53:2b:4a:64:c6:0d:ae:d1:64:ab:19:35:96:
14:27:43:3f:91:54:7c:3a:09:d6:44:79:2d:7c:7f:d2:8e:d8:
18:37:4e:67:a3:a1:22:cd:84:62:c9:7d:36:11:85:6b:72:5f:
b3:eb:ad:cf:c9:d0:41:0f:5e:4d:c3:95:32:1c:0a:59:35:38:
3c:06:92:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYW/RcnbvW0Es9AgHdFNe1oZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTE3MTAyODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmNmOTcwYjliZTQ5ZDMxMWJhZmI0ZTI4Y2U3YTA0NTBhOTE3Nzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxq9Sa6ug9UDdkgr4K9yEXcI2wpo
8+x5SVV8/Cqm+8/ESlexfpX0Pg//QDZaLr6FBTYwan/0EbhQPEx6okD+bKRM/tj6
6GvmWT5VnlqV0FKQap32XSjx36MCRSVFEfTHMzHiADEUM4Zs8tiysx2vybmiPeB3
D7c20AIhb8pKbMqdFieRN0m+O35vxP9Bb9Bxe9wqDtRkacPcwl+kcuGvQILiGM8X
+ZadU+9ftlDRpBQnnbr4ZyZhUCOsNVZ0ysm5xqeoRXb6bIdnz2o/A5uU8qvl/63T
6AJSCryjiJb8uFTeoCKiUdTikXtlN5bERWKJjqRmqHzNKnZ55AdODkAKPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDLPlwub5J0xG6+04oznoEUKkXd0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTXMtWEM1dmtuVEVicjdUaWpPZWdSUXFSZDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVPAwQA
owWGMA0GCSqGSIb3DQEBCwUAA4IBAQABgLGpv+EWf02xSU7zzARIL2AUhj8D9agG
m2Mqr0vZFDkcddI51ikDBHneMzAzUjYlHj46HB651NBhnwcssSP5CBqViGbUWpBH
8Zg5rOBQMdaSNu52ddqvHdDnCKN0V8KC2CSPMAQlE4twy+vMgdf6nwO40blqfzmk
Z0JeaS2duJjzEtg77EEhYKTl9zjwglNAqyVjztCwNII9IblggY7rU7W85yKXHy4H
NUOlRMGIyeAlj+/BoeUyGVMrSmTGDa7RZKsZNZYUJ0M/kVR8OgnWRHktfH/SjtgY
N05no6EizYRiyX02EYVrcl+z663PydBBD15Nw5UyHApZNTg8BpKt
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:19 2024 by rpki-client on console-fra.rpki-client.org