Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NMpsZQbRLFRKMtt6TMT6ddmxoKA.roa
File: NMpsZQbRLFRKMtt6TMT6ddmxoKA.roa (raw, json)
Hash identifier: 34yiFFbwFD/M8uLiWMUFMIaS6tBiY81ojpzrbGf/8Sg=
Subject key identifier: 34:CA:6C:65:06:D1:2C:54:4A:32:DB:7A:4C:C4:FA:75:D9:B1:A0:A0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188950F7A9C299B284DF9E1289C58752FC6
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NMpsZQbRLFRKMtt6TMT6ddmxoKA.roa
Signing time: Wed 07 Jun 2023 08:53:19 +0000
ROA not before: Wed 07 Jun 2023 08:53:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.230.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.87.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.107.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.61.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.198.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.210.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.222.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:0f:7a:9c:29:9b:28:4d:f9:e1:28:9c:58:75:2f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 7 08:53:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34ca6c6506d12c544a32db7a4cc4fa75d9b1a0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fd:a9:a0:fe:77:ea:b4:87:0a:c4:b8:ba:6e:
a8:50:24:a4:3f:13:9f:3e:a6:47:ef:3b:26:4b:d4:
dc:c5:9a:50:27:05:36:bb:44:80:ca:9d:74:ce:36:
41:74:60:f2:46:b1:88:f6:ee:70:c6:96:c5:31:89:
75:94:dd:c9:c4:4e:01:5f:e0:c0:cf:e2:67:04:16:
ae:31:03:d2:7d:fa:b6:a1:a4:9b:77:07:fa:da:d1:
ca:29:6b:dd:b4:7d:ee:d6:e8:cc:31:82:38:f7:87:
40:09:0c:a7:97:2e:90:b3:f2:2c:eb:c7:b5:95:3c:
c7:f1:d4:33:d5:e3:72:df:67:ae:a6:23:b0:11:6b:
ba:cd:05:b6:5b:df:a3:a3:8f:66:da:f1:66:d1:b8:
67:a3:13:29:ca:da:4a:0a:ae:c6:34:7b:79:ff:20:
be:8d:b9:bc:9e:ae:28:de:3d:4e:ce:7e:37:9e:95:
6d:9e:72:d9:46:47:44:af:98:e3:ee:e0:e6:bf:97:
83:e9:5c:b0:34:1d:4d:f1:14:a0:67:c9:c9:d9:3a:
ee:eb:78:a6:b1:4e:c9:b9:22:1a:d1:02:8b:eb:b3:
2e:47:13:e9:90:60:14:aa:cd:4a:d2:6d:6b:62:7c:
7e:d1:b8:47:79:b3:eb:64:e5:f3:88:df:a1:15:2d:
e0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CA:6C:65:06:D1:2C:54:4A:32:DB:7A:4C:C4:FA:75:D9:B1:A0:A0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NMpsZQbRLFRKMtt6TMT6ddmxoKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.61.0-163.5.62.255
163.5.86.0/23
163.5.99.0/24
163.5.107.0/24
163.5.117.0/24
163.5.127.0/24
163.5.130.0/24
163.5.132.0/23
163.5.136.0/24
163.5.138.0/24
163.5.145.0/24
163.5.149.0/24
163.5.161.0/24
163.5.198.0/24
163.5.202.0/24
163.5.210.0/23
163.5.216.0/24
163.5.221.0-163.5.223.255
163.5.226.0/23
163.5.230.0/24
163.5.248.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:97:95:79:37:e6:88:6d:70:64:74:de:0c:86:a2:59:de:d6:
01:de:e4:4f:59:7b:0e:89:d7:1a:4c:d9:4d:73:e7:4f:97:77:
e1:5e:04:0e:b6:00:e1:1e:26:04:a8:46:91:d4:84:b0:ca:a5:
8d:48:53:e9:92:d7:e2:6e:e3:27:ce:01:c4:72:54:4d:8d:37:
b5:f4:af:61:b5:51:61:33:4b:17:95:f5:71:b0:37:9c:4f:99:
84:ac:f5:77:c4:f3:fe:6e:d0:c5:fd:be:3a:77:4e:ec:be:0b:
87:b6:b3:d6:39:af:41:1f:78:9c:4a:dc:6f:93:af:3d:98:89:
fa:46:80:21:f5:f7:25:f5:72:7f:6a:30:0b:d3:01:dd:c1:a8:
6d:67:b1:18:35:d2:49:dc:5b:c0:31:d0:2e:c0:24:9c:81:a4:
e7:5f:46:5d:8d:d6:14:e5:6d:68:09:0b:8d:52:64:eb:fb:ce:
3a:19:73:d1:f5:8a:5b:11:58:4a:73:91:ab:95:c1:ad:57:bc:
57:83:0b:e5:84:fe:52:df:67:27:35:6b:a5:45:28:0f:f0:23:
61:f9:63:3c:9a:a1:91:19:cf:30:36:d1:8a:ce:2c:a2:e7:84:
7f:c6:55:ad:1e:e4:83:fb:32:9d:c7:c6:23:8d:6c:cd:6a:bc:
9b:c3:7c:2f
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYiVD3qcKZsoTfnhKJxYdS/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjA3MDg1MzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNhNmM2NTA2ZDEyYzU0NGEzMmRiN2E0Y2M0ZmE3NWQ5YjFhMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP2poP536rSHCsS4um6oUCSkPxOf
PqZH7zsmS9TcxZpQJwU2u0SAyp10zjZBdGDyRrGI9u5wxpbFMYl1lN3JxE4BX+DA
z+JnBBauMQPSffq2oaSbdwf62tHKKWvdtH3u1ujMMYI494dACQynly6Qs/Is68e1
lTzH8dQz1eNy32eupiOwEWu6zQW2W9+jo49m2vFm0bhnoxMpytpKCq7GNHt5/yC+
jbm8nq4o3j1Ozn43npVtnnLZRkdEr5jj7uDmv5eD6VywNB1N8RSgZ8nJ2Tru63im
sU7JuSIa0QKL67MuRxPpkGAUqs1K0m1rYnx+0bhHebPrZOXziN+hFS3gQQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFDTKbGUG0SxUSjLbekzE+nXZsaCgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTk1wc1pRYlJMRlJLTXR0NlRNVDZkZG14b0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBACj
BR8DBACjBSMwDAMEAKMFPQMEAKMFPgMEAaMFVgMEAKMFYwMEAKMFawMEAKMFdQME
AKMFfwMEAKMFggMEAaMFhAMEAKMFiAMEAKMFigMEAKMFkQMEAKMFlQMEAKMFoQME
AKMFxgMEAKMFygMEAaMF0gMEAKMF2DAMAwQAowXdAwQFowXAAwQBowXiAwQAowXm
AwQAowX4AwQAowX+MA0GCSqGSIb3DQEBCwUAA4IBAQB9l5V5N+aIbXBkdN4MhqJZ
3tYB3uRPWXsOidcaTNlNc+dPl3fhXgQOtgDhHiYEqEaR1ISwyqWNSFPpktfibuMn
zgHEclRNjTe19K9htVFhM0sXlfVxsDecT5mErPV3xPP+btDF/b46d07svguHtrPW
Oa9BH3icStxvk689mIn6RoAh9fcl9XJ/ajAL0wHdwahtZ7EYNdJJ3FvAMdAuwCSc
gaTnX0ZdjdYU5W1oCQuNUmTr+846GXPR9YpbEVhKc5GrlcGtV7xXgwvlhP5S32cn
NWulRSgP8CNh+WM8mqGRGc8wNtGKziyi54R/xlWtHuSD+zKdx8YjjWzNarybw3wv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org