Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OVkgDgbkthMUxcXYjl0saPugySg.roa
File: OVkgDgbkthMUxcXYjl0saPugySg.roa (raw, json)
Hash identifier: bbUW/pIvKJscj5a05sn7dsHzOr9P4u8RrohXoAne2LQ=
Subject key identifier: 39:59:20:0E:06:E4:B6:13:14:C5:C5:D8:8E:5D:2C:68:FB:A0:C9:28
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018A374E6648102420F39CA6339F16F7B4A8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OVkgDgbkthMUxcXYjl0saPugySg.roa
Signing time: Sun 27 Aug 2023 14:03:19 +0000
ROA not before: Sun 27 Aug 2023 14:03:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29837
IP address blocks: 163.5.237.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:37:4e:66:48:10:24:20:f3:9c:a6:33:9f:16:f7:b4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 27 14:03:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3959200e06e4b61314c5c5d88e5d2c68fba0c928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:73:3f:63:d3:29:d8:53:99:8c:29:2e:3c:8f:
e7:d2:ac:5d:57:fd:96:55:2c:85:72:e8:29:85:4e:
05:47:11:de:b4:1a:05:22:55:2c:07:d6:87:c9:80:
34:f1:59:5e:ea:57:31:7b:86:bd:c4:90:22:bf:cd:
47:47:b8:cd:6f:cd:7a:f5:24:9a:b4:e5:ed:6b:10:
03:ab:85:90:6c:c2:0a:47:72:c4:bc:f9:85:2e:4f:
47:82:a4:45:e2:82:5f:e1:62:6b:22:45:ed:76:b1:
75:42:98:a7:0f:a6:55:4c:54:c0:ee:c4:af:02:18:
b7:3f:69:0b:5e:b5:d6:12:da:4f:3a:ff:82:aa:74:
57:a1:f4:1a:33:0a:42:ec:2e:8b:12:11:95:11:f7:
01:b1:31:27:21:f7:8b:c9:e1:ef:73:1c:91:c7:65:
4b:c5:71:f3:de:40:2c:82:ff:11:d5:11:84:51:3b:
4d:1f:a2:fb:e9:08:f6:bc:df:ce:6d:72:a4:a3:e7:
34:1f:26:d7:ee:f9:0e:c6:bd:bf:ab:b9:92:40:66:
3e:7f:d9:d8:15:06:e4:f4:bf:aa:73:b7:aa:63:42:
69:96:10:9e:4d:fa:5a:90:ba:58:4c:d5:bf:55:f1:
6c:49:36:2c:b2:9e:6c:2e:46:9c:4e:13:31:cf:06:
94:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:59:20:0E:06:E4:B6:13:14:C5:C5:D8:8E:5D:2C:68:FB:A0:C9:28
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OVkgDgbkthMUxcXYjl0saPugySg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.237.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:88:44:a8:90:28:fb:4d:c8:12:05:ad:42:0e:f9:f9:6b:22:
de:12:dc:0d:ff:c5:0a:7e:06:6d:e7:a5:a4:9c:7b:4e:c8:18:
d5:ea:bb:b8:ca:9d:fe:8a:f4:f5:54:21:9c:a6:c6:44:b6:01:
5d:af:6c:28:f2:0f:60:cd:72:43:b3:fb:cb:52:b9:b0:09:bc:
bf:8f:22:17:0c:34:7d:48:55:24:a1:ae:2f:98:33:33:c2:c7:
3d:fa:8e:39:77:1d:5e:c8:e2:34:64:32:82:d5:93:66:8a:b9:
27:d4:04:f7:5f:a5:56:3e:60:f0:a0:81:d7:b3:f9:d3:f3:ed:
e4:5b:7d:04:87:19:6b:f6:9d:75:fa:08:9e:2b:93:38:c7:99:
f7:bc:ac:2e:6a:2b:ea:9a:4c:e6:04:98:14:e1:f2:79:90:12:
e1:7f:55:12:ca:7b:52:4f:78:df:e3:02:05:ef:c1:9e:1c:f7:
af:9d:88:9f:de:b6:87:d7:aa:f1:b9:54:d1:aa:ca:91:93:52:
85:6a:a8:f2:d1:07:0a:6f:e1:07:90:32:53:5d:45:4f:0a:e1:
92:b4:54:48:fd:cb:55:c3:29:fa:e6:43:49:8b:af:0c:78:7b:
f1:69:d7:fc:2d:4b:1c:62:7e:21:32:3d:b8:4d:b8:93:9c:ff:
7b:62:2a:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo3TmZIECQg85ymM58W97SoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwODI3MTQwMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTU5MjAwZTA2ZTRiNjEzMTRjNWM1ZDg4ZTVkMmM2OGZiYTBjOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHM/Y9Mp2FOZjCkuPI/n0qxdV/2W
VSyFcugphU4FRxHetBoFIlUsB9aHyYA08Vle6lcxe4a9xJAiv81HR7jNb8169SSa
tOXtaxADq4WQbMIKR3LEvPmFLk9HgqRF4oJf4WJrIkXtdrF1QpinD6ZVTFTA7sSv
Ahi3P2kLXrXWEtpPOv+CqnRXofQaMwpC7C6LEhGVEfcBsTEnIfeLyeHvcxyRx2VL
xXHz3kAsgv8R1RGEUTtNH6L76Qj2vN/ObXKko+c0HybX7vkOxr2/q7mSQGY+f9nY
FQbk9L+qc7eqY0JplhCeTfpakLpYTNW/VfFsSTYssp5sLkacThMxzwaUiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlZIA4G5LYTFMXF2I5dLGj7oMkoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvT1ZrZ0RnYmt0aE1VeGNYWWpsMHNhUHVneVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXtMA0G
CSqGSIb3DQEBCwUAA4IBAQCOiESokCj7TcgSBa1CDvn5ayLeEtwN/8UKfgZt56Wk
nHtOyBjV6ru4yp3+ivT1VCGcpsZEtgFdr2wo8g9gzXJDs/vLUrmwCby/jyIXDDR9
SFUkoa4vmDMzwsc9+o45dx1eyOI0ZDKC1ZNmirkn1AT3X6VWPmDwoIHXs/nT8+3k
W30Ehxlr9p11+gieK5M4x5n3vKwuaivqmkzmBJgU4fJ5kBLhf1USyntST3jf4wIF
78GeHPevnYif3raH16rxuVTRqsqRk1KFaqjy0QcKb+EHkDJTXUVPCuGStFRI/ctV
wyn65kNJi68MeHvxadf8LUscYn4hMj24TbiTnP97Yioa
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org