Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OyqIYjcpnfPmKpvW1tAww1Zid08.roa
File: OyqIYjcpnfPmKpvW1tAww1Zid08.roa (raw, json)
Hash identifier: Fr3FpNe1VdM8f6ADaKGaECyOBO21dJMf91LgaaPKZRc=
Subject key identifier: 3B:2A:88:62:37:29:9D:F3:E6:2A:9B:D6:D6:D0:30:C3:56:62:77:4F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0187ADBDAD273103C7AFB21E02D8E2191324
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OyqIYjcpnfPmKpvW1tAww1Zid08.roa
Signing time: Sun 23 Apr 2023 10:51:41 +0000
ROA not before: Sun 23 Apr 2023 10:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 163.5.105.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.115.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.242.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ad:bd:ad:27:31:03:c7:af:b2:1e:02:d8:e2:19:13:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 23 10:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b2a886237299df3e62a9bd6d6d030c35662774f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f1:19:21:81:03:c2:80:63:c9:e0:22:fe:d9:
f8:97:c8:dd:f3:c7:bc:22:39:5a:af:a8:95:0f:fe:
cb:30:2c:29:8e:6a:b0:6c:cb:96:3a:89:7f:03:e8:
42:c2:8c:73:9a:81:fd:90:4e:7a:1c:9e:7e:7c:c8:
cd:b8:51:de:e3:dc:4b:e1:8d:27:6c:70:26:c5:02:
1e:6f:43:8e:35:b5:f8:a6:d0:a2:12:91:81:02:60:
44:7a:42:ed:ff:3a:04:39:22:0c:71:54:25:b6:aa:
17:af:4f:36:b6:c5:29:37:2f:3d:d2:d7:80:22:02:
35:05:ac:44:14:34:10:24:a3:70:8c:aa:6c:1b:41:
fc:c1:b6:d9:da:be:e0:bf:ec:ec:a8:0c:73:8b:60:
f1:cf:33:25:4f:dd:44:22:6d:43:a7:dc:bb:1d:b9:
4c:aa:f4:7f:d8:bd:db:59:3d:16:59:73:7e:47:95:
b0:24:aa:ae:d9:de:86:e3:83:ff:db:5a:3f:82:22:
02:e7:d1:96:5b:86:2b:35:55:f2:e7:5a:b5:51:3f:
32:99:91:db:5b:ca:b0:23:79:54:59:25:3a:25:e9:
b9:ee:da:2f:5c:b0:c5:0d:5d:fd:05:f3:bf:1c:48:
36:a3:ac:8b:f5:07:6c:b1:83:6d:99:78:37:74:4d:
1c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:2A:88:62:37:29:9D:F3:E6:2A:9B:D6:D6:D0:30:C3:56:62:77:4F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OyqIYjcpnfPmKpvW1tAww1Zid08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.105.0-163.5.106.255
163.5.115.0/24
163.5.118.0/23
163.5.153.0/24
163.5.159.0/24
163.5.168.0/24
163.5.212.0/24
163.5.220.0/24
163.5.229.0/24
163.5.242.0/24
Signature Algorithm: sha256WithRSAEncryption
46:22:2e:be:a7:02:bb:33:6a:16:71:d0:cf:a9:24:02:5c:86:
1b:a2:97:6f:91:d7:02:21:86:bc:74:1c:47:86:23:30:69:3d:
55:3f:30:ce:d0:06:bf:17:0d:1f:e9:de:07:9e:01:7a:95:80:
04:fe:26:59:0c:ea:87:16:1c:29:f4:96:b1:dc:cb:ee:3e:ec:
5f:3f:b4:4b:66:13:91:af:38:6f:20:87:a4:ef:04:ee:9a:dd:
f3:51:c1:e5:71:a9:f3:20:11:e4:01:7c:2e:e8:5c:b9:a4:55:
4a:d7:1a:70:2d:e5:22:48:96:43:30:d8:e3:67:7d:c5:d8:0a:
f1:58:6f:a0:ce:af:f4:a3:ec:8e:06:0b:2d:5f:b6:f5:2e:22:
cc:7c:f0:48:4a:e9:09:c8:bc:27:9c:2c:21:cf:64:95:1d:8e:
64:16:b9:f5:a2:a8:1a:d8:2e:f0:3b:ef:03:f3:57:da:4c:b0:
5c:f0:37:ba:e3:1d:d8:b6:78:81:14:c0:7a:99:6e:8f:f1:86:
41:0c:6e:b6:72:bd:79:99:09:74:ee:9e:5c:18:71:5f:38:3c:
2e:be:de:e4:c9:e8:b3:80:45:0b:93:22:ef:f3:33:ab:46:be:
00:c3:91:52:92:06:02:b0:84:d5:ae:7a:7e:a2:37:6e:e1:08:
45:a2:21:38
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYetva0nMQPHr7IeAtjiGRMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDIzMTA1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjJhODg2MjM3Mjk5ZGYzZTYyYTliZDZkNmQwMzBjMzU2NjI3NzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/EZIYEDwoBjyeAi/tn4l8jd88e8
Ijlar6iVD/7LMCwpjmqwbMuWOol/A+hCwoxzmoH9kE56HJ5+fMjNuFHe49xL4Y0n
bHAmxQIeb0OONbX4ptCiEpGBAmBEekLt/zoEOSIMcVQltqoXr082tsUpNy890teA
IgI1BaxEFDQQJKNwjKpsG0H8wbbZ2r7gv+zsqAxzi2DxzzMlT91EIm1Dp9y7HblM
qvR/2L3bWT0WWXN+R5WwJKqu2d6G44P/21o/giIC59GWW4YrNVXy51q1UT8ymZHb
W8qwI3lUWSU6Jem57tovXLDFDV39BfO/HEg2o6yL9QdssYNtmXg3dE0cjwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFDsqiGI3KZ3z5iqb1tbQMMNWYndPMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvT3lxSVlqY3BuZlBtS3B2VzF0QXd3MVppZDA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAowUgMAwD
BACjBWkDBACjBWoDBACjBXMDBAGjBXYDBACjBZkDBACjBZ8DBACjBagDBACjBdQD
BACjBdwDBACjBeUDBACjBfIwDQYJKoZIhvcNAQELBQADggEBAEYiLr6nArszahZx
0M+pJAJchhuil2+R1wIhhrx0HEeGIzBpPVU/MM7QBr8XDR/p3geeAXqVgAT+JlkM
6ocWHCn0lrHcy+4+7F8/tEtmE5GvOG8gh6TvBO6a3fNRweVxqfMgEeQBfC7oXLmk
VUrXGnAt5SJIlkMw2ONnfcXYCvFYb6DOr/Sj7I4GCy1ftvUuIsx88EhK6QnIvCec
LCHPZJUdjmQWufWiqBrYLvA77wPzV9pMsFzwN7rjHdi2eIEUwHqZbo/xhkEMbrZy
vXmZCXTunlwYcV84PC6+3uTJ6LOARQuTIu/zM6tGvgDDkVKSBgKwhNWuen6iN27h
CEWiITg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org