Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Q9oKd-nlL8bSn5QrikQl-0f8BBc.roa
File: Q9oKd-nlL8bSn5QrikQl-0f8BBc.roa (raw, json)
Hash identifier: Q8Dq47oBqQZ/FeJJStrmxG2bQ4ELwRMQD9U5cB6CpZA=
Subject key identifier: 43:DA:0A:77:E9:E5:2F:C6:D2:9F:94:2B:8A:44:25:FB:47:FC:04:17
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188810A3F21E23769542661752EFFD2E51F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Q9oKd-nlL8bSn5QrikQl-0f8BBc.roa
Signing time: Sat 03 Jun 2023 11:35:12 +0000
ROA not before: Sat 03 Jun 2023 11:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.229.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.102.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:81:0a:3f:21:e2:37:69:54:26:61:75:2e:ff:d2:e5:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 3 11:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43da0a77e9e52fc6d29f942b8a4425fb47fc0417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:06:c1:91:6e:af:3c:db:97:f1:a7:b3:f3:b5:
50:1c:2c:ff:b6:ee:b0:95:07:e1:e3:6a:7b:0d:02:
f7:58:f3:fe:d2:bc:21:48:80:d8:b9:6e:3b:6d:00:
eb:72:6d:f2:cf:bd:c8:08:a0:a4:91:3f:ae:04:aa:
ae:58:e4:07:84:a6:fd:5d:02:a2:f5:1b:95:8c:17:
fb:3d:67:3c:26:3e:55:de:56:be:12:74:4a:d9:a8:
ee:fc:9f:76:53:67:f4:79:8f:6c:b2:7b:07:37:29:
2a:58:62:a7:a6:e7:cf:d7:95:7e:7a:c8:55:d5:76:
ba:07:11:ce:85:d9:46:08:bd:d6:f9:51:79:86:36:
3f:b4:00:c3:95:d1:cd:4f:81:cd:5d:a7:c6:47:4d:
ad:10:65:ac:79:8b:f0:2e:39:85:da:a1:41:21:b0:
de:1b:95:b1:d6:fb:4c:cb:7c:0a:e6:b4:82:9e:c5:
0e:57:18:52:05:ff:e4:27:d4:70:be:6c:8e:ed:ff:
89:64:c6:af:c8:69:30:d6:16:f9:44:35:85:d6:f1:
57:cb:39:4a:5e:cc:c2:24:26:38:c2:1e:9a:ad:c5:
c8:74:1a:17:41:2c:4a:3e:c4:f9:6b:e0:7f:cc:01:
69:22:a8:37:a8:be:aa:f4:1f:ce:71:2c:2a:f6:b4:
b2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DA:0A:77:E9:E5:2F:C6:D2:9F:94:2B:8A:44:25:FB:47:FC:04:17
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Q9oKd-nlL8bSn5QrikQl-0f8BBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.38.0/23
163.5.60.0/24
163.5.71.0/24
163.5.88.0/24
163.5.90.0/24
163.5.93.0/24
163.5.101.0-163.5.102.255
163.5.108.0/23
163.5.116.0/24
163.5.131.0/24
163.5.134.0/24
163.5.147.0/24
163.5.171.0/24
163.5.174.0/24
163.5.187.0/24
163.5.189.0/24
163.5.192.0/24
163.5.225.0/24
163.5.228.0/23
163.5.240.0/24
163.5.246.0/24
163.5.249.0/24
Signature Algorithm: sha256WithRSAEncryption
04:1b:ca:5a:d2:7e:3f:45:7c:e2:25:ae:30:55:5a:91:02:4c:
45:6a:36:93:ad:bd:82:e9:66:48:ac:3e:26:b4:0d:a8:67:c1:
a7:46:5a:99:76:20:32:fa:1b:b4:36:89:1f:2b:8f:db:a8:af:
28:bb:f3:9a:33:2f:63:e2:92:f6:c8:cf:94:31:1b:b1:88:d5:
21:55:d8:40:24:3f:4f:26:15:b8:2d:0f:cd:d2:54:66:1d:e7:
46:92:f4:63:91:b2:69:c6:f5:a5:40:3a:1c:8c:94:a1:e1:a7:
1d:1a:4a:ca:3b:3e:75:c2:78:c4:83:f5:e2:e5:c3:65:02:5c:
17:58:d0:3c:15:ee:28:57:7e:96:fb:a3:28:b2:a3:16:33:8f:
4b:67:34:a9:7a:64:7f:d5:6b:d8:11:b3:d6:49:85:65:2b:6a:
a1:01:74:77:96:2c:3c:33:51:dd:dc:a0:a0:3f:d1:ec:87:ca:
84:45:b2:32:bf:68:f3:99:b7:8e:c3:54:87:89:36:a4:01:c2:
d5:02:7a:64:28:02:22:47:d8:81:24:aa:d4:8c:ce:33:af:a4:
c5:52:56:f7:85:7a:d6:93:83:10:11:0a:44:a3:7c:63:f9:8b:
2d:c1:70:52:01:c5:be:ce:cb:94:87:96:af:ea:1f:66:67:88:
fc:63:ac:7c
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYiBCj8h4jdpVCZhdS7/0uUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjAzMTEzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2RhMGE3N2U5ZTUyZmM2ZDI5Zjk0MmI4YTQ0MjVmYjQ3ZmMwNDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgbBkW6vPNuX8aez87VQHCz/tu6w
lQfh42p7DQL3WPP+0rwhSIDYuW47bQDrcm3yz73ICKCkkT+uBKquWOQHhKb9XQKi
9RuVjBf7PWc8Jj5V3la+EnRK2aju/J92U2f0eY9ssnsHNykqWGKnpufP15V+eshV
1Xa6BxHOhdlGCL3W+VF5hjY/tADDldHNT4HNXafGR02tEGWseYvwLjmF2qFBIbDe
G5Wx1vtMy3wK5rSCnsUOVxhSBf/kJ9RwvmyO7f+JZMavyGkw1hb5RDWF1vFXyzlK
XszCJCY4wh6arcXIdBoXQSxKPsT5a+B/zAFpIqg3qL6q9B/OcSwq9rSy8wIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFEPaCnfp5S/G0p+UK4pEJftH/AQXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUTlvS2QtbmxMOGJTbjVRcmlrUWwtMGY4QkJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAGj
BSYDBACjBTwDBACjBUcDBACjBVgDBACjBVoDBACjBV0wDAMEAKMFZQMEAKMFZgME
AaMFbAMEAKMFdAMEAKMFgwMEAKMFhgMEAKMFkwMEAKMFqwMEAKMFrgMEAKMFuwME
AKMFvQMEAKMFwAMEAKMF4QMEAaMF5AMEAKMF8AMEAKMF9gMEAKMF+TANBgkqhkiG
9w0BAQsFAAOCAQEABBvKWtJ+P0V84iWuMFVakQJMRWo2k629gulmSKw+JrQNqGfB
p0ZamXYgMvobtDaJHyuP26ivKLvzmjMvY+KS9sjPlDEbsYjVIVXYQCQ/TyYVuC0P
zdJUZh3nRpL0Y5Gyacb1pUA6HIyUoeGnHRpKyjs+dcJ4xIP14uXDZQJcF1jQPBXu
KFd+lvujKLKjFjOPS2c0qXpkf9Vr2BGz1kmFZStqoQF0d5YsPDNR3dygoD/R7IfK
hEWyMr9o85m3jsNUh4k2pAHC1QJ6ZCgCIkfYgSSq1IzOM6+kxVJW94V61pODEBEK
RKN8Y/mLLcFwUgHFvs7LlIeWr+ofZmeI/GOsfA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org