Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/R-MNd9HEt9__uMxgfi4G9PPCZMY.roa
File: R-MNd9HEt9__uMxgfi4G9PPCZMY.roa (raw, json)
Hash identifier: hjJRaQoa9+L8prBpZV62DS/PrNgOMFlToNgO/ebsBuw=
Subject key identifier: 47:E3:0D:77:D1:C4:B7:DF:FF:B8:CC:60:7E:2E:06:F4:F3:C2:64:C6
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01891C6DE1F77427E2065968C35F1B4171E5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/R-MNd9HEt9__uMxgfi4G9PPCZMY.roa
Signing time: Mon 03 Jul 2023 15:45:10 +0000
ROA not before: Mon 03 Jul 2023 15:45:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 163.5.137.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:6d:e1:f7:74:27:e2:06:59:68:c3:5f:1b:41:71:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 3 15:45:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47e30d77d1c4b7dfffb8cc607e2e06f4f3c264c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ad:99:36:0a:e9:14:42:c6:70:b0:cb:7b:58:
87:de:be:56:a1:78:b5:43:2f:f4:76:5a:09:ce:5e:
35:f8:d0:e4:00:a5:d0:db:4b:db:5a:46:72:08:7d:
4d:d0:2c:c6:f4:e6:92:83:5d:56:88:9e:c9:3d:f2:
ed:71:25:e5:aa:c7:36:96:7b:67:6b:82:ed:86:a5:
fb:64:64:8e:3b:1c:32:86:d8:d0:88:20:56:55:e8:
78:22:55:d4:a3:fb:cf:9e:c9:6f:bb:d5:a3:9f:63:
cb:7b:ac:ab:f4:29:46:39:22:33:d5:44:d2:e1:48:
2f:c0:73:0d:82:a9:93:1f:ad:70:2e:95:61:9f:2d:
a7:2f:ef:5a:6e:e3:46:e3:13:d6:5e:df:41:ff:c6:
ef:66:cd:24:b2:47:ca:cc:14:12:8b:ec:ba:09:0e:
63:e1:5f:b1:30:3e:0f:af:3d:2a:47:9e:73:50:19:
d0:ab:7c:4b:84:10:97:34:5f:d9:cf:03:2f:35:70:
52:43:0d:d3:ee:84:4b:ba:83:a8:d9:28:c7:71:5f:
4d:70:e9:5c:cd:52:68:99:ff:eb:d2:d4:e2:ab:bb:
b5:48:e1:b3:8e:ce:09:17:0a:05:7d:82:fd:89:77:
8d:9e:55:ca:11:33:d9:38:65:88:e2:1b:89:ef:0d:
84:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E3:0D:77:D1:C4:B7:DF:FF:B8:CC:60:7E:2E:06:F4:F3:C2:64:C6
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/R-MNd9HEt9__uMxgfi4G9PPCZMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.137.0/24
163.5.156.0/23
163.5.159.0/24
Signature Algorithm: sha256WithRSAEncryption
65:14:70:1f:87:90:d5:1f:43:3a:54:c3:54:1e:1d:4c:ef:eb:
2d:cb:96:64:15:b9:06:09:7e:07:41:bc:ae:e4:dd:a1:e5:12:
f6:27:83:17:15:cd:a2:f8:f8:d2:72:47:e2:46:84:ae:d1:11:
a0:7b:6a:77:36:48:09:ee:2f:81:0c:82:8e:70:de:f8:63:17:
cc:29:4c:d8:79:01:0d:d2:8e:72:76:73:aa:ce:53:0b:c5:73:
31:d3:50:cc:62:9f:ab:1f:b3:0b:d9:d3:1a:93:a0:d4:d9:b3:
a1:6d:a5:60:1f:d8:94:22:9d:d6:25:82:10:43:b9:8a:dc:a8:
f8:8f:1d:82:95:1d:f0:71:61:85:42:7f:f1:f9:e3:31:59:f1:
d0:e3:86:91:18:82:1e:a3:f0:63:f7:15:07:50:bc:52:16:b7:
67:fa:cd:7d:3a:f2:3e:ec:d8:27:0f:3d:0c:28:95:ba:fd:1a:
14:ed:be:5c:9c:1e:01:bb:a6:23:1c:5b:52:f4:3d:46:fb:28:
c3:74:b6:dc:3e:6e:50:7e:f6:b5:d7:1c:e8:78:51:d3:74:cf:
56:0f:d8:e2:d9:e2:c3:9a:29:85:c6:b7:98:9a:4e:d2:da:0e:
3a:54:dd:2f:b8:72:99:17:97:b6:7d:b3:e3:ea:77:86:93:d4:
f3:0d:5f:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkcbeH3dCfiBllow18bQXHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzAzMTU0NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2UzMGQ3N2QxYzRiN2RmZmZiOGNjNjA3ZTJlMDZmNGYzYzI2NGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh62ZNgrpFELGcLDLe1iH3r5WoXi1
Qy/0dloJzl41+NDkAKXQ20vbWkZyCH1N0CzG9OaSg11WiJ7JPfLtcSXlqsc2lntn
a4LthqX7ZGSOOxwyhtjQiCBWVeh4IlXUo/vPnslvu9Wjn2PLe6yr9ClGOSIz1UTS
4UgvwHMNgqmTH61wLpVhny2nL+9abuNG4xPWXt9B/8bvZs0kskfKzBQSi+y6CQ5j
4V+xMD4Prz0qR55zUBnQq3xLhBCXNF/ZzwMvNXBSQw3T7oRLuoOo2SjHcV9NcOlc
zVJomf/r0tTiq7u1SOGzjs4JFwoFfYL9iXeNnlXKETPZOGWI4huJ7w2EgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEfjDXfRxLff/7jMYH4uBvTzwmTGMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUi1NTmQ5SEV0OV9fdU14Z2ZpNEc5UFBDWk1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWJAwQB
owWcAwQAowWfMA0GCSqGSIb3DQEBCwUAA4IBAQBlFHAfh5DVH0M6VMNUHh1M7+st
y5ZkFbkGCX4HQbyu5N2h5RL2J4MXFc2i+PjSckfiRoSu0RGge2p3NkgJ7i+BDIKO
cN74YxfMKUzYeQEN0o5ydnOqzlMLxXMx01DMYp+rH7ML2dMak6DU2bOhbaVgH9iU
Ip3WJYIQQ7mK3Kj4jx2ClR3wcWGFQn/x+eMxWfHQ44aRGIIeo/Bj9xUHULxSFrdn
+s19OvI+7NgnDz0MKJW6/RoU7b5cnB4Bu6YjHFtS9D1G+yjDdLbcPm5Qfva11xzo
eFHTdM9WD9ji2eLDmimFxreYmk7S2g46VN0vuHKZF5e2fbPj6neGk9TzDV/0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org