Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RHrL6EqxYPKe4HlcYfUNHuky_YQ.roa
File: RHrL6EqxYPKe4HlcYfUNHuky_YQ.roa (raw, json)
Hash identifier: DjSoHOtN2yMMEnvMpUAzxtNlwOpoK0eHa1V+fuSDocI=
Subject key identifier: 44:7A:CB:E8:4A:B1:60:F2:9E:E0:79:5C:61:F5:0D:1E:E9:32:FD:84
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0187FA558021FAD1B8DCE753B7F0ABCE8823
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RHrL6EqxYPKe4HlcYfUNHuky_YQ.roa
Signing time: Mon 08 May 2023 07:48:40 +0000
ROA not before: Mon 08 May 2023 07:48:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.83.0/24 maxlen: 24
163.5.84.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:55:80:21:fa:d1:b8:dc:e7:53:b7:f0:ab:ce:88:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 8 07:48:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=447acbe84ab160f29ee0795c61f50d1ee932fd84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:88:19:35:96:f6:91:b6:db:51:54:58:93:ae:
f9:eb:b0:17:35:26:f7:65:e5:e3:b2:22:11:9b:1d:
4d:22:a4:0b:f2:a0:b3:18:eb:38:73:df:14:0c:5f:
1e:7a:a6:74:7d:35:2d:f1:4d:65:84:95:e9:6b:9a:
37:30:4b:99:5b:71:03:da:06:2a:89:2b:87:04:14:
e9:c8:85:ae:4d:7d:8c:15:35:86:c9:3d:89:ea:d0:
59:93:10:af:c5:1e:28:9c:5f:93:bc:99:1e:a0:43:
06:76:8f:a5:89:04:6e:aa:76:be:16:f5:a9:cd:33:
a1:3b:72:64:db:93:2f:e7:0b:77:ac:29:af:90:b9:
be:71:c7:75:d8:8c:3c:b6:00:c7:38:82:aa:4e:6c:
b6:52:d8:70:3e:fe:a9:aa:39:58:ce:c8:d7:7d:75:
71:8d:4a:37:3d:90:e8:b3:3c:94:a9:41:4d:e6:23:
4e:0a:29:fa:f1:d4:81:8c:c4:23:89:ac:28:2c:1f:
84:7b:1f:28:22:b7:49:30:84:5d:4f:69:b3:16:8e:
b8:a3:e9:c8:36:c6:ba:6b:a6:fe:94:42:b6:51:7c:
99:be:4e:7e:3e:74:6e:0d:b5:50:72:86:df:3c:78:
19:68:b4:7a:c1:ea:27:5c:c2:6b:d6:c0:cd:77:6d:
92:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:7A:CB:E8:4A:B1:60:F2:9E:E0:79:5C:61:F5:0D:1E:E9:32:FD:84
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RHrL6EqxYPKe4HlcYfUNHuky_YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.38.0/24
163.5.59.0/24
163.5.83.0-163.5.84.255
163.5.120.0/24
163.5.142.0-163.5.144.255
163.5.154.0/24
163.5.192.0/23
163.5.214.0/23
163.5.233.0/24
163.5.244.0/24
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:a4:94:8b:ed:30:fb:6a:4b:27:5d:05:79:1a:c8:1e:79:9e:
22:6f:9c:85:37:fa:86:02:fa:c5:81:f9:e7:fd:cd:03:35:11:
4d:e6:10:0f:fb:1a:d4:05:a0:a4:ed:5e:48:98:93:03:c5:f0:
4b:2f:3e:b5:32:ce:95:b9:b1:b5:6d:d9:f5:0d:2e:d6:e8:23:
ef:66:19:d0:22:2f:c9:18:22:31:25:32:7c:4a:af:6a:4d:ca:
6f:4c:39:6e:75:89:de:5d:4f:33:bc:35:0d:7a:a4:e3:d9:d3:
7b:ec:09:dc:cf:54:b0:3c:36:26:1f:20:e3:bf:6f:3e:0b:40:
4d:ec:77:55:76:f0:16:02:2c:2a:c1:cb:54:da:c7:b9:cb:48:
ab:0a:8e:dd:bd:96:8d:49:52:13:0e:5d:2a:34:a0:8b:59:55:
f5:a2:e9:18:eb:a5:52:5e:97:bb:ec:1f:8c:fe:1d:5d:4c:78:
1d:18:ac:13:0a:31:8a:00:53:63:78:08:91:ff:a8:e3:55:bd:
e7:7f:a3:b6:9c:7c:70:5f:3f:b9:a6:5c:75:de:28:22:23:13:
4d:72:6b:ac:26:9d:a0:2b:1d:24:bd:72:cf:4c:be:eb:09:81:
2e:47:70:6e:c9:b2:ad:76:ff:d3:ef:7a:b2:21:3b:d4:92:3f:
c0:1e:c5:4f
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYf6VYAh+tG43OdTt/CrzogjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTA4MDc0ODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDdhY2JlODRhYjE2MGYyOWVlMDc5NWM2MWY1MGQxZWU5MzJmZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4gZNZb2kbbbUVRYk67567AXNSb3
ZeXjsiIRmx1NIqQL8qCzGOs4c98UDF8eeqZ0fTUt8U1lhJXpa5o3MEuZW3ED2gYq
iSuHBBTpyIWuTX2MFTWGyT2J6tBZkxCvxR4onF+TvJkeoEMGdo+liQRuqna+FvWp
zTOhO3Jk25Mv5wt3rCmvkLm+ccd12Iw8tgDHOIKqTmy2UthwPv6pqjlYzsjXfXVx
jUo3PZDoszyUqUFN5iNOCin68dSBjMQjiawoLB+Eex8oIrdJMIRdT2mzFo64o+nI
Nsa6a6b+lEK2UXyZvk5+PnRuDbVQcobfPHgZaLR6weonXMJr1sDNd22SOwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFER6y+hKsWDynuB5XGH1DR7pMv2EMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUkhyTDZFcXhZUEtlNEhsY1lmVU5IdWt5X1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAowUmAwQA
owU7MAwDBACjBVMDBACjBVQDBACjBXgwDAMEAaMFjgMEAKMFkAMEAKMFmgMEAaMF
wAMEAaMF1gMEAKMF6QMEAKMF9AMEALn9NjANBgkqhkiG9w0BAQsFAAOCAQEAmqSU
i+0w+2pLJ10FeRrIHnmeIm+chTf6hgL6xYH55/3NAzURTeYQD/sa1AWgpO1eSJiT
A8XwSy8+tTLOlbmxtW3Z9Q0u1ugj72YZ0CIvyRgiMSUyfEqvak3Kb0w5bnWJ3l1P
M7w1DXqk49nTe+wJ3M9UsDw2Jh8g479vPgtATex3VXbwFgIsKsHLVNrHuctIqwqO
3b2WjUlSEw5dKjSgi1lV9aLpGOulUl6Xu+wfjP4dXUx4HRisEwoxigBTY3gIkf+o
41W953+jtpx8cF8/uaZcdd4oIiMTTXJrrCadoCsdJL1yz0y+6wmBLkdwbsmyrXb/
0+96siE71JI/wB7FTw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org