Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/SrIlDABfFdzaT_6CEOS2libZbJU.roa
File: SrIlDABfFdzaT_6CEOS2libZbJU.roa (raw, json)
Hash identifier: tnw6EJp7GcmofA6GmvfdPScfjUgrfKTC/hyxSTM7hW0=
Subject key identifier: 4A:B2:25:0C:00:5F:15:DC:DA:4F:FE:82:10:E4:B6:96:26:D9:6C:95
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018ADD958D305D46EC4407155C22AFD06F9E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/SrIlDABfFdzaT_6CEOS2libZbJU.roa
Signing time: Thu 28 Sep 2023 20:58:00 +0000
ROA not before: Thu 28 Sep 2023 20:58:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 163.5.211.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Oct 2023 12:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dd:95:8d:30:5d:46:ec:44:07:15:5c:22:af:d0:6f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 28 20:58:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ab2250c005f15dcda4ffe8210e4b69626d96c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5d:d5:65:83:13:9d:7b:ce:cb:18:2e:2c:77:
01:31:e6:48:b8:eb:f2:8b:8b:fd:2a:95:cc:4e:91:
76:94:71:5b:f1:61:e5:80:cc:0a:1b:0c:08:80:87:
58:af:a8:a0:6e:ca:66:f0:4c:fb:2b:16:14:ed:58:
f4:c1:ce:15:f5:66:38:5d:77:74:ae:a1:5d:6d:94:
ce:fd:ea:f7:49:20:13:a4:e2:5b:ff:31:3a:73:62:
32:fe:c7:4e:1b:41:bf:1e:43:a7:bb:f5:18:e2:54:
26:26:7e:a4:6b:6a:13:c7:48:cd:ae:05:71:08:7f:
8a:f6:30:3a:86:2a:af:04:23:4e:ed:89:ec:1b:5f:
75:0d:bf:e1:dc:60:eb:55:68:1b:a0:57:e9:d4:4d:
00:e9:16:a3:b1:30:06:f9:c3:b5:0b:ac:76:21:2b:
5d:19:82:cc:3d:e4:50:ee:b4:bb:41:de:c5:cd:6f:
30:c1:54:f2:d7:3b:20:40:9b:80:50:f1:52:63:33:
28:c0:a9:c5:f0:46:18:79:5e:fe:60:e6:0e:5e:d4:
b1:5c:fc:9d:73:cf:98:e0:33:6a:8c:5b:54:8b:c5:
75:58:7a:e5:7e:39:16:df:ab:fb:dd:66:4f:b9:80:
65:3b:87:0f:1b:d1:64:77:fa:b5:2e:45:f4:6c:6f:
a3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B2:25:0C:00:5F:15:DC:DA:4F:FE:82:10:E4:B6:96:26:D9:6C:95
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/SrIlDABfFdzaT_6CEOS2libZbJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.135.0-163.5.136.255
163.5.209.0/24
163.5.211.0/24
Signature Algorithm: sha256WithRSAEncryption
38:3e:5c:bf:17:7b:b2:d3:2b:78:6d:26:a0:05:d0:06:0f:79:
9c:e4:0a:9c:bf:a0:12:b8:a4:8d:7e:2d:1d:69:eb:43:b1:2d:
a9:77:dc:9a:27:5d:e7:17:c6:9e:01:66:44:dd:4b:bc:df:39:
d9:19:d2:ec:47:11:1d:13:ed:39:69:fb:c2:c4:a4:ef:77:60:
59:34:09:54:b0:08:fa:24:8a:40:17:a5:1f:be:53:1a:92:a9:
91:40:8b:b8:34:51:36:42:49:07:75:d0:a0:55:16:df:f7:61:
18:cb:35:10:3c:6c:78:7a:a1:6e:41:49:72:fa:14:50:04:aa:
05:64:f6:5d:5e:90:57:5a:b7:62:8e:bc:02:05:ae:35:79:a5:
5c:75:25:bd:06:24:01:44:4e:79:03:6b:42:73:f1:9e:3e:e7:
89:a9:27:19:29:da:6f:44:df:00:d1:32:3c:cf:72:4d:40:42:
3d:9f:39:60:b6:35:4e:c8:62:02:36:99:41:7e:40:d3:10:e6:
3d:79:c0:fa:1c:c0:70:c2:da:0a:53:88:df:2c:ae:2a:39:79:
1f:06:d4:ca:5b:88:2c:47:b0:db:45:bd:75:4d:7e:d3:54:74:
f4:99:e5:76:7a:71:cd:e4:a6:ea:1e:24:14:7e:8c:08:a7:95:
a7:af:89:de
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYrdlY0wXUbsRAcVXCKv0G+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTI4MjA1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWIyMjUwYzAwNWYxNWRjZGE0ZmZlODIxMGU0YjY5NjI2ZDk2Yzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV3VZYMTnXvOyxguLHcBMeZIuOvy
i4v9KpXMTpF2lHFb8WHlgMwKGwwIgIdYr6igbspm8Ez7KxYU7Vj0wc4V9WY4XXd0
rqFdbZTO/er3SSATpOJb/zE6c2Iy/sdOG0G/HkOnu/UY4lQmJn6ka2oTx0jNrgVx
CH+K9jA6hiqvBCNO7YnsG191Db/h3GDrVWgboFfp1E0A6RajsTAG+cO1C6x2IStd
GYLMPeRQ7rS7Qd7FzW8wwVTy1zsgQJuAUPFSYzMowKnF8EYYeV7+YOYOXtSxXPyd
c8+Y4DNqjFtUi8V1WHrlfjkW36v73WZPuYBlO4cPG9Fkd/q1LkX0bG+jZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEqyJQwAXxXc2k/+ghDktpYm2WyVMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvU3JJbERBQmZGZHphVF82Q0VPUzJsaWJaYkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACjBYcD
BACjBYgDBACjBdEDBACjBdMwDQYJKoZIhvcNAQELBQADggEBADg+XL8Xe7LTK3ht
JqAF0AYPeZzkCpy/oBK4pI1+LR1p60OxLal33JonXecXxp4BZkTdS7zfOdkZ0uxH
ER0T7Tlp+8LEpO93YFk0CVSwCPokikAXpR++UxqSqZFAi7g0UTZCSQd10KBVFt/3
YRjLNRA8bHh6oW5BSXL6FFAEqgVk9l1ekFdat2KOvAIFrjV5pVx1Jb0GJAFETnkD
a0Jz8Z4+54mpJxkp2m9E3wDRMjzPck1AQj2fOWC2NU7IYgI2mUF+QNMQ5j15wPoc
wHDC2gpTiN8srio5eR8G1MpbiCxHsNtFvXVNftNUdPSZ5XZ6cc3kpuoeJBR+jAin
laevid4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org