Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TxKe19PcS3so3Us1kWt_QjPWT-E.roa
File: TxKe19PcS3so3Us1kWt_QjPWT-E.roa (raw, json)
Hash identifier: KVaZ2NnUscAgXsSYAnMNPA42r54+FznyROpBotx/9c4=
Subject key identifier: 4F:12:9E:D7:D3:DC:4B:7B:28:DD:4B:35:91:6B:7F:42:33:D6:4F:E1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C788D78E80F2FEA4DA303CAA834916B0F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TxKe19PcS3so3Us1kWt_QjPWT-E.roa
Signing time: Sun 17 Dec 2023 16:13:06 +0000
ROA not before: Sun 17 Dec 2023 16:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5650
IP address blocks: 163.5.211.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:78:8d:78:e8:0f:2f:ea:4d:a3:03:ca:a8:34:91:6b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 17 16:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f129ed7d3dc4b7b28dd4b35916b7f4233d64fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8c:59:05:11:fb:d6:f8:91:49:5f:86:49:20:
0c:9f:ed:4b:fa:f1:04:7d:66:c4:c3:25:62:49:18:
25:88:4f:4f:2e:6a:f7:e7:49:e9:56:39:20:79:63:
5f:c0:7f:74:97:20:d9:13:73:a8:83:7f:b9:7c:3f:
d1:9a:63:a3:a1:07:f9:90:37:c5:5c:63:e6:d2:e9:
df:96:ed:fd:11:59:cc:00:95:b1:2b:90:9b:aa:11:
78:c4:25:bd:44:0b:d4:d1:2e:0c:ad:65:90:c6:fa:
da:fe:0a:a8:a1:9f:bc:64:e8:21:88:91:c7:82:cc:
53:7c:4a:79:b1:b8:27:7f:8f:00:16:f4:11:08:38:
5a:64:36:12:a4:33:1a:d3:0f:34:58:35:bf:dc:55:
a2:9b:34:b2:91:f4:9a:3e:6c:f7:d8:a2:28:80:3f:
f6:51:a4:08:59:9e:22:f6:a3:de:6e:9b:15:db:04:
da:51:f2:4c:cc:45:96:70:aa:45:ee:a9:a6:2d:28:
d3:b0:7a:a4:48:9f:5d:f3:6b:09:e2:d9:78:e3:3b:
93:e2:38:47:91:d3:5b:f3:52:8c:35:62:e7:4f:1e:
1e:20:5d:a0:97:b5:62:c4:00:81:92:86:49:c5:9a:
b0:1e:94:2b:86:07:27:4e:36:9a:29:19:fb:c2:85:
a4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:12:9E:D7:D3:DC:4B:7B:28:DD:4B:35:91:6B:7F:42:33:D6:4F:E1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TxKe19PcS3so3Us1kWt_QjPWT-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.136.0/24
163.5.211.0/24
Signature Algorithm: sha256WithRSAEncryption
60:99:c2:31:c2:10:a4:18:40:4d:8e:80:42:b1:e4:e7:bd:c0:
3c:e8:c3:77:a3:3d:ad:60:03:c9:d8:1c:f1:3c:02:90:cb:d1:
5d:d9:6b:57:45:45:f4:52:c7:4e:a0:02:1d:70:f9:c4:e4:5f:
57:5c:d0:6c:9a:90:74:57:ba:60:a4:2c:0d:a4:d5:21:ba:e5:
db:9c:b1:65:e5:66:08:9a:12:f3:da:15:70:d0:d1:ad:be:4e:
98:fb:01:a2:77:0b:99:94:eb:6a:4c:d6:0d:ce:69:72:c6:40:
c8:37:5f:0e:59:4a:ad:5e:11:57:76:bc:14:06:44:33:48:fd:
4f:8e:57:57:c8:e3:7e:9f:48:d1:6b:f5:3a:a1:b3:cc:ea:9f:
f5:10:f9:e0:1c:0e:ac:df:cb:a7:49:f3:3a:0d:52:30:10:dc:
da:9c:b4:11:50:e2:99:93:db:cd:e7:7e:40:f6:23:ec:98:ae:
46:19:39:ff:96:9d:e3:ae:2c:ca:95:7b:d6:c0:24:af:ae:1f:
4a:15:70:6c:36:d4:7c:8e:7b:52:e1:90:44:cc:fb:c7:f3:3d:
17:9d:0c:57:f0:b1:69:dd:35:35:11:54:59:9d:03:d4:94:91:
58:d5:1b:bf:2a:9b:68:ff:0d:1c:79:b7:bd:7a:d0:4a:24:68:
26:8e:54:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYx4jXjoDy/qTaMDyqg0kWsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjE3MTYxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjEyOWVkN2QzZGM0YjdiMjhkZDRiMzU5MTZiN2Y0MjMzZDY0ZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4xZBRH71viRSV+GSSAMn+1L+vEE
fWbEwyViSRgliE9PLmr350npVjkgeWNfwH90lyDZE3Oog3+5fD/RmmOjoQf5kDfF
XGPm0unflu39EVnMAJWxK5CbqhF4xCW9RAvU0S4MrWWQxvra/gqooZ+8ZOghiJHH
gsxTfEp5sbgnf48AFvQRCDhaZDYSpDMa0w80WDW/3FWimzSykfSaPmz32KIogD/2
UaQIWZ4i9qPebpsV2wTaUfJMzEWWcKpF7qmmLSjTsHqkSJ9d82sJ4tl44zuT4jhH
kdNb81KMNWLnTx4eIF2gl7VixACBkoZJxZqwHpQrhgcnTjaaKRn7woWkNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE8SntfT3Et7KN1LNZFrf0Iz1k/hMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVHhLZTE5UGNTM3NvM1VzMWtXdF9RalBXVC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWIAwQA
owXTMA0GCSqGSIb3DQEBCwUAA4IBAQBgmcIxwhCkGEBNjoBCseTnvcA86MN3oz2t
YAPJ2BzxPAKQy9Fd2WtXRUX0UsdOoAIdcPnE5F9XXNBsmpB0V7pgpCwNpNUhuuXb
nLFl5WYImhLz2hVw0NGtvk6Y+wGidwuZlOtqTNYNzmlyxkDIN18OWUqtXhFXdrwU
BkQzSP1PjldXyON+n0jRa/U6obPM6p/1EPngHA6s38unSfM6DVIwENzanLQRUOKZ
k9vN535A9iPsmK5GGTn/lp3jrizKlXvWwCSvrh9KFXBsNtR8jntS4ZBEzPvH8z0X
nQxX8LFp3TU1EVRZnQPUlJFY1Ru/Kpto/w0cebe9etBKJGgmjlRS
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:19 2024 by rpki-client on console-fra.rpki-client.org