Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Veh_ZYlRo-twdacSQ_QL3wzt074.roa
File: Veh_ZYlRo-twdacSQ_QL3wzt074.roa (raw, json)
Hash identifier: +gPRcx49Gjgt2l0QxG4AGdoSB42RxURUGgqBJuTDiIE=
Subject key identifier: 55:E8:7F:65:89:51:A3:EB:70:75:A7:12:43:F4:0B:DF:0C:ED:D3:BE
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC568F2A7B783913819DCA065DBB64A55
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Veh_ZYlRo-twdacSQ_QL3wzt074.roa
Signing time: Mon 01 Jan 2024 14:23:58 +0000
ROA not before: Mon 01 Jan 2024 14:23:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.177.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:68:f2:a7:b7:83:91:38:19:dc:a0:65:db:b6:4a:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 14:23:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55e87f658951a3eb7075a71243f40bdf0cedd3be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e4:a9:10:07:c3:8d:e4:b1:07:74:56:8b:52:
d5:19:f1:cb:f5:6f:3f:c4:41:99:52:f0:a0:8f:de:
9a:12:74:8c:70:eb:12:67:d9:0d:f7:2e:96:9b:0f:
07:37:28:50:c7:78:9b:e8:ec:c0:ce:a5:d9:69:dc:
b3:5b:85:27:8a:ff:89:ae:1b:eb:a5:b9:66:da:19:
42:0d:42:06:0e:29:ae:b3:a8:9d:09:f6:60:37:4e:
e9:08:a8:7a:10:49:cb:a1:aa:20:71:10:53:40:39:
9d:04:6b:e1:9c:d7:b6:b0:df:71:55:80:19:fc:9d:
00:2d:a7:93:8b:0e:78:e9:e7:bf:41:99:69:58:5b:
12:0c:0e:1f:c0:7a:c4:27:57:68:3e:f8:53:69:a0:
0d:0f:19:70:e6:86:69:00:d4:0d:a5:66:cd:73:fb:
29:57:6c:6e:99:fe:b5:aa:f2:fd:a3:7a:d4:be:c4:
2b:ab:72:f3:77:15:48:85:f7:c4:7e:51:7d:cf:e1:
ac:ae:18:ec:30:54:36:6f:e3:2c:5a:1e:52:15:0a:
f2:fa:fb:6f:6f:6e:fa:83:7a:24:bb:93:ef:c1:3c:
b1:8c:dc:f5:e6:0b:aa:4c:d5:21:02:00:0d:af:7f:
14:10:41:ef:bc:ea:3f:51:7d:1f:26:33:d9:e4:37:
19:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E8:7F:65:89:51:A3:EB:70:75:A7:12:43:F4:0B:DF:0C:ED:D3:BE
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Veh_ZYlRo-twdacSQ_QL3wzt074.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.153.0/24
163.5.177.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a1:bb:1c:09:03:43:a4:cd:f5:69:8f:6e:dc:2c:60:07:0c:
8b:5e:e2:af:05:72:db:fa:d7:17:c8:4e:20:5c:96:df:a4:3a:
08:db:5d:69:39:fc:94:91:8f:dd:32:93:c1:c8:47:93:b9:dc:
0b:11:f0:0e:75:88:c1:c3:a5:c8:ea:48:24:92:9c:27:b5:d3:
e6:1e:db:eb:81:5c:55:be:58:29:86:36:82:eb:88:fc:b3:2f:
c0:13:13:fd:0f:5e:dc:bb:43:c9:1f:45:62:c9:3a:46:33:6d:
0a:94:03:67:1a:46:83:7b:e9:c8:63:d8:ff:c9:60:38:6d:bd:
de:42:b3:2c:9f:0e:70:a6:44:a3:15:e1:32:27:71:99:02:09:
30:69:c4:c6:fd:ce:7a:5f:c6:15:31:2d:19:94:ed:ac:f9:01:
4e:84:35:2f:da:8c:97:5d:74:31:9c:ba:63:d8:2d:b6:e0:d7:
70:9e:36:be:6b:01:52:ce:ee:93:45:b9:cd:80:82:41:0a:e5:
9b:83:dd:ab:a7:a7:5a:c3:e6:89:98:7b:86:6b:b1:58:7b:b6:
74:5d:ce:11:9d:7d:c2:fd:cf:42:93:91:fe:c6:22:d1:40:10:
78:09:95:1a:6c:10:37:06:12:1f:c1:d0:18:61:f3:b9:e2:f7:
2b:ec:9d:e3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFaPKnt4OROBncoGXbtkpVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMTQyMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWU4N2Y2NTg5NTFhM2ViNzA3NWE3MTI0M2Y0MGJkZjBjZWRkM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+SpEAfDjeSxB3RWi1LVGfHL9W8/
xEGZUvCgj96aEnSMcOsSZ9kN9y6Wmw8HNyhQx3ib6OzAzqXZadyzW4Univ+Jrhvr
pblm2hlCDUIGDimus6idCfZgN07pCKh6EEnLoaogcRBTQDmdBGvhnNe2sN9xVYAZ
/J0ALaeTiw546ee/QZlpWFsSDA4fwHrEJ1doPvhTaaANDxlw5oZpANQNpWbNc/sp
V2xumf61qvL9o3rUvsQrq3LzdxVIhffEflF9z+GsrhjsMFQ2b+MsWh5SFQry+vtv
b276g3oku5PvwTyxjNz15guqTNUhAgANr38UEEHvvOo/UX0fJjPZ5DcZbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFXof2WJUaPrcHWnEkP0C98M7dO+MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVmVoX1pZbFJvLXR3ZGFjU1FfUUwzd3p0MDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUiAwQA
owWZAwQAowWxAwQAowX8MA0GCSqGSIb3DQEBCwUAA4IBAQBIobscCQNDpM31aY9u
3CxgBwyLXuKvBXLb+tcXyE4gXJbfpDoI211pOfyUkY/dMpPByEeTudwLEfAOdYjB
w6XI6kgkkpwntdPmHtvrgVxVvlgphjaC64j8sy/AExP9D17cu0PJH0ViyTpGM20K
lANnGkaDe+nIY9j/yWA4bb3eQrMsnw5wpkSjFeEyJ3GZAgkwacTG/c56X8YVMS0Z
lO2s+QFOhDUv2oyXXXQxnLpj2C224Ndwnja+awFSzu6TRbnNgIJBCuWbg92rp6da
w+aJmHuGa7FYe7Z0Xc4RnX3C/c9Ck5H+xiLRQBB4CZUabBA3BhIfwdAYYfO54vcr
7J3j
-----END CERTIFICATE-----
Generated at Thu Jan 4 08:05:59 2024 by rpki-client on console-ams.rpki-client.org