Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XKzyPBXiJmVd3p7-mkoDC-bDrVw.roa
File: XKzyPBXiJmVd3p7-mkoDC-bDrVw.roa (raw, json)
Hash identifier: ppM68ZnmWhP0CcpWLvNBCb97/8Om68LObdAol0bKHtw=
Subject key identifier: 5C:AC:F2:3C:15:E2:26:65:5D:DE:9E:FE:9A:4A:03:0B:E6:C3:AD:5C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B3817CF765D432E615CDDA2C42B410C67
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XKzyPBXiJmVd3p7-mkoDC-bDrVw.roa
Signing time: Mon 16 Oct 2023 10:46:06 +0000
ROA not before: Mon 16 Oct 2023 10:46:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.223.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:17:cf:76:5d:43:2e:61:5c:dd:a2:c4:2b:41:0c:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 16 10:46:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cacf23c15e226655dde9efe9a4a030be6c3ad5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1e:d4:26:9c:e4:ac:b1:a1:2a:15:b3:2b:6c:
01:e7:7d:5d:a3:df:aa:12:bc:71:ed:3c:20:75:8f:
5e:83:eb:06:3a:65:ee:25:5c:05:55:17:b5:27:f6:
ba:6f:48:e6:53:98:a2:c7:9f:bd:90:79:d9:59:28:
31:da:b6:39:a7:e4:53:84:15:9e:9e:69:46:9b:4b:
e0:68:b7:b4:40:dc:d1:47:96:fc:51:1a:fd:91:75:
ae:74:60:a8:1f:5d:ea:8f:d9:b1:49:99:b9:d8:45:
b7:89:dc:ec:f7:3e:fb:e2:dc:f4:0f:99:62:d0:2d:
34:fd:27:c1:1d:6f:6a:f8:b5:e4:3d:8a:64:eb:9a:
77:2e:60:5a:2b:b3:fc:5c:96:01:e4:f1:3a:14:01:
72:72:fa:72:fe:b0:6e:b7:16:af:4e:00:ee:e1:1c:
c3:ff:88:6c:44:87:ef:98:1b:91:94:26:ff:77:a7:
59:06:ff:4b:18:32:96:bc:3a:70:ee:de:7b:55:d5:
b9:cc:a3:75:d0:8d:ad:7c:0f:14:5f:79:ae:cf:6f:
d3:d9:59:18:d8:9f:db:eb:74:14:f7:93:21:dd:36:
55:80:db:b1:64:27:f2:53:9a:00:a3:1b:39:ba:02:
60:21:c1:9f:1c:18:3c:9e:46:33:fc:04:9b:35:fd:
60:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AC:F2:3C:15:E2:26:65:5D:DE:9E:FE:9A:4A:03:0B:E6:C3:AD:5C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XKzyPBXiJmVd3p7-mkoDC-bDrVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.149.0/24
163.5.168.0/24
163.5.223.0/24
163.5.244.0/24
163.5.248.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:66:a3:24:2d:60:4c:29:ad:82:6d:d2:4d:6c:44:cc:bf:1f:
e4:bc:f6:c8:67:b5:d4:ca:c5:96:00:cb:01:81:3b:6c:7e:4e:
25:58:a5:3b:91:19:28:15:90:c5:b3:75:b3:c4:1a:75:ef:37:
7d:9f:e0:b7:69:cc:a1:e1:04:3a:1e:6f:8b:d2:e3:fa:72:ea:
13:78:c6:a4:84:04:f9:3f:d2:b2:f6:75:77:e0:12:eb:87:ed:
c4:0c:f2:b8:5a:a4:fe:0d:1a:7f:52:6a:1f:ae:cd:9e:d0:05:
48:97:93:cd:90:a4:4f:97:9d:d8:f7:5d:a8:ca:c9:01:6a:24:
cb:bc:63:93:f9:4e:45:64:d5:8a:1c:94:d3:4f:08:2c:f2:1c:
e7:2a:fc:3d:e2:19:59:4f:94:86:da:97:0e:88:eb:ff:0e:d7:
c3:26:cd:78:bd:07:64:dd:7d:f7:c0:6a:31:db:e8:0e:0b:36:
9a:fd:99:42:6a:99:30:1e:8e:63:be:f7:aa:0c:e5:b6:d3:19:
47:59:05:de:89:3b:ac:6c:c2:f2:15:71:0a:0e:51:cb:d2:2e:
10:d5:55:1f:7a:07:49:80:ba:64:2b:8a:97:12:62:0f:c6:14:
0f:a9:b9:bc:60:91:43:85:8a:03:f5:b2:77:5c:47:cc:36:ad:
8d:e6:b3:7e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYs4F892XUMuYVzdosQrQQxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDE2MTA0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FjZjIzYzE1ZTIyNjY1NWRkZTllZmU5YTRhMDMwYmU2YzNhZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlh7UJpzkrLGhKhWzK2wB531do9+q
Erxx7TwgdY9eg+sGOmXuJVwFVRe1J/a6b0jmU5iix5+9kHnZWSgx2rY5p+RThBWe
nmlGm0vgaLe0QNzRR5b8URr9kXWudGCoH13qj9mxSZm52EW3idzs9z774tz0D5li
0C00/SfBHW9q+LXkPYpk65p3LmBaK7P8XJYB5PE6FAFycvpy/rButxavTgDu4RzD
/4hsRIfvmBuRlCb/d6dZBv9LGDKWvDpw7t57VdW5zKN10I2tfA8UX3muz2/T2VkY
2J/b63QU95Mh3TZVgNuxZCfyU5oAoxs5ugJgIcGfHBg8nkYz/ASbNf1gRwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFys8jwV4iZlXd6e/ppKAwvmw61cMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWEt6eVBCWGlKbVZkM3A3LW1rb0RDLWJEclZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowWVAwQA
owWoAwQAowXfAwQAowX0AwQAowX4AwQAowX+MA0GCSqGSIb3DQEBCwUAA4IBAQCh
ZqMkLWBMKa2CbdJNbETMvx/kvPbIZ7XUysWWAMsBgTtsfk4lWKU7kRkoFZDFs3Wz
xBp17zd9n+C3acyh4QQ6Hm+L0uP6cuoTeMakhAT5P9Ky9nV34BLrh+3EDPK4WqT+
DRp/Umofrs2e0AVIl5PNkKRPl53Y912oyskBaiTLvGOT+U5FZNWKHJTTTwgs8hzn
Kvw94hlZT5SG2pcOiOv/DtfDJs14vQdk3X33wGox2+gOCzaa/ZlCapkwHo5jvveq
DOW20xlHWQXeiTusbMLyFXEKDlHL0i4Q1VUfegdJgLpkK4qXEmIPxhQPqbm8YJFD
hYoD9bJ3XEfMNq2N5rN+
-----END CERTIFICATE-----
Generated at Fri Nov 17 19:35:40 2023 by rpki-client on console-fra.rpki-client.org