Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YU-jcBzuMEsL_aOEjo0eKLJx_7E.roa
File: YU-jcBzuMEsL_aOEjo0eKLJx_7E.roa (raw, json)
Hash identifier: hYV5PRYtJnYxGEr98adK7LaVSh9NBPdkq4auo42q7L0=
Subject key identifier: 61:4F:A3:70:1C:EE:30:4B:0B:FD:A3:84:8E:8D:1E:28:B2:71:FF:B1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0185F81ADC622CD4A87E5064A36835BA509C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YU-jcBzuMEsL_aOEjo0eKLJx_7E.roa
Signing time: Sat 28 Jan 2023 11:19:47 +0000
ROA not before: Sat 28 Jan 2023 11:19:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.237.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Jan 2023 21:55:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f8:1a:dc:62:2c:d4:a8:7e:50:64:a3:68:35:ba:50:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 28 11:19:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=614fa3701cee304b0bfda3848e8d1e28b271ffb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:73:fc:e0:af:8f:55:ad:60:87:56:6f:e1:e1:
ba:88:e8:c1:82:e6:48:04:84:ea:83:95:14:6c:4e:
94:ca:0c:ea:69:34:35:7d:62:12:a2:c2:bd:fd:53:
13:d2:6e:d3:45:71:91:de:35:01:e3:a5:b4:78:d2:
ed:28:5b:56:1f:c4:3d:5a:9b:9c:42:af:ae:3d:c6:
dd:b3:77:8d:78:04:79:7c:ae:d0:05:6b:54:14:ec:
73:89:21:e5:87:a1:bc:c9:fd:6a:0a:3a:e9:97:86:
c6:37:90:39:c1:8e:ff:5d:e2:e0:34:32:09:19:9f:
45:7f:47:82:f7:3e:ba:da:51:13:b5:ef:db:e6:83:
17:de:19:9c:ae:0a:ab:55:7f:7c:bd:5a:64:cb:d9:
f3:98:71:76:00:c3:88:8e:9f:b2:81:9b:2e:18:0c:
40:5e:5c:72:a1:0f:14:ca:bf:f2:73:86:ae:ba:f9:
a8:58:b7:51:4a:04:6d:1e:cd:2e:21:60:9f:35:51:
af:dc:00:46:e5:cf:be:7b:98:c1:f6:72:dd:a5:97:
ef:56:73:38:fd:d8:2f:dc:f3:d5:92:3f:af:56:55:
c3:1b:89:cd:a0:0c:fc:7f:57:cc:cd:6e:ea:50:29:
cd:9a:a0:49:51:f7:89:e0:6d:58:62:b3:48:84:31:
40:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:4F:A3:70:1C:EE:30:4B:0B:FD:A3:84:8E:8D:1E:28:B2:71:FF:B1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YU-jcBzuMEsL_aOEjo0eKLJx_7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.131.0/24
163.5.134.0/24
163.5.192.0/24
163.5.228.0/24
163.5.237.0/24
Signature Algorithm: sha256WithRSAEncryption
91:62:fa:00:32:8b:84:1d:0e:a5:3b:35:36:0d:13:31:be:a4:
0c:67:7b:b1:b7:57:7e:0a:f1:b5:2e:51:3b:84:10:f3:6a:84:
f4:24:38:63:e8:63:bc:5d:c2:35:a5:b9:fe:fe:ce:60:ce:04:
fa:79:a7:d6:32:92:b0:4a:c9:0d:b5:5c:ba:96:9f:f9:67:08:
a3:69:cf:31:ba:82:32:0d:10:b1:e0:10:61:0c:64:a3:49:1f:
f1:26:a8:bd:d2:4d:bb:b7:8b:fd:63:aa:ae:4f:bb:c0:fb:e4:
14:55:8b:d6:89:87:8f:80:5c:fb:08:e5:0a:16:e5:15:72:5d:
bd:b1:f0:fb:4a:75:37:00:45:8c:b8:7d:7b:ec:60:93:71:c5:
69:88:e0:8c:2a:a1:2d:e2:e0:66:41:92:15:d1:5e:e2:28:86:
61:9a:9b:fc:92:92:a2:eb:3f:b3:0c:2f:f0:97:ad:cf:1b:e8:
35:5d:a9:31:6a:bc:db:02:da:a7:2b:4b:d0:8a:65:7f:e5:7e:
d4:d7:81:10:04:7f:10:27:6f:03:0f:df:06:a9:67:03:41:22:
2f:ca:ef:3a:f8:79:9c:7d:e6:73:44:7d:71:bf:8e:02:54:b3:
ca:e7:67:f7:a6:35:13:5a:97:4b:77:0e:da:a4:41:3a:7f:a8:
03:3e:25:71
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYX4GtxiLNSoflBko2g1ulCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTI4MTExOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTRmYTM3MDFjZWUzMDRiMGJmZGEzODQ4ZThkMWUyOGIyNzFmZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3P84K+PVa1gh1Zv4eG6iOjBguZI
BITqg5UUbE6UygzqaTQ1fWISosK9/VMT0m7TRXGR3jUB46W0eNLtKFtWH8Q9Wpuc
Qq+uPcbds3eNeAR5fK7QBWtUFOxziSHlh6G8yf1qCjrpl4bGN5A5wY7/XeLgNDIJ
GZ9Ff0eC9z662lETte/b5oMX3hmcrgqrVX98vVpky9nzmHF2AMOIjp+ygZsuGAxA
XlxyoQ8Uyr/yc4auuvmoWLdRSgRtHs0uIWCfNVGv3ABG5c++e5jB9nLdpZfvVnM4
/dgv3PPVkj+vVlXDG4nNoAz8f1fMzW7qUCnNmqBJUfeJ4G1YYrNIhDFA4wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGFPo3Ac7jBLC/2jhI6NHiiycf+xMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWVUtamNCenVNRXNMX2FPRWpvMGVLTEp4XzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowWDAwQA
owWGAwQAowXAAwQAowXkAwQAowXtMA0GCSqGSIb3DQEBCwUAA4IBAQCRYvoAMouE
HQ6lOzU2DRMxvqQMZ3uxt1d+CvG1LlE7hBDzaoT0JDhj6GO8XcI1pbn+/s5gzgT6
eafWMpKwSskNtVy6lp/5Zwijac8xuoIyDRCx4BBhDGSjSR/xJqi90k27t4v9Y6qu
T7vA++QUVYvWiYePgFz7COUKFuUVcl29sfD7SnU3AEWMuH177GCTccVpiOCMKqEt
4uBmQZIV0V7iKIZhmpv8kpKi6z+zDC/wl63PG+g1XakxarzbAtqnK0vQimV/5X7U
14EQBH8QJ28DD98GqWcDQSIvyu86+HmcfeZzRH1xv44CVLPK52f3pjUTWpdLdw7a
pEE6f6gDPiVx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:33 2024 by rpki-client on console-ams.rpki-client.org