Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YwOn402ylXor2IdqKdlO_jzfkH4.roa
File: YwOn402ylXor2IdqKdlO_jzfkH4.roa (raw, json)
Hash identifier: z3M2ugKgnTQDxMR6RsMmbWjYTl//bpURjMCtZDUKC6A=
Subject key identifier: 63:03:A7:E3:4D:B2:95:7A:2B:D8:87:6A:29:D9:4E:FE:3C:DF:90:7E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C788E62A222098567F21E293D44C66688
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YwOn402ylXor2IdqKdlO_jzfkH4.roa
Signing time: Sun 17 Dec 2023 16:14:06 +0000
ROA not before: Sun 17 Dec 2023 16:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 163.5.186.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:78:8e:62:a2:22:09:85:67:f2:1e:29:3d:44:c6:66:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 17 16:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6303a7e34db2957a2bd8876a29d94efe3cdf907e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0e:e7:3e:da:fe:ce:cd:f6:93:c0:68:8c:6a:
34:e6:ed:49:22:82:3b:96:1a:36:95:44:f7:28:25:
41:8e:5c:cf:68:7e:0a:d7:c2:f2:5a:63:b3:de:0f:
dc:ef:44:5b:e2:49:f4:e3:6a:48:70:98:9e:bd:92:
41:9c:75:83:6a:12:53:7f:fb:35:1e:46:60:86:53:
50:a9:5b:d6:25:06:72:24:2e:0b:cf:e9:0a:bd:34:
02:8c:eb:70:52:57:a4:c8:a2:80:40:60:c6:67:8c:
c6:2f:4f:15:5c:93:d6:c7:50:6f:17:44:33:75:df:
46:fa:e5:cf:1b:ac:60:6c:89:84:72:e4:a6:94:97:
2f:e7:b2:1b:fb:0a:46:d0:37:46:f5:51:ab:94:9e:
d2:ec:5c:d5:4e:92:b1:4e:e3:1b:14:b7:54:ce:08:
1f:ba:e6:69:65:9b:ec:c7:71:2a:f2:41:6c:33:11:
97:84:80:14:a0:0e:77:7d:f6:b3:05:98:21:86:1b:
07:0c:60:4c:67:24:9e:ec:fd:7f:ff:2f:a0:b3:35:
b0:62:ac:0f:af:6c:4b:19:af:b7:da:aa:5d:a3:1e:
1b:7a:1e:34:c8:b7:81:62:37:c7:af:09:b7:b8:e6:
b5:01:94:15:59:af:e7:8f:19:00:a4:7c:9f:5c:4c:
b3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:03:A7:E3:4D:B2:95:7A:2B:D8:87:6A:29:D9:4E:FE:3C:DF:90:7E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YwOn402ylXor2IdqKdlO_jzfkH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.155.0/24
163.5.186.0/24
163.5.220.0/24
Signature Algorithm: sha256WithRSAEncryption
86:ae:42:6b:bb:45:08:71:59:71:f1:3f:d2:36:13:10:29:0f:
e1:b0:a0:91:78:81:f9:48:cb:33:d2:81:49:6d:ce:ad:2c:b9:
63:ba:32:24:0d:33:ff:ba:3b:3a:8f:94:de:a2:a2:9f:bf:5e:
61:c4:f8:09:9a:e4:44:54:5a:c0:97:e0:72:e8:77:ca:10:b2:
7f:0a:91:7e:15:ea:9c:84:8c:9f:a0:58:d1:28:87:33:29:9c:
46:33:5b:ca:ed:66:c1:2b:a1:d1:70:16:9f:73:e8:e0:7a:b0:
31:15:6e:c8:23:97:47:3d:cb:a5:ee:33:6c:12:45:5c:65:e0:
a0:6a:4f:3b:6e:df:51:99:df:7b:12:ba:d5:e4:bb:fd:69:41:
21:f6:a8:79:f9:47:fe:ee:50:dd:30:c6:ab:85:ec:09:03:e5:
eb:13:3c:7a:73:da:01:c4:fb:fa:83:e9:80:1a:1d:39:12:b0:
3f:f8:cd:fe:2b:08:e1:a1:4f:3c:0c:2f:f1:90:c7:71:52:19:
a9:be:82:e8:2c:43:a8:9a:1c:58:4d:a6:2f:4f:70:4f:cd:09:
c8:c9:12:72:1a:eb:27:87:e1:7f:58:40:fa:c8:8b:f7:da:5c:
de:82:69:ff:97:b5:43:2b:be:ba:28:5c:d9:ac:73:84:87:19:
f8:db:72:c8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx4jmKiIgmFZ/IeKT1ExmaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjE3MTYxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzAzYTdlMzRkYjI5NTdhMmJkODg3NmEyOWQ5NGVmZTNjZGY5MDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA7nPtr+zs32k8BojGo05u1JIoI7
lho2lUT3KCVBjlzPaH4K18LyWmOz3g/c70Rb4kn042pIcJievZJBnHWDahJTf/s1
HkZghlNQqVvWJQZyJC4Lz+kKvTQCjOtwUlekyKKAQGDGZ4zGL08VXJPWx1BvF0Qz
dd9G+uXPG6xgbImEcuSmlJcv57Ib+wpG0DdG9VGrlJ7S7FzVTpKxTuMbFLdUzggf
uuZpZZvsx3Eq8kFsMxGXhIAUoA53ffazBZghhhsHDGBMZySe7P1//y+gszWwYqwP
r2xLGa+32qpdox4beh40yLeBYjfHrwm3uOa1AZQVWa/njxkApHyfXEyzrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGMDp+NNspV6K9iHainZTv4835B+MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWXdPbjQwMnlsWG9yMklkcUtkbE9fanpma0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWbAwQA
owW6AwQAowXcMA0GCSqGSIb3DQEBCwUAA4IBAQCGrkJru0UIcVlx8T/SNhMQKQ/h
sKCReIH5SMsz0oFJbc6tLLljujIkDTP/ujs6j5TeoqKfv15hxPgJmuREVFrAl+By
6HfKELJ/CpF+FeqchIyfoFjRKIczKZxGM1vK7WbBK6HRcBafc+jgerAxFW7II5dH
Pcul7jNsEkVcZeCgak87bt9Rmd97ErrV5Lv9aUEh9qh5+Uf+7lDdMMarhewJA+Xr
Ezx6c9oBxPv6g+mAGh05ErA/+M3+KwjhoU88DC/xkMdxUhmpvoLoLEOomhxYTaYv
T3BPzQnIyRJyGusnh+F/WED6yIv32lzegmn/l7VDK766KFzZrHOEhxn423LI
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:48:54 2024 by rpki-client on console-fra.rpki-client.org