Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_3sLmZKiO8-gzuv1d65eN-hgePI.roa
File: _3sLmZKiO8-gzuv1d65eN-hgePI.roa (raw, json)
Hash identifier: A8hk9ESXDcCuuNkNiAZIVAkwuDo/vNp7/Qd7S9JnthA=
Subject key identifier: FF:7B:0B:99:92:A2:3B:CF:A0:CE:EB:F5:77:AE:5E:37:E8:60:78:F2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01864188C714AF21F397C80744F86F305936
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_3sLmZKiO8-gzuv1d65eN-hgePI.roa
Signing time: Sat 11 Feb 2023 17:32:08 +0000
ROA not before: Sat 11 Feb 2023 17:32:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56913
IP address blocks: 163.5.70.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.77.0/24 maxlen: 24
163.5.78.0/24 maxlen: 24
163.5.72.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.29.0/24 maxlen: 24
163.5.63.0/24 maxlen: 24
163.5.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:41:88:c7:14:af:21:f3:97:c8:07:44:f8:6f:30:59:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 11 17:32:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff7b0b9992a23bcfa0ceebf577ae5e37e86078f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e1:27:28:2e:76:72:71:bc:93:c5:08:dc:da:
0b:86:81:4e:75:6b:1d:e2:76:91:e5:97:57:21:6b:
ed:6e:2a:24:2b:3a:da:04:73:0a:2b:d3:40:df:bd:
ed:34:ca:cf:bd:f6:7c:05:0d:51:a8:53:cb:13:73:
fe:e3:7e:79:5e:53:82:ea:15:ac:e0:0d:1e:d4:14:
28:a3:89:39:9e:a2:2c:37:8e:7e:89:7c:56:c6:a0:
81:e3:05:f7:30:10:e2:03:c5:1b:ec:ff:fa:a5:30:
22:10:1c:16:75:dd:e1:4d:f2:0d:fe:aa:61:87:3d:
1c:e7:6a:8e:c8:f6:3b:2d:68:3a:38:12:c0:84:39:
0a:af:76:0d:91:80:a1:2f:67:56:74:0f:3a:c1:1d:
07:5f:68:79:f2:b0:d1:87:1f:2c:1e:56:2c:6c:de:
45:91:aa:b0:38:1d:5b:ef:b0:2c:5f:19:b1:65:4c:
f2:c7:63:30:11:d8:d2:1e:bd:71:5e:d9:6a:38:fe:
c5:17:5c:81:3b:0b:5e:80:69:56:bb:88:64:72:7b:
83:a3:3f:55:55:9d:d3:de:84:85:bf:df:f5:24:e3:
f9:a2:b6:15:23:10:9e:af:1d:8d:03:2b:46:a7:15:
bb:61:fe:b5:63:15:85:80:41:94:24:ec:c1:8c:8b:
c2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:7B:0B:99:92:A2:3B:CF:A0:CE:EB:F5:77:AE:5E:37:E8:60:78:F2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_3sLmZKiO8-gzuv1d65eN-hgePI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.29.0/24
163.5.63.0-163.5.64.255
163.5.66.0/24
163.5.70.0/24
163.5.72.0/24
163.5.77.0-163.5.78.255
163.5.88.0/23
Signature Algorithm: sha256WithRSAEncryption
04:61:07:23:1e:16:35:f5:79:ac:11:6f:84:c0:cb:5a:de:8d:
c5:99:d6:af:5f:c6:45:04:da:18:5d:20:cc:ea:77:f5:b3:87:
0d:2e:bf:f1:ce:39:ea:1f:ec:ea:25:1c:50:74:8f:91:b5:67:
75:a4:72:e6:be:83:6b:bb:22:73:87:69:cb:58:5a:f2:de:c6:
69:11:21:1a:19:b5:01:b9:b7:a1:76:c1:c3:25:67:7e:1b:d2:
60:52:12:ab:87:47:9c:ab:48:09:1b:43:fa:4b:1c:e9:15:8a:
25:52:3a:75:18:32:eb:12:6e:5c:c8:3f:9e:28:7a:b1:f4:ea:
b9:df:43:b4:13:28:dc:1a:1d:18:38:0d:17:fc:e2:1b:ac:fe:
b8:cc:67:01:db:96:b2:f4:3d:8f:57:48:7d:80:da:c8:a1:3a:
74:e4:fb:ed:8e:49:8c:0b:ce:be:a2:1d:0a:fc:9d:41:4a:ac:
ec:7f:52:a9:76:e2:8f:df:21:88:85:ec:3b:9a:7e:06:43:11:
bf:81:7a:9b:91:c4:7d:cb:22:1f:f1:31:90:ce:b2:29:f7:8f:
6d:37:4d:7e:fa:e3:85:e2:1e:41:91:93:7f:2e:64:07:ae:79:
b5:47:d1:13:90:3a:74:c5:fa:5c:09:49:4b:e8:97:3e:50:20:
3b:ab:17:07
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYZBiMcUryHzl8gHRPhvMFk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMjExMTczMjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjdiMGI5OTkyYTIzYmNmYTBjZWViZjU3N2FlNWUzN2U4NjA3OGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruEnKC52cnG8k8UI3NoLhoFOdWsd
4naR5ZdXIWvtbiokKzraBHMKK9NA373tNMrPvfZ8BQ1RqFPLE3P+4355XlOC6hWs
4A0e1BQoo4k5nqIsN45+iXxWxqCB4wX3MBDiA8Ub7P/6pTAiEBwWdd3hTfIN/qph
hz0c52qOyPY7LWg6OBLAhDkKr3YNkYChL2dWdA86wR0HX2h58rDRhx8sHlYsbN5F
kaqwOB1b77AsXxmxZUzyx2MwEdjSHr1xXtlqOP7FF1yBOwtegGlWu4hkcnuDoz9V
VZ3T3oSFv9/1JOP5orYVIxCerx2NAytGpxW7Yf61YxWFgEGUJOzBjIvCwwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFP97C5mSojvPoM7r9XeuXjfoYHjyMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvXzNzTG1aS2lPOC1nenV2MWQ2NWVOLWhnZVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAowUdMAwD
BACjBT8DBACjBUADBACjBUIDBACjBUYDBACjBUgwDAMEAKMFTQMEAKMFTgMEAaMF
WDANBgkqhkiG9w0BAQsFAAOCAQEABGEHIx4WNfV5rBFvhMDLWt6NxZnWr1/GRQTa
GF0gzOp39bOHDS6/8c456h/s6iUcUHSPkbVndaRy5r6Da7sic4dpy1ha8t7GaREh
Ghm1Abm3oXbBwyVnfhvSYFISq4dHnKtICRtD+ksc6RWKJVI6dRgy6xJuXMg/nih6
sfTqud9DtBMo3BodGDgNF/ziG6z+uMxnAduWsvQ9j1dIfYDayKE6dOT77Y5JjAvO
vqIdCvydQUqs7H9SqXbij98hiIXsO5p+BkMRv4F6m5HEfcsiH/ExkM6yKfePbTdN
fvrjheIeQZGTfy5kB655tUfRE5A6dMX6XAlJS+iXPlAgO6sXBw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:10 2023 by rpki-client on console-ams.rpki-client.org