Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aEcrvIRd1t8FpQ6ECMJRCc3KkZM.roa
File: aEcrvIRd1t8FpQ6ECMJRCc3KkZM.roa (raw, json)
Hash identifier: 8TdcNza2UsUZZ/v0YJqxHsQeCS5K2E+xd3h6KG6/wOA=
Subject key identifier: 68:47:2B:BC:84:5D:D6:DF:05:A5:0E:84:08:C2:51:09:CD:CA:91:93
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042B028C0F6882FDE4724FFCED55DC8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aEcrvIRd1t8FpQ6ECMJRCc3KkZM.roa
Signing time: Mon 02 Jan 2023 02:14:56 +0000
ROA not before: Mon 02 Jan 2023 02:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 384
IP address blocks: 163.5.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:b0:28:c0:f6:88:2f:de:47:24:ff:ce:d5:5d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68472bbc845dd6df05a50e8408c25109cdca9193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:00:b6:58:c9:08:2c:81:5b:f8:67:4e:bd:4e:
cc:31:21:55:4f:f1:86:fb:31:cf:f5:8b:05:52:d1:
0d:7f:41:42:a5:38:1f:04:47:7a:bf:53:9a:b6:dd:
a7:cc:60:5a:af:f4:a1:3f:d2:53:93:52:16:ae:20:
03:fb:bb:6b:98:67:79:71:08:ff:dc:c2:d6:4b:ab:
87:8e:a0:09:ba:50:87:4f:22:0e:82:38:f8:7d:13:
27:6a:d5:49:e5:e1:17:04:3a:bf:07:f2:7f:04:c2:
7b:68:c9:58:ca:6a:f4:6a:2f:50:44:49:03:e5:89:
4d:f2:36:66:13:cc:99:b3:d4:77:59:cf:a5:18:a9:
bf:e1:e8:d9:06:8b:9e:05:5b:34:c2:1e:fb:9f:b4:
30:97:69:50:7f:63:ba:44:a5:12:30:2e:63:e3:a8:
1b:7c:5e:60:4c:ac:73:27:43:58:82:08:4a:9e:ca:
62:93:01:37:b1:87:23:b7:d6:20:86:91:e6:1b:c4:
bc:33:d5:d1:52:bb:03:0c:a1:57:33:7e:89:a4:af:
36:7b:8f:c7:16:9e:c2:f9:5f:87:3b:52:82:3d:28:
0d:8d:5b:f8:8e:37:7c:cc:a0:ee:43:73:21:e7:1c:
93:0c:80:33:8c:44:38:37:57:9b:3d:66:5a:30:fd:
16:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:47:2B:BC:84:5D:D6:DF:05:A5:0E:84:08:C2:51:09:CD:CA:91:93
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aEcrvIRd1t8FpQ6ECMJRCc3KkZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.90.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:bd:83:69:9b:5e:e1:6b:91:db:9f:35:f3:b5:6d:48:3d:f6:
67:60:49:9d:06:60:c7:66:80:2b:9d:29:ab:9e:a9:2b:cd:b3:
bb:5f:a5:a0:18:99:78:8f:e8:2d:e8:5b:7d:30:cb:47:f6:7f:
e9:57:35:d8:61:71:a8:f3:31:95:0e:0a:aa:aa:16:fd:5c:bd:
ef:6b:47:39:a1:1d:ad:ea:5e:12:6d:00:fa:bc:21:ff:7e:13:
da:50:0d:68:08:2b:0d:b6:29:98:96:95:61:5f:2d:bb:73:41:
7b:cc:18:81:c9:3b:7a:59:3e:ec:d9:70:0f:43:b0:01:07:78:
d9:aa:d8:6c:44:f0:de:49:db:25:0d:08:ab:a5:66:48:b4:e1:
b3:3f:d0:c4:d1:ba:05:df:26:14:4a:b9:2c:75:e5:b3:e8:02:
ae:fd:25:f8:73:88:30:dd:d9:c4:d1:ed:62:57:15:2b:d6:02:
ac:07:b8:49:e7:71:94:5e:58:ad:84:89:aa:19:c9:43:06:b3:
96:6a:92:07:d0:a2:91:67:82:b2:7b:ac:86:0c:96:70:08:79:
ff:94:f3:31:ed:c8:07:e5:97:61:00:c4:67:65:ab:ef:61:7c:
9f:7a:86:46:42:a2:89:7e:95:8e:34:51:9c:ef:7e:26:e1:61:
44:e4:b5:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQrAowPaIL95HJP/O1V3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQ3MmJiYzg0NWRkNmRmMDVhNTBlODQwOGMyNTEwOWNkY2E5MTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgC2WMkILIFb+GdOvU7MMSFVT/GG
+zHP9YsFUtENf0FCpTgfBEd6v1Oatt2nzGBar/ShP9JTk1IWriAD+7trmGd5cQj/
3MLWS6uHjqAJulCHTyIOgjj4fRMnatVJ5eEXBDq/B/J/BMJ7aMlYymr0ai9QREkD
5YlN8jZmE8yZs9R3Wc+lGKm/4ejZBoueBVs0wh77n7Qwl2lQf2O6RKUSMC5j46gb
fF5gTKxzJ0NYgghKnspikwE3sYcjt9YghpHmG8S8M9XRUrsDDKFXM36JpK82e4/H
Fp7C+V+HO1KCPSgNjVv4jjd8zKDuQ3Mh5xyTDIAzjEQ4N1ebPWZaMP0WHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhHK7yEXdbfBaUOhAjCUQnNypGTMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYUVjcnZJUmQxdDhGcFE2RUNNSlJDYzNLa1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowVaMA0G
CSqGSIb3DQEBCwUAA4IBAQChvYNpm17ha5HbnzXztW1IPfZnYEmdBmDHZoArnSmr
nqkrzbO7X6WgGJl4j+gt6Ft9MMtH9n/pVzXYYXGo8zGVDgqqqhb9XL3va0c5oR2t
6l4SbQD6vCH/fhPaUA1oCCsNtimYlpVhXy27c0F7zBiByTt6WT7s2XAPQ7ABB3jZ
qthsRPDeSdslDQirpWZItOGzP9DE0boF3yYUSrksdeWz6AKu/SX4c4gw3dnE0e1i
VxUr1gKsB7hJ53GUXlithImqGclDBrOWapIH0KKRZ4Kye6yGDJZwCHn/lPMx7cgH
5ZdhAMRnZavvYXyfeoZGQqKJfpWONFGc734m4WFE5LU0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:10 2023 by rpki-client on console-ams.rpki-client.org