Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aG0wSstAXJJOBfD_PL8qr8MSKRc.roa
File: aG0wSstAXJJOBfD_PL8qr8MSKRc.roa (raw, json)
Hash identifier: GMw3gmfWucFJ94adiQVMFqUel/r83rnDNXmNXqAmUE4=
Subject key identifier: 68:6D:30:4A:CB:40:5C:92:4E:05:F0:FF:3C:BF:2A:AF:C3:12:29:17
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B071081AA130B36757FBB2A364C13C72D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aG0wSstAXJJOBfD_PL8qr8MSKRc.roa
Signing time: Fri 06 Oct 2023 22:16:44 +0000
ROA not before: Fri 06 Oct 2023 22:16:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201364
IP address blocks: 163.5.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:07:10:81:aa:13:0b:36:75:7f:bb:2a:36:4c:13:c7:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 6 22:16:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=686d304acb405c924e05f0ff3cbf2aafc3122917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d4:ed:f0:1d:21:b8:06:13:8a:ba:b5:1c:cd:
e5:2e:15:3d:49:a8:64:04:75:8b:a7:03:59:59:c1:
c3:05:07:65:7b:4a:36:c9:1b:24:4a:4f:62:9a:b9:
0b:c8:ff:62:42:af:68:1a:00:97:f8:5e:8e:70:e6:
6a:a9:ee:a9:b1:6a:ea:44:54:db:78:25:5c:e3:c2:
ac:b9:0b:57:36:50:63:7d:c9:7e:72:1d:d2:ec:ce:
99:d1:88:4b:f8:f7:ad:eb:81:66:c4:27:2c:9f:c9:
3d:d8:84:4b:c7:6e:3c:c5:7e:52:94:8a:cd:1a:cd:
d9:56:a6:ca:db:e0:8b:13:a4:41:f5:fa:8b:7e:66:
8c:b2:89:d4:c4:31:eb:6b:7a:52:6a:69:4c:8e:48:
23:c7:45:b6:77:fa:f3:cc:68:53:a7:0e:eb:33:ce:
db:51:0b:86:cf:58:57:16:c2:62:a8:cd:db:64:02:
74:c8:a3:93:31:55:2b:10:ce:3e:48:42:c9:4f:87:
c4:a0:4c:cb:1f:bd:54:12:2d:dd:ac:48:e6:42:d2:
e1:7a:96:34:a0:55:20:41:d3:61:a9:16:fa:3d:90:
17:c3:10:9b:0e:77:f3:68:13:f0:bc:6c:05:7e:74:
6f:30:60:0c:27:7b:23:2f:0c:4d:45:ea:82:00:35:
b0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6D:30:4A:CB:40:5C:92:4E:05:F0:FF:3C:BF:2A:AF:C3:12:29:17
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aG0wSstAXJJOBfD_PL8qr8MSKRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.78.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:d4:6a:62:36:c7:f7:c0:8b:0a:86:31:1e:5f:62:4f:d4:ed:
db:16:3c:80:5c:80:b9:f3:85:a9:aa:bf:6c:74:41:76:e3:57:
42:62:79:85:08:c5:2d:40:c3:fb:7c:86:ac:5b:64:0e:51:19:
da:a4:bb:76:6f:f1:69:82:40:62:d4:ed:a7:a4:b8:a4:d4:a1:
ab:77:0d:9a:2a:42:eb:2f:42:f8:e3:e6:6b:d4:47:a7:36:4d:
f5:71:64:62:71:eb:05:92:0d:ea:e4:d0:5e:36:ec:a0:63:1f:
bb:5d:b6:ad:d4:f6:d7:10:9b:ba:7c:0d:ce:c5:a8:31:d6:de:
90:66:46:b1:70:90:cb:54:50:67:90:39:4f:c1:37:b8:f0:f3:
7b:58:c9:3f:cb:73:c6:99:42:c9:7c:3f:87:c1:8d:08:1d:91:
23:95:c3:69:2b:41:69:4b:18:23:ed:25:8d:32:ac:0a:89:7e:
f0:80:e5:0f:5f:06:02:2e:c1:a2:55:c7:32:09:a2:b4:ef:cd:
1f:be:fb:09:7b:f1:5e:95:73:9a:1f:43:92:77:e7:f1:7a:17:
4e:da:48:f9:0c:bb:3b:d9:45:86:de:fa:fa:02:73:f9:8e:7d:
c2:40:e1:98:d9:9d:45:9e:e0:57:1f:88:c6:9f:3b:93:ec:cf:
3f:31:79:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsHEIGqEws2dX+7KjZME8ctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDA2MjIxNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZkMzA0YWNiNDA1YzkyNGUwNWYwZmYzY2JmMmFhZmMzMTIyOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdTt8B0huAYTirq1HM3lLhU9Sahk
BHWLpwNZWcHDBQdle0o2yRskSk9imrkLyP9iQq9oGgCX+F6OcOZqqe6psWrqRFTb
eCVc48KsuQtXNlBjfcl+ch3S7M6Z0YhL+Pet64FmxCcsn8k92IRLx248xX5SlIrN
Gs3ZVqbK2+CLE6RB9fqLfmaMsonUxDHra3pSamlMjkgjx0W2d/rzzGhTpw7rM87b
UQuGz1hXFsJiqM3bZAJ0yKOTMVUrEM4+SELJT4fEoEzLH71UEi3drEjmQtLhepY0
oFUgQdNhqRb6PZAXwxCbDnfzaBPwvGwFfnRvMGAMJ3sjLwxNReqCADWw5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhtMErLQFySTgXw/zy/Kq/DEikXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYUcwd1NzdEFYSkpPQmZEX1BMOHFyOE1TS1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowVOMA0G
CSqGSIb3DQEBCwUAA4IBAQCt1GpiNsf3wIsKhjEeX2JP1O3bFjyAXIC584Wpqr9s
dEF241dCYnmFCMUtQMP7fIasW2QOURnapLt2b/FpgkBi1O2npLik1KGrdw2aKkLr
L0L44+Zr1EenNk31cWRicesFkg3q5NBeNuygYx+7Xbat1PbXEJu6fA3Oxagx1t6Q
ZkaxcJDLVFBnkDlPwTe48PN7WMk/y3PGmULJfD+HwY0IHZEjlcNpK0FpSxgj7SWN
MqwKiX7wgOUPXwYCLsGiVccyCaK0780fvvsJe/FelXOaH0OSd+fxehdO2kj5DLs7
2UWG3vr6AnP5jn3CQOGY2Z1FnuBXH4jGnzuT7M8/MXlj
-----END CERTIFICATE-----
Generated at Thu Oct 19 12:38:06 2023 by rpki-client on console-fra.rpki-client.org