Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aLOlBlusPIGwvXvP38oRMATaJd8.roa
File: aLOlBlusPIGwvXvP38oRMATaJd8.roa (raw, json)
Hash identifier: XOfJrP/OTEd56vxdrrs53UnR4nh6payPDZ6tssnVIUs=
Subject key identifier: 68:B3:A5:06:5B:AC:3C:81:B0:BD:7B:CF:DF:CA:11:30:04:DA:25:DF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042CB7A6E343BDE01A2A30B3C8FFB19
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aLOlBlusPIGwvXvP38oRMATaJd8.roa
Signing time: Mon 02 Jan 2023 02:15:03 +0000
ROA not before: Mon 02 Jan 2023 02:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210703
IP address blocks: 163.5.144.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:cb:7a:6e:34:3b:de:01:a2:a3:0b:3c:8f:fb:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68b3a5065bac3c81b0bd7bcfdfca113004da25df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:89:68:b8:34:79:e3:93:57:dd:1d:fa:c6:0b:
47:08:ce:a8:d8:7f:88:62:c0:2a:99:a4:95:7a:c2:
2f:ec:82:36:3a:32:0b:33:50:ab:24:27:bb:1e:dd:
f3:30:d2:10:31:14:ef:50:63:8c:d4:14:43:3f:51:
69:71:fc:39:e7:01:44:bb:e2:0a:6b:29:07:2e:20:
59:34:2d:c0:71:9b:54:e7:8a:ae:65:c7:53:57:36:
b5:d1:dd:61:a9:41:06:ad:16:cc:c0:2d:f4:c9:7f:
85:6a:e2:00:b2:c0:c8:cd:c3:b0:11:3b:83:4c:58:
32:8e:dd:bf:73:44:3b:e2:eb:db:33:ba:12:66:b5:
84:9f:65:f6:d1:6f:c1:35:90:80:58:f5:c8:a1:11:
0b:8b:f7:4d:41:2d:64:96:90:6d:ee:81:27:0a:9a:
b9:85:8e:6d:e3:87:dd:b2:65:60:b3:9a:80:8c:0d:
e6:e9:48:76:a0:e4:6e:3a:58:23:a5:14:03:85:a7:
09:e0:c9:c2:fd:3e:b0:a6:63:31:ac:88:68:fe:ac:
1c:19:8f:8f:81:6a:57:3a:e0:58:32:f7:2d:d0:e2:
7c:42:56:f2:ea:8d:53:68:63:84:f9:ee:3c:65:92:
c6:b4:fc:b0:1f:61:33:8d:b1:2e:ee:b5:9b:99:40:
d5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B3:A5:06:5B:AC:3C:81:B0:BD:7B:CF:DF:CA:11:30:04:DA:25:DF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aLOlBlusPIGwvXvP38oRMATaJd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.144.0/24
163.5.168.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:6e:90:bc:53:36:fc:77:fe:27:a7:e6:ae:41:7b:68:60:b8:
d1:00:38:c4:8f:28:a5:5e:bf:da:b1:7a:15:34:ef:0d:d1:46:
3a:36:6c:88:50:75:74:32:66:7e:40:88:58:ab:b6:3a:57:0b:
af:49:6a:95:96:41:5d:ff:9a:71:9d:08:bb:0e:be:b2:69:e5:
fd:f0:27:71:c0:8b:ee:22:d1:64:4c:01:ad:38:a8:e0:48:36:
49:a0:a1:30:e1:e7:7c:46:5f:a0:4d:cd:58:f0:25:c3:bd:3a:
e7:dd:0a:d4:26:2e:5e:77:40:25:2b:51:7f:f9:22:2c:16:33:
7c:60:15:e6:24:0a:93:1d:6f:0f:1f:b9:b5:d6:2f:18:78:4f:
90:7e:b8:8e:b3:bc:6a:6f:05:0b:01:5c:10:bb:e9:39:9b:91:
51:ca:4b:a1:9e:ef:66:5e:08:53:b7:22:b6:07:bb:57:6b:4a:
ff:64:f1:7d:53:67:a5:82:71:95:c1:d7:41:ee:27:31:b9:a7:
2c:48:49:0c:d5:0a:45:8d:0e:f9:25:7a:84:57:c6:8e:56:55:
40:2d:b9:72:01:e5:78:b8:91:c5:df:61:ec:bd:30:01:74:e2:
46:30:7c:fd:a9:bf:92:a4:09:2b:a6:87:95:78:42:35:88:97:
35:4b:83:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwQst6bjQ73gGiows8j/sZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGIzYTUwNjViYWMzYzgxYjBiZDdiY2ZkZmNhMTEzMDA0ZGEyNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4louDR545NX3R36xgtHCM6o2H+I
YsAqmaSVesIv7II2OjILM1CrJCe7Ht3zMNIQMRTvUGOM1BRDP1Fpcfw55wFEu+IK
aykHLiBZNC3AcZtU54quZcdTVza10d1hqUEGrRbMwC30yX+FauIAssDIzcOwETuD
TFgyjt2/c0Q74uvbM7oSZrWEn2X20W/BNZCAWPXIoRELi/dNQS1klpBt7oEnCpq5
hY5t44fdsmVgs5qAjA3m6Uh2oORuOlgjpRQDhacJ4MnC/T6wpmMxrIho/qwcGY+P
gWpXOuBYMvct0OJ8Qlby6o1TaGOE+e48ZZLGtPywH2EzjbEu7rWbmUDVpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGizpQZbrDyBsL17z9/KETAE2iXfMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYUxPbEJsdXNQSUd3dlh2UDM4b1JNQVRhSmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWQAwQA
owWoMA0GCSqGSIb3DQEBCwUAA4IBAQBcbpC8Uzb8d/4np+auQXtoYLjRADjEjyil
Xr/asXoVNO8N0UY6NmyIUHV0MmZ+QIhYq7Y6VwuvSWqVlkFd/5pxnQi7Dr6yaeX9
8CdxwIvuItFkTAGtOKjgSDZJoKEw4ed8Rl+gTc1Y8CXDvTrn3QrUJi5ed0AlK1F/
+SIsFjN8YBXmJAqTHW8PH7m11i8YeE+QfriOs7xqbwULAVwQu+k5m5FRykuhnu9m
XghTtyK2B7tXa0r/ZPF9U2elgnGVwddB7icxuacsSEkM1QpFjQ75JXqEV8aOVlVA
LblyAeV4uJHF32HsvTABdOJGMHz9qb+SpAkrpoeVeEI1iJc1S4Mb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:10 2023 by rpki-client on console-ams.rpki-client.org