Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cvh2EfV1pbtAZuiW0GSUJcA-zEU.roa
File: cvh2EfV1pbtAZuiW0GSUJcA-zEU.roa (raw, json)
Hash identifier: HsLZGRI27PKKrtBPrEM/Jl22BbbUSUG4nMAAI1sPJ2A=
Subject key identifier: 72:F8:76:11:F5:75:A5:BB:40:66:E8:96:D0:64:94:25:C0:3E:CC:45
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018BA2CE60C10D9154D15D4F08215ADF5BDF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cvh2EfV1pbtAZuiW0GSUJcA-zEU.roa
Signing time: Mon 06 Nov 2023 04:05:16 +0000
ROA not before: Mon 06 Nov 2023 04:05:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 163.5.114.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.236.0/24 maxlen: 24
163.5.234.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a2:ce:60:c1:0d:91:54:d1:5d:4f:08:21:5a:df:5b:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 6 04:05:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72f87611f575a5bb4066e896d0649425c03ecc45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ce:a2:66:cf:43:cc:27:83:a4:99:d0:51:70:
28:76:7c:fe:40:ac:36:b4:00:ac:11:45:7c:08:ae:
5d:61:4c:2f:08:c8:ac:cf:5d:04:52:bb:a9:19:e1:
57:d5:ae:bb:01:89:81:75:7a:a2:9c:70:9d:8d:81:
68:7d:b5:8b:70:e7:c6:58:4b:61:86:20:c7:e1:e2:
2a:79:4e:1a:f1:8c:74:bd:99:c1:8c:7f:5f:02:d3:
2b:64:49:12:0d:18:7c:bf:56:e4:a9:8c:b2:ba:3c:
b9:a9:b5:95:89:a2:82:62:94:89:16:10:7b:27:5a:
b1:6f:71:80:c6:70:f7:e4:b5:6d:f5:52:82:9f:0e:
a5:d3:56:55:66:86:1e:81:34:c9:9b:9b:6d:49:bc:
bf:04:fb:27:d5:0c:b5:21:e3:40:05:2e:aa:e8:57:
90:f5:bc:65:df:34:bc:d2:bd:29:3b:69:78:6f:6d:
35:0c:21:a4:70:1c:94:b7:eb:62:1c:f6:8a:ea:c9:
6f:f5:e8:30:78:f7:95:50:8f:f8:e7:25:7e:6e:5b:
b6:5b:40:7f:62:f2:ad:f1:9e:f3:2b:44:f4:76:bb:
43:cb:e4:bf:1a:e4:eb:b8:33:6c:36:09:83:5c:39:
28:00:e8:5c:65:16:4a:1c:b9:c4:3a:10:8d:63:5e:
11:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F8:76:11:F5:75:A5:BB:40:66:E8:96:D0:64:94:25:C0:3E:CC:45
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cvh2EfV1pbtAZuiW0GSUJcA-zEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.113.0-163.5.114.255
163.5.146.0/24
163.5.224.0/24
163.5.234.0/24
163.5.236.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:52:fb:3c:46:d6:dd:18:99:0c:94:5e:13:1b:43:5b:e2:b7:
8d:b1:de:84:69:69:4f:2a:a3:7a:e7:4a:0e:af:5b:c0:17:fd:
c3:3a:8f:c3:a6:de:fa:e8:fa:36:08:79:db:3b:46:5a:c3:7d:
5c:aa:10:80:8d:57:61:91:18:43:e1:50:6d:bf:fb:f4:73:ca:
7e:7f:ce:73:9a:a0:b8:77:9a:57:e4:05:a1:36:39:4a:d8:ab:
5f:00:6b:e4:6e:38:22:37:bd:04:d8:c5:aa:94:0c:52:cb:4c:
5e:0a:c1:43:a4:73:d9:4e:59:12:f1:0a:d7:8c:4f:bf:fb:fa:
86:9f:b2:4d:28:2f:0d:dd:9a:0c:c5:d5:c4:09:00:cb:d7:46:
f8:11:22:ad:79:c4:66:20:11:c9:e8:3b:c2:f9:e7:73:3c:69:
a8:f1:0c:c6:ff:18:26:40:69:10:c2:0a:0c:bc:10:96:59:0d:
b3:c9:7a:8a:5f:1e:c6:8b:03:f4:53:46:db:fd:52:64:a8:c7:
09:81:c6:fb:2a:74:c3:35:c9:62:a3:83:c7:cb:d1:79:92:10:
9c:be:5d:26:5c:61:bd:32:00:58:5e:c1:9f:a7:d0:94:e4:3e:
e2:3b:49:6a:9d:38:cd:df:f6:25:93:c6:c7:17:38:6a:f2:7f:
f0:c6:fb:e6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYuizmDBDZFU0V1PCCFa31vfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTA2MDQwNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmY4NzYxMWY1NzVhNWJiNDA2NmU4OTZkMDY0OTQyNWMwM2VjYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM6iZs9DzCeDpJnQUXAodnz+QKw2
tACsEUV8CK5dYUwvCMisz10EUrupGeFX1a67AYmBdXqinHCdjYFofbWLcOfGWEth
hiDH4eIqeU4a8Yx0vZnBjH9fAtMrZEkSDRh8v1bkqYyyujy5qbWViaKCYpSJFhB7
J1qxb3GAxnD35LVt9VKCnw6l01ZVZoYegTTJm5ttSby/BPsn1Qy1IeNABS6q6FeQ
9bxl3zS80r0pO2l4b201DCGkcByUt+tiHPaK6slv9egwePeVUI/45yV+blu2W0B/
YvKt8Z7zK0T0drtDy+S/GuTruDNsNgmDXDkoAOhcZRZKHLnEOhCNY14RqwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHL4dhH1daW7QGboltBklCXAPsxFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvY3ZoMkVmVjFwYnRBWnVpVzBHU1VKY0EtekVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBACjBXED
BACjBXIDBACjBZIDBACjBeADBACjBeoDBACjBewwDQYJKoZIhvcNAQELBQADggEB
AKxS+zxG1t0YmQyUXhMbQ1vit42x3oRpaU8qo3rnSg6vW8AX/cM6j8Om3vro+jYI
eds7RlrDfVyqEICNV2GRGEPhUG2/+/Rzyn5/znOaoLh3mlfkBaE2OUrYq18Aa+Ru
OCI3vQTYxaqUDFLLTF4KwUOkc9lOWRLxCteMT7/7+oafsk0oLw3dmgzF1cQJAMvX
RvgRIq15xGYgEcnoO8L553M8aajxDMb/GCZAaRDCCgy8EJZZDbPJeopfHsaLA/RT
Rtv9UmSoxwmBxvsqdMM1yWKjg8fL0XmSEJy+XSZcYb0yAFhewZ+n0JTkPuI7SWqd
OM3f9iWTxscXOGryf/DG++Y=
-----END CERTIFICATE-----
Generated at Fri Nov 10 03:57:02 2023 by rpki-client on console-fra.rpki-client.org