Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/duPBmMnBnlYC3ZQAN-hHvVE1LEw.roa
File: duPBmMnBnlYC3ZQAN-hHvVE1LEw.roa (raw, json)
Hash identifier: tMd7ORS5WOCY3+nUdXtC281inAND8yxSLgjOkPgXDS4=
Subject key identifier: 76:E3:C1:98:C9:C1:9E:56:02:DD:94:00:37:E8:47:BD:51:35:2C:4C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188950F7A0074D69122EEAB084E075B7A27
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/duPBmMnBnlYC3ZQAN-hHvVE1LEw.roa
Signing time: Wed 07 Jun 2023 08:53:19 +0000
ROA not before: Wed 07 Jun 2023 08:53:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198883
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:0f:7a:00:74:d6:91:22:ee:ab:08:4e:07:5b:7a:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 7 08:53:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76e3c198c9c19e5602dd940037e847bd51352c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:21:ce:96:fe:ac:18:49:9d:d8:0b:2c:6d:ae:
bb:b7:e1:4e:26:51:c8:ee:47:43:65:21:24:32:4e:
4b:b9:b9:f9:50:a6:e5:7a:ca:5f:6c:ee:9c:d8:79:
01:f3:d8:88:9d:c5:3a:3c:e0:e1:c1:cf:72:26:ff:
9a:ff:fa:bd:b8:5d:a9:c1:2d:cd:e4:bf:c1:63:cb:
b5:9f:a0:df:7a:f9:15:d2:e6:9e:f8:db:51:92:32:
78:ed:6e:44:2a:7d:12:e6:c5:64:06:e5:a2:b2:29:
69:ac:0e:96:b0:f4:cc:62:96:1a:1e:af:85:b8:24:
55:e1:b1:39:98:98:6e:42:91:18:ce:8d:63:59:f7:
1e:23:bb:6f:41:32:ca:23:f9:e2:32:40:f4:76:ea:
55:2c:0b:d1:fc:62:cd:1c:f9:10:b0:67:29:74:39:
d6:01:4d:8f:03:20:53:70:92:00:53:30:7f:99:e2:
9f:6c:5c:90:45:f3:56:ae:ef:ff:e8:86:5f:25:1e:
49:7f:ee:1c:ab:0e:e5:c5:1a:ad:4b:cb:af:3c:20:
fc:d5:56:4e:ad:a7:74:a0:51:1b:01:4e:da:93:ca:
6a:d1:b0:1a:d6:84:7e:f7:41:64:af:61:36:f9:ef:
2e:0f:2b:65:3f:9c:cf:d0:82:bf:d1:7a:8a:86:12:
df:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E3:C1:98:C9:C1:9E:56:02:DD:94:00:37:E8:47:BD:51:35:2C:4C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/duPBmMnBnlYC3ZQAN-hHvVE1LEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.144.0/24
163.5.154.0/24
163.5.192.0/23
163.5.214.0/24
163.5.233.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:9e:2f:e9:88:2c:b7:7a:c4:8b:0c:e1:d7:29:ed:f8:42:75:
8f:c4:ae:c9:37:6c:97:b8:5b:37:14:01:16:2c:ce:3e:84:92:
8d:9c:8b:eb:7f:a1:c3:e0:38:8b:9d:71:78:7d:1d:da:15:50:
77:77:31:b1:6b:f3:8d:16:27:39:cd:69:50:4f:4e:21:34:af:
81:d7:30:98:8e:b7:62:96:58:3d:de:09:1a:21:c5:64:8f:e3:
21:75:44:e6:0d:e5:69:44:5c:80:d9:66:82:87:40:84:6e:fc:
66:2a:eb:e0:ac:0c:95:4e:9d:e5:fa:7d:b9:73:ec:b1:83:b3:
75:b3:bc:b0:63:c6:a4:cf:66:d2:95:40:00:98:98:de:ff:58:
60:6c:d8:81:7b:3c:21:d4:08:a7:14:f6:46:16:b0:8e:14:e4:
aa:c6:b7:c6:e6:d8:95:6d:16:bd:21:ce:41:e1:15:25:97:50:
76:e1:5c:8c:0f:1a:0b:4d:ba:b0:2e:76:de:60:ea:aa:90:19:
6f:fe:60:7a:85:41:ec:af:4f:3c:19:b3:74:f3:92:fc:48:4c:
98:65:89:22:6d:34:b5:34:4e:42:6d:6d:79:5f:4a:56:c6:df:
1b:57:d1:c6:fc:f7:8b:25:ab:7c:86:66:e1:57:de:ed:e7:a5:
b4:a4:a1:ba
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYiVD3oAdNaRIu6rCE4HW3onMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjA3MDg1MzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmUzYzE5OGM5YzE5ZTU2MDJkZDk0MDAzN2U4NDdiZDUxMzUyYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSHOlv6sGEmd2Assba67t+FOJlHI
7kdDZSEkMk5Lubn5UKblespfbO6c2HkB89iIncU6PODhwc9yJv+a//q9uF2pwS3N
5L/BY8u1n6DfevkV0uae+NtRkjJ47W5EKn0S5sVkBuWisilprA6WsPTMYpYaHq+F
uCRV4bE5mJhuQpEYzo1jWfceI7tvQTLKI/niMkD0dupVLAvR/GLNHPkQsGcpdDnW
AU2PAyBTcJIAUzB/meKfbFyQRfNWru//6IZfJR5Jf+4cqw7lxRqtS8uvPCD81VZO
rad0oFEbAU7ak8pq0bAa1oR+90Fkr2E2+e8uDytlP5zP0IK/0XqKhhLf8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHbjwZjJwZ5WAt2UADfoR71RNSxMMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZHVQQm1NbkJubFlDM1pRQU4taEh2VkUxTEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowWQAwQA
owWaAwQBowXAAwQAowXWAwQAowXpMA0GCSqGSIb3DQEBCwUAA4IBAQAKni/piCy3
esSLDOHXKe34QnWPxK7JN2yXuFs3FAEWLM4+hJKNnIvrf6HD4DiLnXF4fR3aFVB3
dzGxa/ONFic5zWlQT04hNK+B1zCYjrdillg93gkaIcVkj+MhdUTmDeVpRFyA2WaC
h0CEbvxmKuvgrAyVTp3l+n25c+yxg7N1s7ywY8akz2bSlUAAmJje/1hgbNiBezwh
1AinFPZGFrCOFOSqxrfG5tiVbRa9Ic5B4RUll1B24VyMDxoLTbqwLnbeYOqqkBlv
/mB6hUHsr088GbN085L8SEyYZYkibTS1NE5CbW15X0pWxt8bV9HG/PeLJat8hmbh
V97t56W0pKG6
-----END CERTIFICATE-----
Generated at Tue Aug 8 12:00:43 2023 by rpki-client on console-fra.rpki-client.org