Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/e9Ebp1jVaHNpfdCTZPe2dLvtd5g.roa
File: e9Ebp1jVaHNpfdCTZPe2dLvtd5g.roa (raw, json)
Hash identifier: ojBofR2A7Ald3JiOHBZaLFdCdgTJyzPGbUpkw3PaJig=
Subject key identifier: 7B:D1:1B:A7:58:D5:68:73:69:7D:D0:93:64:F7:B6:74:BB:ED:77:98
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC4255F300AE216BAC54AB82E4BB88376
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/e9Ebp1jVaHNpfdCTZPe2dLvtd5g.roa
Signing time: Mon 01 Jan 2024 08:30:32 +0000
ROA not before: Mon 01 Jan 2024 08:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198831
IP address blocks: 163.5.242.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 14:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5f:30:0a:e2:16:ba:c5:4a:b8:2e:4b:b8:83:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bd11ba758d56873697dd09364f7b674bbed7798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0d:29:9a:c5:d8:df:ac:4f:5d:04:70:a7:67:
b3:a3:19:e7:fd:bf:15:82:74:26:91:8f:fd:77:1a:
01:10:53:69:e1:5a:31:52:ad:45:0e:32:23:f8:d6:
7b:75:c5:64:14:2a:98:eb:be:c4:4b:72:7d:03:cd:
7c:e2:84:4d:6a:3a:41:62:8a:8d:94:64:53:6b:fe:
e1:8e:b3:ca:6e:92:ca:67:fb:da:2b:15:7a:89:08:
88:35:fd:65:e1:d5:ca:04:75:93:36:39:64:30:fe:
10:20:a8:1d:6c:30:01:a5:4b:70:e7:52:44:13:b7:
a9:8a:bb:e2:7c:6d:82:27:65:ba:34:ed:2d:4b:49:
58:fe:ed:66:8d:00:28:c3:91:79:cf:66:21:16:b2:
20:9c:0b:0c:39:ae:ec:53:3e:3e:f1:b6:47:ef:60:
44:b3:0b:bb:05:0a:66:91:67:b6:51:10:90:cf:f6:
29:5c:31:06:9b:72:d8:bc:45:8a:16:8e:2f:b5:6d:
5c:5c:0c:53:65:3b:9d:33:9b:b7:b8:b9:c2:fa:7f:
c8:f5:65:4d:b9:a5:f2:1d:b0:f6:67:51:3e:83:6a:
2f:32:f0:95:74:75:2d:3c:bc:c6:c1:23:a2:ef:68:
e9:46:0e:76:6d:45:8b:77:0e:27:9f:3c:f4:ba:66:
6b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D1:1B:A7:58:D5:68:73:69:7D:D0:93:64:F7:B6:74:BB:ED:77:98
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/e9Ebp1jVaHNpfdCTZPe2dLvtd5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.59.0/24
163.5.242.0/24
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
91:a6:79:5d:ed:88:9b:91:f6:7a:7f:69:8f:70:98:2f:37:b5:
f7:42:49:a1:eb:7c:87:4e:41:04:4e:fc:d2:6f:84:69:d1:c3:
1a:4f:d8:01:57:db:c6:36:8a:37:7b:55:0f:5e:63:fe:97:71:
a9:69:f1:ae:c8:b0:07:b3:b8:f7:fe:5a:fd:fc:5d:2e:ce:20:
6c:3b:6e:f9:34:95:e6:95:71:cd:17:73:8e:9b:0b:a3:3e:a8:
6e:64:cb:96:4e:6c:53:a4:66:53:1e:5e:1e:49:5d:2b:d9:c5:
84:b4:ef:39:0a:8c:f7:e3:58:75:49:03:89:96:36:97:57:23:
49:ee:62:81:03:32:fd:1b:48:c3:69:ef:8f:fb:38:30:84:75:
3f:e1:e2:1e:15:34:f6:78:1e:f7:6c:d5:bd:90:02:80:e1:1f:
6b:61:ab:ff:a7:8e:f7:77:34:28:cc:23:bb:c7:6f:36:e7:6f:
55:1b:b6:6e:84:31:e8:a2:f0:be:d3:14:e0:dc:b9:a1:c7:8b:
56:c1:34:10:d5:8d:61:bb:dd:d4:a1:13:73:a0:93:81:15:5f:
4e:c5:1c:9c:2d:30:5f:fa:09:3c:e0:36:2d:8c:f9:5f:15:60:
b0:55:d2:23:d4:6c:de:37:41:65:7f:92:88:9c:55:cb:2f:c7:
6b:2d:90:58
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJV8wCuIWusVKuC5LuIN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQxMWJhNzU4ZDU2ODczNjk3ZGQwOTM2NGY3YjY3NGJiZWQ3Nzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw0pmsXY36xPXQRwp2ezoxnn/b8V
gnQmkY/9dxoBEFNp4VoxUq1FDjIj+NZ7dcVkFCqY677ES3J9A8184oRNajpBYoqN
lGRTa/7hjrPKbpLKZ/vaKxV6iQiINf1l4dXKBHWTNjlkMP4QIKgdbDABpUtw51JE
E7epirvifG2CJ2W6NO0tS0lY/u1mjQAow5F5z2YhFrIgnAsMOa7sUz4+8bZH72BE
swu7BQpmkWe2URCQz/YpXDEGm3LYvEWKFo4vtW1cXAxTZTudM5u3uLnC+n/I9WVN
uaXyHbD2Z1E+g2ovMvCVdHUtPLzGwSOi72jpRg52bUWLdw4nnzz0umZrBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHvRG6dY1WhzaX3Qk2T3tnS77XeYMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZTlFYnAxalZhSE5wZmRDVFpQZTJkTHZ0ZDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowU7AwQA
owXyAwQAuf02MA0GCSqGSIb3DQEBCwUAA4IBAQCRpnld7YibkfZ6f2mPcJgvN7X3
Qkmh63yHTkEETvzSb4Rp0cMaT9gBV9vGNoo3e1UPXmP+l3GpafGuyLAHs7j3/lr9
/F0uziBsO275NJXmlXHNF3OOmwujPqhuZMuWTmxTpGZTHl4eSV0r2cWEtO85Coz3
41h1SQOJljaXVyNJ7mKBAzL9G0jDae+P+zgwhHU/4eIeFTT2eB73bNW9kAKA4R9r
Yav/p473dzQozCO7x282529VG7ZuhDHoovC+0xTg3Lmhx4tWwTQQ1Y1hu93UoRNz
oJOBFV9OxRycLTBf+gk84DYtjPlfFWCwVdIj1GzeN0Flf5KInFXLL8drLZBY
-----END CERTIFICATE-----
Generated at Fri Feb 9 18:37:58 2024 by rpki-client on console-fra.rpki-client.org