Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fNCCret2urpSb6hc-Kx_MoP5HO4.roa
File: fNCCret2urpSb6hc-Kx_MoP5HO4.roa (raw, json)
Hash identifier: uxW5SAPwXHti+rfFk/De+QFhnnXlJSgUcYo4eJ7fvvI=
Subject key identifier: 7C:D0:82:AD:EB:76:BA:BA:52:6F:A8:5C:F8:AC:7F:32:83:F9:1C:EE
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01899BED8EB8C83176779F7CD6DF2D989BD9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fNCCret2urpSb6hc-Kx_MoP5HO4.roa
Signing time: Fri 28 Jul 2023 09:56:24 +0000
ROA not before: Fri 28 Jul 2023 09:56:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 163.5.70.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.72.0/24 maxlen: 24
163.5.77.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9b:ed:8e:b8:c8:31:76:77:9f:7c:d6:df:2d:98:9b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 28 09:56:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cd082adeb76baba526fa85cf8ac7f3283f91cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e1:6d:a3:96:aa:aa:f9:31:95:78:e7:1b:ef:
de:34:f8:e2:b3:76:93:ec:9b:6a:1c:21:78:87:5e:
bc:d1:47:59:ff:5c:73:c5:c2:c1:38:f9:78:74:7c:
2d:b2:dc:83:3d:3e:0b:fe:45:da:46:62:c0:3f:38:
bf:ac:a9:8d:96:29:db:b4:c4:d7:7c:be:b9:0f:7d:
a5:24:86:b3:72:64:80:87:ae:55:96:ea:82:ae:e7:
46:f3:de:4b:1f:95:df:1c:5e:93:fe:cd:99:7a:2f:
86:af:11:27:02:83:11:37:76:57:57:05:5b:ca:7d:
6b:8f:ea:2c:a5:12:43:ef:d9:4a:b7:e4:49:04:0b:
63:d1:c8:e2:80:3d:92:fa:9c:0c:e4:ac:55:cc:6c:
27:66:99:5c:e6:66:7d:da:b7:c3:eb:5e:9c:d4:38:
7a:b5:8f:76:73:31:4d:92:ee:d8:d2:ef:ae:fa:52:
5b:e0:b9:52:33:28:4f:16:d4:ee:43:7c:94:b2:13:
73:2b:ce:c8:b4:af:9e:37:65:ca:57:c6:82:ee:9e:
95:8e:df:30:4a:d4:66:6a:42:d7:24:72:ce:f3:4d:
80:08:bb:01:25:64:b4:86:06:f6:07:85:c8:15:95:
d4:b5:a7:ce:a5:8b:d6:0c:63:cf:4b:f8:88:67:51:
0c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D0:82:AD:EB:76:BA:BA:52:6F:A8:5C:F8:AC:7F:32:83:F9:1C:EE
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fNCCret2urpSb6hc-Kx_MoP5HO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.70.0/24
163.5.72.0/24
163.5.76.0/23
163.5.243.0/24
163.5.245.0/24
Signature Algorithm: sha256WithRSAEncryption
87:bb:2e:bb:11:99:c0:9d:24:0d:08:58:9b:5a:c2:2a:e1:41:
91:73:e5:76:2e:3e:37:32:a7:3c:d9:77:9d:96:a3:5c:50:6c:
0e:bd:55:49:2d:1d:d1:95:d7:17:2c:7e:a4:4a:f5:93:d0:40:
15:6c:f3:ed:37:9e:4d:10:94:da:d1:02:fa:c2:72:5a:ea:ea:
60:fa:de:aa:2a:ea:0d:54:6e:a5:5c:57:8a:3f:e9:58:7c:9d:
e0:b7:06:e5:5d:ce:7f:0e:94:87:74:5b:ac:dc:a7:9d:10:8e:
5c:f2:57:ae:56:02:3e:92:2b:c7:8c:8e:d3:8f:22:3d:1d:55:
fe:b2:40:67:89:92:3f:79:2b:ac:50:82:e5:79:ff:e1:f0:4b:
e2:63:13:03:d5:ef:76:db:e1:59:95:3c:64:2c:ad:ab:5f:05:
07:93:9f:70:39:1d:a1:4a:5c:cb:b7:7a:c4:33:fd:61:a3:d4:
d8:67:52:de:21:09:c0:28:62:d9:bb:5a:75:2b:72:a9:a3:ea:
78:07:4a:7b:a9:04:97:81:88:40:71:95:4e:f0:d0:80:65:75:
70:7b:ee:7f:2a:82:1a:fe:74:d3:3f:b5:de:b7:4c:4d:63:e5:
27:c5:af:d5:7a:de:68:93:fb:0c:ad:ef:f4:7d:5d:00:6a:09:
7b:b3:2a:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmb7Y64yDF2d5981t8tmJvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzI4MDk1NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2QwODJhZGViNzZiYWJhNTI2ZmE4NWNmOGFjN2YzMjgzZjkxY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuFto5aqqvkxlXjnG+/eNPjis3aT
7JtqHCF4h1680UdZ/1xzxcLBOPl4dHwtstyDPT4L/kXaRmLAPzi/rKmNlinbtMTX
fL65D32lJIazcmSAh65VluqCrudG895LH5XfHF6T/s2Zei+GrxEnAoMRN3ZXVwVb
yn1rj+ospRJD79lKt+RJBAtj0cjigD2S+pwM5KxVzGwnZplc5mZ92rfD616c1Dh6
tY92czFNku7Y0u+u+lJb4LlSMyhPFtTuQ3yUshNzK87ItK+eN2XKV8aC7p6Vjt8w
StRmakLXJHLO802ACLsBJWS0hgb2B4XIFZXUtafOpYvWDGPPS/iIZ1EMLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHzQgq3rdrq6Um+oXPisfzKD+RzuMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZk5DQ3JldDJ1cnBTYjZoYy1LeF9Nb1A1SE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowVGAwQA
owVIAwQBowVMAwQAowXzAwQAowX1MA0GCSqGSIb3DQEBCwUAA4IBAQCHuy67EZnA
nSQNCFibWsIq4UGRc+V2Lj43Mqc82XedlqNcUGwOvVVJLR3RldcXLH6kSvWT0EAV
bPPtN55NEJTa0QL6wnJa6upg+t6qKuoNVG6lXFeKP+lYfJ3gtwblXc5/DpSHdFus
3KedEI5c8leuVgI+kivHjI7TjyI9HVX+skBniZI/eSusUILlef/h8EviYxMD1e92
2+FZlTxkLK2rXwUHk59wOR2hSlzLt3rEM/1ho9TYZ1LeIQnAKGLZu1p1K3Kpo+p4
B0p7qQSXgYhAcZVO8NCAZXVwe+5/KoIa/nTTP7Xet0xNY+Unxa/Vet5ok/sMre/0
fV0Aagl7syp2
-----END CERTIFICATE-----
Generated at Sun Aug 6 10:21:29 2023 by rpki-client on console-fra.rpki-client.org