Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iEZx2GLJKifNDKrKXel4hYI8Mx8.roa
File: iEZx2GLJKifNDKrKXel4hYI8Mx8.roa (raw, json)
Hash identifier: YsHfx0XznYAJlApB1ebJeIz/rWwc2aE0e80AqyQ7Afk=
Subject key identifier: 88:46:71:D8:62:C9:2A:27:CD:0C:AA:CA:5D:E9:78:85:82:3C:33:1F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01878000FF28C3FE573523258AF3D712E5C4
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iEZx2GLJKifNDKrKXel4hYI8Mx8.roa
Signing time: Fri 14 Apr 2023 13:42:41 +0000
ROA not before: Fri 14 Apr 2023 13:42:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.71.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:00:ff:28:c3:fe:57:35:23:25:8a:f3:d7:12:e5:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 14 13:42:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=884671d862c92a27cd0caaca5de97885823c331f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2a:11:db:d0:b1:ed:cb:cb:8c:d5:e5:51:4f:
9b:a6:d7:e3:5d:5d:42:17:e6:c7:82:dc:cb:67:5a:
97:7d:b2:63:62:0e:be:13:ee:b5:be:67:f9:c1:33:
6e:13:69:48:e9:a9:42:a0:37:39:88:a9:4f:ca:78:
00:b5:60:b3:bc:f0:ed:e2:ba:c8:33:f4:a8:e6:4f:
52:7f:cf:6f:00:a2:1a:9f:05:cf:60:dd:87:1b:64:
a4:31:e8:06:cd:6e:ad:66:11:9e:7d:18:c9:fd:20:
2d:da:0a:26:f6:0b:7c:49:9d:ff:ca:a3:08:bf:fc:
47:f1:f9:41:d3:27:b8:b7:c3:a1:01:ce:d1:9d:df:
a8:fc:0e:48:7a:d8:57:c1:7b:1f:fc:d3:19:a4:45:
96:9b:c0:da:ca:a9:aa:59:37:60:f6:d9:27:3d:f9:
a1:dc:69:4f:39:eb:62:c3:b2:eb:2d:e7:0f:fa:d5:
20:2b:80:f9:65:3b:9a:b3:5c:6d:9c:43:70:99:a3:
c0:e4:0e:e9:c7:56:8b:45:e8:78:19:26:04:46:0a:
2e:95:be:b1:34:e9:08:81:14:dd:07:73:ba:f6:12:
92:a7:81:42:7b:4f:2b:15:60:73:2e:ad:64:9d:40:
cd:e9:94:80:d8:d8:8d:1c:1f:fc:34:10:4b:79:12:
3d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:46:71:D8:62:C9:2A:27:CD:0C:AA:CA:5D:E9:78:85:82:3C:33:1F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iEZx2GLJKifNDKrKXel4hYI8Mx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.60.0/24
163.5.71.0/24
163.5.101.0/24
163.5.108.0/24
163.5.134.0/24
163.5.189.0/24
163.5.192.0/24
163.5.228.0/24
163.5.238.0/24
Signature Algorithm: sha256WithRSAEncryption
42:14:c0:78:2a:51:93:58:b5:3a:e6:ba:f3:62:a4:ff:0d:23:
0d:14:51:b1:ba:e9:79:62:3c:1f:4f:3e:92:05:57:62:94:dc:
16:f0:28:8a:07:99:04:d9:fb:b8:4e:2c:1f:c4:5e:34:da:83:
37:1b:53:05:c6:62:84:44:e3:39:f4:72:a8:2c:19:6f:2a:4a:
35:39:ba:67:03:34:dd:b9:66:de:da:ce:4d:b4:7b:81:bc:25:
77:d2:66:21:ac:3d:a3:12:16:4f:c7:ef:cf:e1:6c:c8:b0:49:
16:f1:41:15:00:94:8d:ac:22:74:db:2c:cb:10:80:bb:db:f4:
09:66:78:b3:e2:78:74:22:d2:89:b8:b2:1c:1c:a9:79:ce:b4:
db:ce:7f:cd:a1:74:a9:2f:db:15:eb:1a:f4:ee:57:45:09:b4:
ea:fd:8e:09:06:f9:af:a3:96:b6:63:c1:3f:d8:0f:80:52:aa:
2b:ba:03:da:e1:e2:2c:59:e8:9b:aa:cd:af:a3:47:3d:b5:68:
13:09:a6:dd:8a:5f:76:04:0d:5e:0d:83:e4:5b:61:32:8e:5b:
19:67:f4:32:19:a2:97:ea:8c:ff:95:c7:0f:11:ed:82:c9:09:
4d:bf:5a:8b:22:8c:67:00:bc:8e:a5:81:9d:f0:a6:fe:32:83:
13:8f:6b:a0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYeAAP8ow/5XNSMlivPXEuXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDE0MTM0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODQ2NzFkODYyYzkyYTI3Y2QwY2FhY2E1ZGU5Nzg4NTgyM2MzMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkioR29Cx7cvLjNXlUU+bptfjXV1C
F+bHgtzLZ1qXfbJjYg6+E+61vmf5wTNuE2lI6alCoDc5iKlPyngAtWCzvPDt4rrI
M/So5k9Sf89vAKIanwXPYN2HG2SkMegGzW6tZhGefRjJ/SAt2gom9gt8SZ3/yqMI
v/xH8flB0ye4t8OhAc7Rnd+o/A5IethXwXsf/NMZpEWWm8DayqmqWTdg9tknPfmh
3GlPOetiw7LrLecP+tUgK4D5ZTuas1xtnENwmaPA5A7px1aLReh4GSYERgoulb6x
NOkIgRTdB3O69hKSp4FCe08rFWBzLq1knUDN6ZSA2NiNHB/8NBBLeRI9+wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIhGcdhiySonzQyqyl3peIWCPDMfMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaUVaeDJHTEpLaWZOREtyS1hlbDRoWUk4TXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAowU8AwQA
owVHAwQAowVlAwQAowVsAwQAowWGAwQAowW9AwQAowXAAwQAowXkAwQAowXuMA0G
CSqGSIb3DQEBCwUAA4IBAQBCFMB4KlGTWLU65rrzYqT/DSMNFFGxuul5YjwfTz6S
BVdilNwW8CiKB5kE2fu4TiwfxF402oM3G1MFxmKEROM59HKoLBlvKko1ObpnAzTd
uWbe2s5NtHuBvCV30mYhrD2jEhZPx+/P4WzIsEkW8UEVAJSNrCJ02yzLEIC72/QJ
Zniz4nh0ItKJuLIcHKl5zrTbzn/NoXSpL9sV6xr07ldFCbTq/Y4JBvmvo5a2Y8E/
2A+AUqorugPa4eIsWeibqs2vo0c9tWgTCabdil92BA1eDYPkW2EyjlsZZ/QyGaKX
6oz/lccPEe2CyQlNv1qLIoxnALyOpYGd8Kb+MoMTj2ug
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:22 2023 by rpki-client on console-fra.rpki-client.org