Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iqX0QSHfoDKg9viSRoCo926OxcE.roa
File: iqX0QSHfoDKg9viSRoCo926OxcE.roa (raw, json)
Hash identifier: va46AIqrF5PNC7f/mDnVA6yyZ6dI9jTT5JGwFGJHkzs=
Subject key identifier: 8A:A5:F4:41:21:DF:A0:32:A0:F6:F8:92:46:80:A8:F7:6E:8E:C5:C1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01858C79FA1C0256D115F6AE0D008506E3A5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iqX0QSHfoDKg9viSRoCo926OxcE.roa
Signing time: Sat 07 Jan 2023 13:44:42 +0000
ROA not before: Sat 07 Jan 2023 13:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8c:79:fa:1c:02:56:d1:15:f6:ae:0d:00:85:06:e3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 7 13:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8aa5f44121dfa032a0f6f8924680a8f76e8ec5c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d4:23:67:03:d1:4e:46:be:5d:ff:9c:db:cb:
dd:11:61:eb:8b:aa:8d:55:81:f6:98:4a:cd:c3:ac:
e9:7f:ac:36:85:a3:8d:0d:84:e0:dc:8a:04:ae:a7:
d3:d5:75:f4:31:de:3b:e6:ea:32:e0:8e:1a:9f:3e:
70:a0:92:22:99:91:99:53:ca:55:9b:bd:35:aa:cf:
53:fb:6f:36:15:dc:7a:32:93:8a:84:28:83:49:6c:
90:5e:b6:81:e7:d5:43:47:97:a5:cc:31:dc:69:31:
b3:f5:5a:84:bd:c3:2d:31:1b:42:f0:99:16:84:8d:
53:7e:ec:eb:ad:80:76:3c:32:33:22:71:91:3c:01:
f4:1b:eb:4f:b7:64:64:67:d9:16:39:fb:f1:ca:a9:
7c:96:3c:1f:4a:76:62:6b:3e:cf:f1:67:11:1a:e9:
8a:aa:7f:dc:0b:42:24:4c:08:33:19:ad:94:0a:13:
77:0a:3f:5f:20:0e:b1:12:7e:0a:af:cc:d5:0a:71:
b9:d6:48:f0:4c:88:c3:9d:6d:3a:06:f5:b9:62:3f:
a7:92:7a:f3:07:e7:43:97:0c:3a:4c:33:55:e9:f3:
01:5f:fb:1c:f6:45:74:7a:fd:ff:13:94:8c:c8:5d:
07:f1:ff:f7:95:8c:dd:43:b6:eb:ce:52:bf:17:c6:
11:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A5:F4:41:21:DF:A0:32:A0:F6:F8:92:46:80:A8:F7:6E:8E:C5:C1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iqX0QSHfoDKg9viSRoCo926OxcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.110.0/23
163.5.126.0/24
163.5.128.0/24
163.5.165.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:68:49:65:7d:82:fe:58:38:ac:4e:5f:4b:8a:d0:52:05:ca:
04:fc:26:49:95:0d:87:69:ea:a2:74:35:01:25:d3:c6:ee:1f:
0d:ed:e7:ca:38:51:b5:d2:36:e7:42:f1:5f:79:03:0f:80:13:
18:f8:81:55:dd:12:35:ce:29:bc:01:da:32:62:b9:e3:e1:fb:
fc:42:e8:87:d9:ea:7e:69:0c:32:ba:d6:e5:29:48:d4:04:84:
6f:ed:2a:13:12:e6:2e:90:cf:45:0d:8c:51:fb:77:26:e4:82:
c1:22:88:bc:b7:d5:81:26:03:d9:b5:9c:ab:2e:f4:04:ce:d7:
d7:02:60:e9:5a:b4:71:9c:11:61:f3:5e:0c:0c:19:6c:4b:dc:
8b:9d:68:a9:3a:b5:1e:29:f1:a5:5f:49:7f:33:31:67:e1:ca:
04:a1:a9:9e:d7:d1:7d:f0:09:07:9a:e9:c2:1d:0a:2e:f4:ea:
0f:92:64:d9:00:6c:b2:ed:39:b9:e2:90:29:43:b5:bf:98:22:
3e:08:3c:07:ca:b5:01:a2:16:11:ed:ff:27:79:be:ae:2e:31:
f0:e6:86:97:41:1e:76:d1:e0:e1:33:e1:25:e9:0f:0b:d4:13:
cc:e6:5c:4c:ab:26:72:f9:73:83:e2:d6:0b:a5:28:d3:be:a9:
51:31:02:8d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYWMefocAlbRFfauDQCFBuOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTA3MTM0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWE1ZjQ0MTIxZGZhMDMyYTBmNmY4OTI0NjgwYThmNzZlOGVjNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19QjZwPRTka+Xf+c28vdEWHri6qN
VYH2mErNw6zpf6w2haONDYTg3IoErqfT1XX0Md475uoy4I4anz5woJIimZGZU8pV
m701qs9T+282Fdx6MpOKhCiDSWyQXraB59VDR5elzDHcaTGz9VqEvcMtMRtC8JkW
hI1TfuzrrYB2PDIzInGRPAH0G+tPt2RkZ9kWOfvxyql8ljwfSnZiaz7P8WcRGumK
qn/cC0IkTAgzGa2UChN3Cj9fIA6xEn4Kr8zVCnG51kjwTIjDnW06BvW5Yj+nknrz
B+dDlww6TDNV6fMBX/sc9kV0ev3/E5SMyF0H8f/3lYzdQ7brzlK/F8YRLwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIql9EEh36AyoPb4kkaAqPdujsXBMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaXFYMFFTSGZvREtnOXZpU1JvQ285MjZPeGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBowVuAwQA
owV+AwQAowWAAwQAowWlAwQAowX6AwQAowX9MA0GCSqGSIb3DQEBCwUAA4IBAQCr
aEllfYL+WDisTl9LitBSBcoE/CZJlQ2HaeqidDUBJdPG7h8N7efKOFG10jbnQvFf
eQMPgBMY+IFV3RI1zim8AdoyYrnj4fv8QuiH2ep+aQwyutblKUjUBIRv7SoTEuYu
kM9FDYxR+3cm5ILBIoi8t9WBJgPZtZyrLvQEztfXAmDpWrRxnBFh814MDBlsS9yL
nWipOrUeKfGlX0l/MzFn4coEoame19F98AkHmunCHQou9OoPkmTZAGyy7Tm54pAp
Q7W/mCI+CDwHyrUBohYR7f8neb6uLjHw5oaXQR520eDhM+El6Q8L1BPM5lxMqyZy
+XOD4tYLpSjTvqlRMQKN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:22 2023 by rpki-client on console-fra.rpki-client.org