Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jECDEKT4M_Z5hCxjyHUpEhNVmNY.roa
File: jECDEKT4M_Z5hCxjyHUpEhNVmNY.roa (raw, json)
Hash identifier: 1pSDTNPuX830B/tDd/xAbKtOO2Ip6b7LLBVrpTKHBUU=
Subject key identifier: 8C:40:83:10:A4:F8:33:F6:79:84:2C:63:C8:75:29:12:13:55:98:D6
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042B1D4873295E69E1B07DC072F102C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jECDEKT4M_Z5hCxjyHUpEhNVmNY.roa
Signing time: Mon 02 Jan 2023 02:14:57 +0000
ROA not before: Mon 02 Jan 2023 02:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 163.5.199.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.208.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.207.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 09:14:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:b1:d4:87:32:95:e6:9e:1b:07:dc:07:2f:10:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c408310a4f833f679842c63c8752912135598d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:90:96:fc:c7:b1:5f:36:a6:f5:13:83:68:ea:
8d:16:d9:c7:35:f9:cc:f0:b0:a8:ca:ea:db:91:92:
65:91:ff:f6:36:bc:e9:33:18:15:45:0b:f3:a2:b2:
c3:4b:ae:0f:2f:ef:ba:88:96:35:e8:88:b4:49:4c:
6f:52:9c:72:3d:41:2b:c8:0d:c4:e2:77:b2:28:df:
d1:d3:7d:5c:c3:e9:34:83:1f:bc:6b:d9:45:36:4a:
83:ea:12:5c:d8:e1:f4:94:d5:69:70:fa:78:66:03:
3d:e9:1f:26:7e:8d:67:7f:10:72:0c:0d:49:80:9c:
3a:c2:05:ef:07:b8:1b:8e:3a:b6:11:50:7c:ce:42:
8d:49:59:7c:d8:c3:ed:8d:d2:f7:53:e2:d0:f5:d0:
af:97:39:02:53:13:84:9d:b9:13:9b:5b:1d:02:1b:
50:25:14:89:77:4d:9e:76:98:97:dc:c6:ac:a7:1f:
99:fb:35:39:db:9d:7a:e5:a2:db:54:39:34:cb:6a:
1f:20:af:91:f7:fd:83:65:08:13:3c:64:e4:79:d5:
48:13:92:c4:89:53:15:ee:9d:95:51:7c:45:78:4d:
1c:c8:31:20:96:20:02:b1:a3:42:d5:0c:01:4b:cd:
dd:bf:93:c7:d3:1e:38:04:6f:82:de:45:81:88:8f:
a5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:40:83:10:A4:F8:33:F6:79:84:2C:63:C8:75:29:12:13:55:98:D6
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jECDEKT4M_Z5hCxjyHUpEhNVmNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.155.0-163.5.157.255
163.5.199.0/24
163.5.206.0-163.5.209.255
Signature Algorithm: sha256WithRSAEncryption
1e:21:c5:63:b7:0e:e3:3d:8d:36:be:db:b2:aa:04:fe:14:79:
ca:99:a1:ff:a3:ea:46:0b:45:cc:9b:55:4d:53:69:08:ca:6b:
91:86:41:91:8a:49:72:6b:88:6c:ff:76:6e:88:ff:fe:4b:9a:
ac:38:78:16:5d:07:75:a5:32:be:9f:7d:71:b2:75:39:5a:31:
0d:83:58:8b:9a:89:69:33:22:c6:8f:6e:8c:a3:86:0a:1c:25:
e5:e0:25:bc:0d:12:a6:45:60:8a:ac:2b:04:68:73:75:60:e5:
03:21:ea:4f:d4:30:53:de:6c:32:3f:b4:ae:1c:d7:a4:0a:a9:
fe:c1:28:00:c2:ba:34:32:12:82:96:6e:1a:51:76:4e:97:74:
bc:e2:dc:e2:b6:7f:0d:46:4b:d1:44:83:a4:71:6d:ff:5d:42:
1c:be:aa:28:d6:e2:e9:58:c7:b8:4a:58:f5:6a:ec:0e:95:3c:
b8:40:ee:0e:ef:23:0e:84:69:95:d6:cb:f2:95:50:22:f0:2c:
0a:04:58:66:fe:5f:64:f4:c0:d6:08:4d:1e:2b:04:fb:9b:c1:
21:86:3e:7f:a2:e1:f4:62:a0:e0:58:f7:e9:75:83:ea:bb:b0:
7f:a1:fb:51:20:67:fe:e1:00:be:98:9c:27:3e:9e:64:12:d3:
69:0a:35:b6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVwQrHUhzKV5p4bB9wHLxAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzQwODMxMGE0ZjgzM2Y2Nzk4NDJjNjNjODc1MjkxMjEzNTU5OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJCW/MexXzam9RODaOqNFtnHNfnM
8LCoyurbkZJlkf/2NrzpMxgVRQvzorLDS64PL++6iJY16Ii0SUxvUpxyPUEryA3E
4neyKN/R031cw+k0gx+8a9lFNkqD6hJc2OH0lNVpcPp4ZgM96R8mfo1nfxByDA1J
gJw6wgXvB7gbjjq2EVB8zkKNSVl82MPtjdL3U+LQ9dCvlzkCUxOEnbkTm1sdAhtQ
JRSJd02edpiX3Maspx+Z+zU525165aLbVDk0y2ofIK+R9/2DZQgTPGTkedVIE5LE
iVMV7p2VUXxFeE0cyDEgliACsaNC1QwBS83dv5PH0x44BG+C3kWBiI+lyQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIxAgxCk+DP2eYQsY8h1KRITVZjWMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvakVDREVLVDRNX1o1aEN4anlIVXBFaE5WbU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBACjBZsD
BAGjBZwDBACjBccwDAMEAaMFzgMEAaMF0DANBgkqhkiG9w0BAQsFAAOCAQEAHiHF
Y7cO4z2NNr7bsqoE/hR5ypmh/6PqRgtFzJtVTVNpCMprkYZBkYpJcmuIbP92boj/
/kuarDh4Fl0HdaUyvp99cbJ1OVoxDYNYi5qJaTMixo9ujKOGChwl5eAlvA0SpkVg
iqwrBGhzdWDlAyHqT9QwU95sMj+0rhzXpAqp/sEoAMK6NDISgpZuGlF2Tpd0vOLc
4rZ/DUZL0USDpHFt/11CHL6qKNbi6VjHuEpY9WrsDpU8uEDuDu8jDoRpldbL8pVQ
IvAsCgRYZv5fZPTA1ghNHisE+5vBIYY+f6Lh9GKg4Fj36XWD6ruwf6H7USBn/uEA
vpicJz6eZBLTaQo1tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org