Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jetkhL1Z1QOuyKQWw05ID771TkM.roa
File: jetkhL1Z1QOuyKQWw05ID771TkM.roa (raw, json)
Hash identifier: MFSCVH/cccBrjILChiTfXoft4rsdhwAlaiGj27t3CZo=
Subject key identifier: 8D:EB:64:84:BD:59:D5:03:AE:C8:A4:16:C3:4E:48:0F:BE:F5:4E:43
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188B64D0F12B45473BA901475185FC05A49
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jetkhL1Z1QOuyKQWw05ID771TkM.roa
Signing time: Tue 13 Jun 2023 19:48:03 +0000
ROA not before: Tue 13 Jun 2023 19:48:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 163.5.114.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.236.0/24 maxlen: 24
163.5.234.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jul 2023 15:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b6:4d:0f:12:b4:54:73:ba:90:14:75:18:5f:c0:5a:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 13 19:48:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8deb6484bd59d503aec8a416c34e480fbef54e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:de:08:20:60:e2:41:d1:63:b4:e3:4f:56:fd:
89:a5:67:04:9f:f1:05:4f:8e:63:1c:0f:ff:ce:42:
dd:78:9b:79:92:dd:66:96:28:0b:14:95:7f:1a:ee:
08:03:d2:eb:16:9a:83:48:ca:46:cb:95:14:de:6f:
0a:db:6b:30:50:04:a6:42:28:80:4d:42:fb:87:68:
85:31:c5:0f:57:d9:e6:34:91:7b:60:2a:b8:ca:d5:
28:ce:8a:9d:07:ff:30:22:74:60:a3:2b:18:b5:d5:
f9:d4:a0:dd:72:a6:e7:a0:58:61:b6:24:74:13:80:
71:b1:06:b2:a9:c5:82:69:5d:66:11:2a:46:3c:13:
f8:fc:b4:22:09:60:50:e7:4d:3d:0b:0e:9c:74:ac:
37:b8:24:a0:bd:63:7d:0e:0d:09:fa:ca:45:b8:ce:
54:13:1b:93:77:59:a1:d0:28:fc:e2:9e:92:09:13:
ed:fe:55:f8:fa:e9:48:8c:0a:23:23:d7:bb:91:6b:
15:68:98:d8:6c:81:3e:e7:e6:f5:5f:4b:ac:dc:98:
c2:99:02:b7:24:0f:e7:02:c5:ea:eb:6a:56:05:a6:
a0:5d:ca:50:8d:c6:97:1e:85:1c:aa:43:d0:f7:ff:
ea:45:d8:68:1c:fd:af:91:ac:74:31:0a:bd:2b:b8:
bb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:EB:64:84:BD:59:D5:03:AE:C8:A4:16:C3:4E:48:0F:BE:F5:4E:43
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jetkhL1Z1QOuyKQWw05ID771TkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.113.0-163.5.114.255
163.5.141.0/24
163.5.146.0/24
163.5.162.0/24
163.5.224.0/24
163.5.234.0/24
163.5.236.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:f8:d3:8e:ba:86:5c:6d:47:d3:ec:e9:78:fc:c7:40:9b:e5:
98:af:3f:b4:29:0c:20:70:1b:f0:0d:98:3e:2c:6b:1b:90:e3:
57:2e:41:88:f0:5c:ba:33:80:1b:51:c9:dd:01:ea:9c:e2:28:
67:ce:b4:ab:73:90:f7:95:9d:55:11:23:8a:c7:c3:79:98:68:
4f:00:3d:9b:6b:64:92:ab:c5:4a:69:84:2e:44:e6:4d:a8:c2:
5b:51:b0:a9:d5:ff:0a:17:00:56:2b:42:36:00:aa:8d:e0:16:
b2:58:34:25:12:a6:33:1d:f4:52:56:17:ad:08:23:e4:bb:73:
ac:9e:90:a4:b4:00:b6:1f:92:56:bb:25:c3:c0:44:bf:9d:2f:
eb:1d:c0:5d:16:da:af:a4:ba:12:20:6e:7c:8f:39:0a:65:25:
fa:03:6b:67:61:27:58:61:e7:30:a8:5f:58:05:18:21:67:9b:
ee:0c:72:2d:71:9c:dc:a0:9b:d9:bb:29:ca:aa:e5:e3:47:6d:
f3:ef:79:17:db:d4:4b:20:47:08:9e:8d:22:d7:b6:84:6f:9d:
fb:24:ba:f8:63:e0:0c:78:9f:81:13:3d:16:98:ad:77:76:9c:
b9:97:7f:d6:71:5f:23:2e:9e:6e:72:dc:82:0f:c2:08:30:09:
c6:89:5d:03
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYi2TQ8StFRzupAUdRhfwFpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjEzMTk0ODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGViNjQ4NGJkNTlkNTAzYWVjOGE0MTZjMzRlNDgwZmJlZjU0ZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv94IIGDiQdFjtONPVv2JpWcEn/EF
T45jHA//zkLdeJt5kt1mligLFJV/Gu4IA9LrFpqDSMpGy5UU3m8K22swUASmQiiA
TUL7h2iFMcUPV9nmNJF7YCq4ytUozoqdB/8wInRgoysYtdX51KDdcqbnoFhhtiR0
E4BxsQayqcWCaV1mESpGPBP4/LQiCWBQ5009Cw6cdKw3uCSgvWN9Dg0J+spFuM5U
ExuTd1mh0Cj84p6SCRPt/lX4+ulIjAojI9e7kWsVaJjYbIE+5+b1X0us3JjCmQK3
JA/nAsXq62pWBaagXcpQjcaXHoUcqkPQ9//qRdhoHP2vkax0MQq9K7i7SwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFI3rZIS9WdUDrsikFsNOSA++9U5DMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvamV0a2hMMVoxUU91eUtRV3cwNUlENzcxVGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBACjBXED
BACjBXIDBACjBY0DBACjBZIDBACjBaIDBACjBeADBACjBeoDBACjBewwDQYJKoZI
hvcNAQELBQADggEBAKj40466hlxtR9Ps6Xj8x0Cb5ZivP7QpDCBwG/ANmD4saxuQ
41cuQYjwXLozgBtRyd0B6pziKGfOtKtzkPeVnVURI4rHw3mYaE8APZtrZJKrxUpp
hC5E5k2owltRsKnV/woXAFYrQjYAqo3gFrJYNCUSpjMd9FJWF60II+S7c6yekKS0
ALYfkla7JcPARL+dL+sdwF0W2q+kuhIgbnyPOQplJfoDa2dhJ1hh5zCoX1gFGCFn
m+4Mci1xnNygm9m7Kcqq5eNHbfPveRfb1EsgRwiejSLXtoRvnfskuvhj4Ax4n4ET
PRaYrXd2nLmXf9ZxXyMunm5y3IIPwggwCcaJXQM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org