Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kHfpUkIMbxEclhTDBv-i1heRj7U.roa
File: kHfpUkIMbxEclhTDBv-i1heRj7U.roa (raw, json)
Hash identifier: kBY67td4S26nBFISkGf/JTbTP1eI/TwqsBvsTGt+Ous=
Subject key identifier: 90:77:E9:52:42:0C:6F:11:1C:96:14:C3:06:FF:A2:D6:17:91:8F:B5
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042C51284A054A4EC017790FDA82065
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kHfpUkIMbxEclhTDBv-i1heRj7U.roa
Signing time: Mon 02 Jan 2023 02:15:01 +0000
ROA not before: Mon 02 Jan 2023 02:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142430
IP address blocks: 163.5.188.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jan 2023 11:28:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:c5:12:84:a0:54:a4:ec:01:77:90:fd:a8:20:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9077e952420c6f111c9614c306ffa2d617918fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:52:88:8c:4d:ca:fa:2c:e0:d2:fa:38:df:82:
e0:2b:57:2c:80:91:ce:b2:47:c5:b3:98:a7:f6:7a:
45:5e:48:b6:83:67:55:f1:5a:d8:47:61:7a:6e:86:
b3:2e:c8:c4:34:b9:40:0a:63:cf:cb:b3:97:5a:64:
39:05:ae:aa:b9:31:c5:4c:0e:d9:97:b9:f6:58:0b:
e1:e0:8c:0d:e5:1b:02:9c:1b:25:f1:5a:e8:73:83:
4e:92:0e:ae:d1:ab:11:a0:67:dc:88:c8:d2:68:75:
51:7a:6e:5a:e0:92:4f:b9:78:14:5d:20:b9:06:7b:
65:1a:b9:ea:5a:7f:e0:2b:0b:15:b5:4e:31:cc:7a:
19:e3:ee:72:c1:5c:f7:36:8f:36:91:ce:69:44:e8:
51:0b:2c:be:dc:85:f2:3e:6f:35:9e:1d:ea:26:ac:
d6:3d:f8:0e:69:66:d5:60:bf:2e:1e:9f:3b:87:61:
e1:b8:2f:0a:c1:a9:11:f5:b1:a7:b8:4d:66:d2:44:
4c:39:cb:d3:69:d9:2e:24:6e:6e:27:da:4d:c6:06:
80:ac:7d:16:71:28:4b:7f:f7:ae:cd:03:05:26:f7:
c4:76:f3:40:17:37:9c:ca:4c:56:c8:8d:c4:dd:11:
97:de:40:47:3e:09:e1:dc:fc:33:3e:11:71:1f:04:
0d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:77:E9:52:42:0C:6F:11:1C:96:14:C3:06:FF:A2:D6:17:91:8F:B5
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kHfpUkIMbxEclhTDBv-i1heRj7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.188.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:34:9b:25:1a:03:59:37:cf:72:ea:ce:65:69:36:dd:20:c1:
81:e8:da:4d:0f:10:cc:72:71:5b:07:0f:40:84:ff:0a:31:6f:
26:02:28:ec:78:2e:11:df:4a:69:57:36:c8:b6:5e:f6:e2:ad:
a9:80:f6:14:05:66:5a:c3:92:dd:96:8b:7e:bd:26:71:05:99:
9d:56:93:c6:01:72:ff:40:f6:ab:66:4e:f8:24:e2:47:0b:51:
90:82:79:28:d8:74:01:87:a7:25:72:47:f5:ea:97:d6:54:ed:
68:b3:73:47:e7:5f:a5:a0:94:ea:4d:23:b3:20:b4:43:a8:0b:
14:18:3f:a0:41:b9:f1:61:4d:d2:43:48:85:14:b9:e4:dc:1b:
63:cd:5e:85:aa:4f:64:eb:22:78:97:1d:99:d0:9d:ac:f7:06:
fc:42:7b:f1:5d:2a:e2:65:fb:ff:b2:62:d1:ba:20:18:18:88:
9b:9b:03:b7:7f:53:ff:55:0b:95:43:1a:0f:66:96:6b:86:ae:
81:04:da:a5:df:21:bc:c8:49:cf:04:7c:5d:74:91:f7:5d:d8:
8f:6a:2b:a6:76:2b:e1:84:d3:fa:46:77:45:33:fb:01:69:d6:
14:65:64:1c:8d:a3:8f:7f:20:76:cb:5a:37:3c:8e:0c:c1:7f:
f3:dc:82:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwQsUShKBUpOwBd5D9qCBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDc3ZTk1MjQyMGM2ZjExMWM5NjE0YzMwNmZmYTJkNjE3OTE4ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilKIjE3K+izg0vo434LgK1csgJHO
skfFs5in9npFXki2g2dV8VrYR2F6boazLsjENLlACmPPy7OXWmQ5Ba6quTHFTA7Z
l7n2WAvh4IwN5RsCnBsl8Vroc4NOkg6u0asRoGfciMjSaHVRem5a4JJPuXgUXSC5
BntlGrnqWn/gKwsVtU4xzHoZ4+5ywVz3No82kc5pROhRCyy+3IXyPm81nh3qJqzW
PfgOaWbVYL8uHp87h2HhuC8KwakR9bGnuE1m0kRMOcvTadkuJG5uJ9pNxgaArH0W
cShLf/euzQMFJvfEdvNAFzecykxWyI3E3RGX3kBHPgnh3PwzPhFxHwQNawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJB36VJCDG8RHJYUwwb/otYXkY+1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva0hmcFVrSU1ieEVjbGhUREJ2LWkxaGVSajdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowW8AwQA
owXdMA0GCSqGSIb3DQEBCwUAA4IBAQBtNJslGgNZN89y6s5laTbdIMGB6NpNDxDM
cnFbBw9AhP8KMW8mAijseC4R30ppVzbItl724q2pgPYUBWZaw5Ldlot+vSZxBZmd
VpPGAXL/QParZk74JOJHC1GQgnko2HQBh6clckf16pfWVO1os3NH51+loJTqTSOz
ILRDqAsUGD+gQbnxYU3SQ0iFFLnk3BtjzV6Fqk9k6yJ4lx2Z0J2s9wb8QnvxXSri
Zfv/smLRuiAYGIibmwO3f1P/VQuVQxoPZpZrhq6BBNql3yG8yEnPBHxddJH3XdiP
aiumdivhhNP6RndFM/sBadYUZWQcjaOPfyB2y1o3PI4MwX/z3ILr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org