Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kL4MhTtrU7IUbPlwSabp5Os0YBE.roa
File: kL4MhTtrU7IUbPlwSabp5Os0YBE.roa (raw, json)
Hash identifier: QtIm9Wy2QLltmo1hsoXW6wYZhox14uRbBErjdDYbdCg=
Subject key identifier: 90:BE:0C:85:3B:6B:53:B2:14:6C:F9:70:49:A6:E9:E4:EB:34:60:11
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0187E614BFEC88310B8FDF76A4486A5BCFEF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kL4MhTtrU7IUbPlwSabp5Os0YBE.roa
Signing time: Thu 04 May 2023 09:25:32 +0000
ROA not before: Thu 04 May 2023 09:25:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 163.5.123.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 May 2023 09:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:14:bf:ec:88:31:0b:8f:df:76:a4:48:6a:5b:cf:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 4 09:25:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90be0c853b6b53b2146cf97049a6e9e4eb346011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4f:3d:c0:a9:7f:d9:ef:14:e4:6c:b0:a0:df:
c2:a8:27:3f:ee:65:60:d6:bc:57:e1:17:1a:4f:3c:
64:34:dd:22:f9:71:c4:89:5d:3f:f9:ae:45:67:b3:
b5:84:d8:a7:8b:94:9d:76:98:42:43:01:05:3b:6c:
9b:d9:5a:2a:02:97:28:d8:7e:da:2a:d9:1c:36:c7:
64:e8:9d:85:59:24:41:98:1b:dc:fc:82:09:d4:29:
bd:92:b2:31:6b:03:ef:b1:4e:d6:f1:0e:59:d2:e7:
fc:78:87:87:81:12:3f:92:9c:2a:16:9f:68:b1:f9:
3d:20:f6:96:27:61:a5:d9:52:f8:20:67:8a:da:0d:
15:a6:35:5d:e1:98:5f:b1:42:84:f7:ef:e7:cc:8e:
ea:9d:e4:b9:f2:a3:bb:ab:e4:f2:e4:e8:7c:2a:8a:
4e:94:cb:f3:f3:db:a8:b7:9b:8f:03:54:1b:2c:ba:
af:d4:79:35:cb:3f:c1:80:d7:d1:ea:e4:ec:12:d3:
3c:0b:4f:eb:7d:b8:fa:bc:6f:62:b1:9e:0e:f2:af:
e8:1e:f1:9d:0f:f4:a8:fa:c0:03:1d:84:73:98:12:
cf:d7:c3:9b:89:ac:68:d8:0d:47:63:cd:3d:dc:9e:
bb:e5:c7:7c:71:e1:7a:61:83:62:06:92:f6:3e:b2:
aa:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BE:0C:85:3B:6B:53:B2:14:6C:F9:70:49:A6:E9:E4:EB:34:60:11
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kL4MhTtrU7IUbPlwSabp5Os0YBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.123.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:d2:af:47:16:b8:06:e2:c3:1b:07:b0:dd:3b:96:8d:f1:0c:
5d:3b:70:5c:a3:65:fb:cb:f9:f6:9d:bf:4e:65:e9:15:1b:41:
e3:37:a6:fa:f8:cf:db:62:ac:aa:4c:07:75:af:4c:85:f6:c6:
c2:a0:cb:57:57:d5:27:a3:c9:85:13:ab:b7:56:e2:48:bd:50:
a0:bc:ad:29:18:e7:67:af:51:c8:aa:d4:88:e3:ed:fe:cd:10:
78:52:a1:6f:51:7e:99:38:92:48:b7:9c:a4:95:54:fd:51:54:
70:73:7c:d1:d6:cd:02:b4:aa:f9:75:f1:cf:55:a4:fc:9f:f9:
81:56:bf:7f:96:48:f3:1d:3e:b6:de:b4:a5:75:54:84:d3:47:
e2:76:e3:58:48:63:f4:5f:6c:7e:b9:56:30:3b:5c:13:16:6d:
3c:08:71:42:6b:39:ee:d5:cb:98:82:74:3e:e0:4f:78:56:9e:
96:58:fb:cf:31:12:c0:6a:04:d4:58:fe:47:53:f5:30:79:b4:
47:3c:f5:1f:e3:ac:da:32:0e:f1:d6:9a:51:bd:25:f7:af:b6:
46:3f:96:b9:c1:0e:ef:46:4f:9c:7d:c6:79:6e:9b:09:96:b0:
cb:4b:d1:04:a4:63:e6:1f:60:82:ec:a4:6e:bb:2b:58:22:6b:
e4:97:82:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfmFL/siDELj992pEhqW8/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTA0MDkyNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGJlMGM4NTNiNmI1M2IyMTQ2Y2Y5NzA0OWE2ZTllNGViMzQ2MDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok89wKl/2e8U5GywoN/CqCc/7mVg
1rxX4RcaTzxkNN0i+XHEiV0/+a5FZ7O1hNini5SddphCQwEFO2yb2VoqApco2H7a
KtkcNsdk6J2FWSRBmBvc/IIJ1Cm9krIxawPvsU7W8Q5Z0uf8eIeHgRI/kpwqFp9o
sfk9IPaWJ2Gl2VL4IGeK2g0VpjVd4ZhfsUKE9+/nzI7qneS58qO7q+Ty5Oh8KopO
lMvz89uot5uPA1QbLLqv1Hk1yz/BgNfR6uTsEtM8C0/rfbj6vG9isZ4O8q/oHvGd
D/So+sADHYRzmBLP18Obiaxo2A1HY8093J675cd8ceF6YYNiBpL2PrKq3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJC+DIU7a1OyFGz5cEmm6eTrNGARMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva0w0TWhUdHJVN0lVYlBsd1NhYnA1T3MwWUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowV7AwQA
owXxMA0GCSqGSIb3DQEBCwUAA4IBAQAb0q9HFrgG4sMbB7DdO5aN8QxdO3Bco2X7
y/n2nb9OZekVG0HjN6b6+M/bYqyqTAd1r0yF9sbCoMtXV9Uno8mFE6u3VuJIvVCg
vK0pGOdnr1HIqtSI4+3+zRB4UqFvUX6ZOJJIt5yklVT9UVRwc3zR1s0CtKr5dfHP
VaT8n/mBVr9/lkjzHT623rSldVSE00fiduNYSGP0X2x+uVYwO1wTFm08CHFCaznu
1cuYgnQ+4E94Vp6WWPvPMRLAagTUWP5HU/UwebRHPPUf46zaMg7x1ppRvSX3r7ZG
P5a5wQ7vRk+cfcZ5bpsJlrDLS9EEpGPmH2CC7KRuuytYImvkl4LT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org