Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kpp08qYiu8CWJcE7SMR3RvPMoAI.roa
File: kpp08qYiu8CWJcE7SMR3RvPMoAI.roa (raw, json)
Hash identifier: hbR2oaChOIDrJIEPRtdNPctz3SVOd64g3pd0/f9dnf0=
Subject key identifier: 92:9A:74:F2:A6:22:BB:C0:96:25:C1:3B:48:C4:77:46:F3:CC:A0:02
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018653BCE29E68EADF5C4F40814BDC52B4DA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kpp08qYiu8CWJcE7SMR3RvPMoAI.roa
Signing time: Wed 15 Feb 2023 06:22:13 +0000
ROA not before: Wed 15 Feb 2023 06:22:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 163.5.184.0/24 maxlen: 24
163.5.217.0/24 maxlen: 24
163.5.232.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Mar 2023 03:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:53:bc:e2:9e:68:ea:df:5c:4f:40:81:4b:dc:52:b4:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 15 06:22:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=929a74f2a622bbc09625c13b48c47746f3cca002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0a:ba:4b:99:3a:cd:76:9c:64:65:f5:a8:35:
4b:bd:21:52:61:2c:69:34:41:8c:42:d2:9c:30:c0:
fb:52:c3:8f:b8:39:84:a1:83:7f:1a:16:7e:93:04:
d7:71:aa:85:a3:b6:27:b9:a2:26:1a:c9:91:58:1a:
cd:2d:2a:46:df:7f:0c:93:17:cb:ec:60:13:1b:21:
0d:d0:c9:01:39:75:e9:4c:c5:95:96:dc:03:8e:c2:
97:f7:58:ca:0c:7d:51:f7:ee:9f:26:90:2d:98:ea:
3a:9a:c5:14:55:77:ec:01:00:a0:fb:15:f1:26:ae:
5d:51:a7:da:ff:fa:5c:42:2b:a4:49:d6:c3:45:17:
7a:9f:26:c9:63:97:8e:4c:2f:33:16:49:2c:ae:fd:
2b:cc:1d:81:74:7f:fa:ee:14:00:eb:13:e0:2a:90:
d1:7f:d2:bc:8c:b9:cd:74:d8:5d:e2:9a:0e:10:c2:
d0:9f:ac:a3:1e:04:e1:78:d7:85:f9:7d:97:a2:5f:
ab:56:22:03:66:7e:3a:5e:94:9e:81:50:53:75:83:
2f:c2:fc:31:1a:c4:f2:de:ba:f2:dc:0a:48:c2:8c:
fd:ff:77:73:08:fa:27:52:0f:d0:3e:aa:ad:b6:ac:
b3:b5:18:19:e4:e0:90:0f:d5:08:bd:88:72:51:ae:
05:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9A:74:F2:A6:22:BB:C0:96:25:C1:3B:48:C4:77:46:F3:CC:A0:02
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kpp08qYiu8CWJcE7SMR3RvPMoAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.33.0/24
163.5.184.0/24
163.5.217.0/24
163.5.232.0/24
Signature Algorithm: sha256WithRSAEncryption
01:9e:3b:84:79:cd:f6:67:8e:02:4a:48:33:e1:36:62:e5:0f:
fa:fe:73:d7:8d:a5:bb:d8:cc:ca:fd:e0:fb:03:9d:1c:4d:c9:
13:51:f6:3d:32:f0:6f:9b:aa:62:4f:94:1a:5f:52:66:70:dd:
8c:c2:f3:3c:a6:8b:fc:5f:71:f6:77:9c:a9:97:14:94:2a:36:
03:60:6e:4b:32:e7:8c:dd:21:0f:91:00:72:36:f3:5d:c1:12:
8d:1f:97:4f:34:a4:4f:6e:b2:7c:9d:73:04:a7:3f:7d:f8:6a:
26:cf:cc:2f:b5:79:1e:33:45:ff:f1:28:69:42:ae:e7:96:dd:
b8:22:28:8e:85:bc:aa:6d:cd:a5:3f:30:06:9e:1c:61:12:66:
7c:08:0f:53:56:e1:4c:63:32:c9:af:25:9b:c5:fa:76:a2:d5:
51:36:54:f6:6d:3e:c6:83:92:57:0d:48:82:f4:3b:f9:14:f7:
0e:d7:ce:bd:8c:18:d9:f1:d4:1e:83:c2:c2:3b:f5:27:56:29:
75:17:e6:13:a4:a5:61:30:9c:93:5c:83:54:54:bf:25:d5:f3:
90:c7:d1:59:9d:58:5b:35:1d:98:00:34:f0:b3:a2:ac:25:8f:
cf:d5:48:35:f5:b2:9e:31:6c:b6:ca:1c:17:aa:30:5b:5d:cf:
b4:33:88:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZTvOKeaOrfXE9AgUvcUrTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMjE1MDYyMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjlhNzRmMmE2MjJiYmMwOTYyNWMxM2I0OGM0Nzc0NmYzY2NhMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQq6S5k6zXacZGX1qDVLvSFSYSxp
NEGMQtKcMMD7UsOPuDmEoYN/GhZ+kwTXcaqFo7YnuaImGsmRWBrNLSpG338MkxfL
7GATGyEN0MkBOXXpTMWVltwDjsKX91jKDH1R9+6fJpAtmOo6msUUVXfsAQCg+xXx
Jq5dUafa//pcQiukSdbDRRd6nybJY5eOTC8zFkksrv0rzB2BdH/67hQA6xPgKpDR
f9K8jLnNdNhd4poOEMLQn6yjHgTheNeF+X2Xol+rViIDZn46XpSegVBTdYMvwvwx
GsTy3rry3ApIwoz9/3dzCPonUg/QPqqttqyztRgZ5OCQD9UIvYhyUa4FTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJKadPKmIrvAliXBO0jEd0bzzKACMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva3BwMDhxWWl1OENXSmNFN1NNUjNSdlBNb0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUhAwQA
owW4AwQAowXZAwQAowXoMA0GCSqGSIb3DQEBCwUAA4IBAQABnjuEec32Z44CSkgz
4TZi5Q/6/nPXjaW72MzK/eD7A50cTckTUfY9MvBvm6piT5QaX1JmcN2MwvM8pov8
X3H2d5yplxSUKjYDYG5LMueM3SEPkQByNvNdwRKNH5dPNKRPbrJ8nXMEpz99+Gom
z8wvtXkeM0X/8ShpQq7nlt24IiiOhbyqbc2lPzAGnhxhEmZ8CA9TVuFMYzLJryWb
xfp2otVRNlT2bT7Gg5JXDUiC9Dv5FPcO1869jBjZ8dQeg8LCO/UnVil1F+YTpKVh
MJyTXINUVL8l1fOQx9FZnVhbNR2YADTws6KsJY/P1Ug19bKeMWy2yhwXqjBbXc+0
M4i5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org