Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/l7mmNQs5UQ3JOs8ttYSg36FUWao.roa
File: l7mmNQs5UQ3JOs8ttYSg36FUWao.roa (raw, json)
Hash identifier: LhCJBotY3q6NxRPe/uu54xptphfHG+1XUMjS4RzoCWA=
Subject key identifier: 97:B9:A6:35:0B:39:51:0D:C9:3A:CF:2D:B5:84:A0:DF:A1:54:59:AA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018761CE4D482FE4AD8383D712C245F53E3B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/l7mmNQs5UQ3JOs8ttYSg36FUWao.roa
Signing time: Sat 08 Apr 2023 16:58:42 +0000
ROA not before: Sat 08 Apr 2023 16:58:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 163.5.131.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Apr 2023 04:19:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:61:ce:4d:48:2f:e4:ad:83:83:d7:12:c2:45:f5:3e:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 8 16:58:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97b9a6350b39510dc93acf2db584a0dfa15459aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bf:a0:27:01:5f:39:aa:c3:eb:1c:6a:d8:ac:
ec:40:06:c1:bb:d2:44:1c:66:45:09:e7:b4:9c:f2:
14:fa:f5:9f:c8:cb:0a:af:d6:c5:bd:46:b7:06:f3:
9e:0d:f8:05:3a:9f:d1:a2:f4:98:81:11:97:eb:f9:
01:cc:b2:f3:85:89:12:d0:20:e0:b6:79:57:01:dc:
ca:16:c4:0b:87:20:05:0c:1f:77:58:f3:6b:4e:2d:
7f:f4:80:94:79:c9:92:5b:37:90:86:7f:0c:7c:1a:
82:2e:42:fd:0f:ce:dc:a1:e6:86:7e:16:53:21:2d:
d1:ec:08:69:7c:33:fb:ec:0b:fa:05:49:69:1d:ff:
51:bb:44:08:2f:10:16:f0:94:41:0e:a5:65:d1:83:
0d:30:bc:d1:43:c9:b8:75:be:0e:b3:fb:71:f8:ac:
d2:b8:e1:49:fe:c1:88:38:a6:1a:be:59:6b:53:8f:
5d:fd:9d:c3:1f:b0:a7:03:ce:9e:38:9f:68:8a:f3:
a6:f0:1c:d9:41:31:3a:92:70:f3:5c:64:e3:8d:6c:
b7:b6:08:05:17:d3:14:7e:d1:71:7d:f4:5f:c3:28:
ce:f3:cd:6c:5b:d9:06:76:0b:79:72:5a:27:23:a6:
5b:bb:16:da:a3:2b:f6:42:fb:a4:ec:db:4e:e4:20:
9b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B9:A6:35:0B:39:51:0D:C9:3A:CF:2D:B5:84:A0:DF:A1:54:59:AA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/l7mmNQs5UQ3JOs8ttYSg36FUWao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.60.0/24
163.5.131.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:d8:bc:06:79:d6:8d:08:1b:c3:d4:ee:b3:1d:89:4c:54:89:
3c:53:ed:54:c1:1d:df:31:c0:6d:21:59:1b:af:bd:f4:ec:19:
51:67:0d:7d:ea:b6:59:e6:de:96:78:63:22:ef:0f:b2:d3:1b:
a4:04:37:69:30:36:ef:1b:74:3c:10:e9:3e:a3:f0:3a:af:0b:
54:e0:bb:1b:df:ee:0a:83:a7:58:a4:2b:26:1a:da:41:70:6e:
dd:a2:5f:47:5c:24:b7:2b:b3:fa:fb:2b:e3:df:2f:91:73:92:
4e:d1:26:46:4b:ca:2e:56:0a:25:aa:1d:f0:f8:c8:9c:34:9f:
e0:cf:fd:2e:09:72:10:32:89:b5:fa:a1:4a:fb:b0:35:41:0b:
a6:65:e1:da:ab:88:ad:39:e2:01:af:53:ed:85:a4:16:af:48:
02:7b:ed:c1:52:d8:5d:86:e5:42:cc:c8:92:91:f7:a2:8e:b4:
f2:c7:a8:15:44:84:57:bf:1f:01:43:72:d2:4b:54:1e:bf:a6:
ba:9c:ff:65:3e:04:94:b0:a5:bf:60:23:ce:bf:81:25:6c:c1:
67:c7:ff:0a:19:7f:fc:91:80:b4:63:cb:bd:f4:01:1b:bf:8c:
85:dd:9a:7e:f6:d2:39:b2:d9:e0:f5:c3:c7:fb:59:21:ad:65:
2e:f0:89:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdhzk1IL+Stg4PXEsJF9T47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDA4MTY1ODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2I5YTYzNTBiMzk1MTBkYzkzYWNmMmRiNTg0YTBkZmExNTQ1OWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7+gJwFfOarD6xxq2KzsQAbBu9JE
HGZFCee0nPIU+vWfyMsKr9bFvUa3BvOeDfgFOp/RovSYgRGX6/kBzLLzhYkS0CDg
tnlXAdzKFsQLhyAFDB93WPNrTi1/9ICUecmSWzeQhn8MfBqCLkL9D87coeaGfhZT
IS3R7AhpfDP77Av6BUlpHf9Ru0QILxAW8JRBDqVl0YMNMLzRQ8m4db4Os/tx+KzS
uOFJ/sGIOKYavllrU49d/Z3DH7CnA86eOJ9oivOm8BzZQTE6knDzXGTjjWy3tggF
F9MUftFxffRfwyjO881sW9kGdgt5clonI6Zbuxbaoyv2Qvuk7NtO5CCb5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJe5pjULOVENyTrPLbWEoN+hVFmqMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbDdtbU5RczVVUTNKT3M4dHRZU2czNkZVV2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowU8AwQA
owWDMA0GCSqGSIb3DQEBCwUAA4IBAQCp2LwGedaNCBvD1O6zHYlMVIk8U+1UwR3f
McBtIVkbr7307BlRZw196rZZ5t6WeGMi7w+y0xukBDdpMDbvG3Q8EOk+o/A6rwtU
4Lsb3+4Kg6dYpCsmGtpBcG7dol9HXCS3K7P6+yvj3y+Rc5JO0SZGS8ouVgolqh3w
+MicNJ/gz/0uCXIQMom1+qFK+7A1QQumZeHaq4itOeIBr1PthaQWr0gCe+3BUthd
huVCzMiSkfeijrTyx6gVRIRXvx8BQ3LSS1Qev6a6nP9lPgSUsKW/YCPOv4ElbMFn
x/8KGX/8kYC0Y8u99AEbv4yF3Zp+9tI5stng9cPH+1khrWUu8In8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org