Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lB8gFx-sf59Ew6mld0KWqScjDG8.roa
File: lB8gFx-sf59Ew6mld0KWqScjDG8.roa (raw, json)
Hash identifier: OpCjFjdVsPcH8q4fS9uGrRLUHAD7mA7j5lnr+uNzJ9o=
Subject key identifier: 94:1F:20:17:1F:AC:7F:9F:44:C3:A9:A5:77:42:96:A9:27:23:0C:6F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C9156DF062CE9A35646D296DEF0B68685
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lB8gFx-sf59Ew6mld0KWqScjDG8.roa
Signing time: Fri 22 Dec 2023 11:43:58 +0000
ROA not before: Fri 22 Dec 2023 11:43:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30781
IP address blocks: 163.5.221.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:56:df:06:2c:e9:a3:56:46:d2:96:de:f0:b6:86:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 22 11:43:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=941f20171fac7f9f44c3a9a5774296a927230c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cc:03:4c:53:09:43:df:f1:c8:e6:32:b1:94:
d9:de:d6:a8:44:bd:92:94:7b:00:c6:83:a8:c2:3a:
94:7a:89:90:c3:df:44:29:42:c0:54:db:81:b4:05:
5e:64:87:42:d2:1b:d7:0c:ff:47:36:ca:b3:fc:c3:
fe:11:16:9e:14:67:a5:d7:28:b2:f0:0c:9c:c2:4b:
c4:20:b6:0c:eb:c7:fe:97:5a:c6:cc:b5:e2:c5:77:
eb:68:69:5c:2c:82:10:e0:95:1f:79:91:6f:9a:a8:
cd:00:d7:27:54:df:f2:a1:e9:f8:69:88:d2:7a:d8:
e1:63:6b:41:8b:07:c8:21:80:b2:d9:a7:8f:c4:65:
8c:48:d1:0e:9f:12:d6:38:c3:ba:7e:2c:08:f8:77:
a5:4e:fa:a2:97:31:d5:f9:f4:91:a2:2a:ef:9d:2c:
76:13:b0:f3:74:e5:e1:e1:d8:cc:b3:f8:ed:6a:9b:
73:fa:8c:62:48:d5:ff:6e:60:82:ec:c4:26:3f:8c:
ce:6f:7c:00:d9:d3:fe:88:6d:e1:ea:71:34:60:c8:
59:c1:40:5d:e7:6d:74:d5:85:85:85:c5:e7:90:d8:
4a:7a:be:85:5a:6c:b6:d5:60:c9:5b:4c:76:ee:7c:
73:1d:94:0a:f5:ac:14:bc:b0:23:db:60:21:2b:fe:
87:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1F:20:17:1F:AC:7F:9F:44:C3:A9:A5:77:42:96:A9:27:23:0C:6F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lB8gFx-sf59Ew6mld0KWqScjDG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.62.0/24
163.5.142.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
60:f4:21:05:d9:c5:24:b0:24:61:de:2c:1f:0b:c1:dd:b5:a0:
c0:83:76:50:9b:a1:10:74:b8:74:14:1a:c9:a7:62:b3:37:9d:
99:9a:2e:a4:2c:0a:2f:ec:81:57:6b:70:78:f3:2c:b4:b5:56:
54:6c:11:ac:c5:09:db:ad:ae:eb:e1:46:12:f2:ea:a5:da:42:
1e:5f:00:4c:25:37:63:fd:aa:9d:af:8a:75:43:80:d2:86:7a:
21:19:96:e1:f8:83:38:1b:c9:00:13:b1:a8:78:0f:3a:42:c4:
4a:39:7d:20:a9:c5:ba:c1:40:81:2d:9c:1e:97:c6:46:7d:b5:
cc:90:1b:c6:1b:c8:4f:a1:1a:46:c0:d8:e9:cf:f9:d8:32:1a:
d7:58:14:c4:14:20:dd:1b:5b:5c:4f:a7:0b:89:7a:e1:43:47:
61:da:a2:bb:f5:75:36:4f:b4:a4:9e:e6:f9:ba:51:0b:07:c8:
17:1c:96:e2:a4:36:e0:e7:f8:22:1e:fc:67:7d:07:43:b7:ce:
33:7b:f7:dc:1e:66:cf:67:38:18:6c:44:cf:cf:76:d0:be:8f:
63:55:97:4e:a1:84:85:c8:4e:e1:0f:3a:b7:5d:58:56:40:79:
dc:b3:cb:12:84:88:f8:74:12:55:60:ba:fe:d1:96:de:57:a1:
55:1a:de:a5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyRVt8GLOmjVkbSlt7wtoaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjIyMTE0MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDFmMjAxNzFmYWM3ZjlmNDRjM2E5YTU3NzQyOTZhOTI3MjMwYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8wDTFMJQ9/xyOYysZTZ3taoRL2S
lHsAxoOowjqUeomQw99EKULAVNuBtAVeZIdC0hvXDP9HNsqz/MP+ERaeFGel1yiy
8AycwkvEILYM68f+l1rGzLXixXfraGlcLIIQ4JUfeZFvmqjNANcnVN/yoen4aYjS
etjhY2tBiwfIIYCy2aePxGWMSNEOnxLWOMO6fiwI+HelTvqilzHV+fSRoirvnSx2
E7DzdOXh4djMs/jtaptz+oxiSNX/bmCC7MQmP4zOb3wA2dP+iG3h6nE0YMhZwUBd
52101YWFhcXnkNhKer6FWmy21WDJW0x27nxzHZQK9awUvLAj22AhK/6H3wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJQfIBcfrH+fRMOppXdClqknIwxvMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbEI4Z0Z4LXNmNTlFdzZtbGQwS1dxU2NqREc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUfAwQA
owUjAwQAowU+AwQAowWOAwQAowXdMA0GCSqGSIb3DQEBCwUAA4IBAQBg9CEF2cUk
sCRh3iwfC8HdtaDAg3ZQm6EQdLh0FBrJp2KzN52Zmi6kLAov7IFXa3B48yy0tVZU
bBGsxQnbra7r4UYS8uql2kIeXwBMJTdj/aqdr4p1Q4DShnohGZbh+IM4G8kAE7Go
eA86QsRKOX0gqcW6wUCBLZwel8ZGfbXMkBvGG8hPoRpGwNjpz/nYMhrXWBTEFCDd
G1tcT6cLiXrhQ0dh2qK79XU2T7Sknub5ulELB8gXHJbipDbg5/giHvxnfQdDt84z
e/fcHmbPZzgYbETPz3bQvo9jVZdOoYSFyE7hDzq3XVhWQHncs8sShIj4dBJVYLr+
0ZbeV6FVGt6l
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:19 2024 by rpki-client on console-fra.rpki-client.org