Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lH9RnNN0x1aylvyYzjO0B_RtLHk.roa
File: lH9RnNN0x1aylvyYzjO0B_RtLHk.roa (raw, json)
Hash identifier: /099uhWsBIT28QD+DBR6gYRjJcolryIOjv5mzkBwxG0=
Subject key identifier: 94:7F:51:9C:D3:74:C7:56:B2:96:FC:98:CE:33:B4:07:F4:6D:2C:79
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042B4D026C6A5E3277959D4553C9B4A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lH9RnNN0x1aylvyYzjO0B_RtLHk.roa
Signing time: Mon 02 Jan 2023 02:14:57 +0000
ROA not before: Mon 02 Jan 2023 02:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.71.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:b4:d0:26:c6:a5:e3:27:79:59:d4:55:3c:9b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=947f519cd374c756b296fc98ce33b407f46d2c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d9:a6:dc:dc:f6:8f:f5:84:2c:e0:3f:8b:73:
07:3c:4b:95:af:ab:7c:58:2f:f7:1d:49:e2:79:5a:
a2:81:81:df:12:17:4f:fe:29:34:03:6b:02:2a:35:
25:35:f8:99:c6:9e:c4:8b:f9:f3:65:0c:7d:dc:87:
c4:b0:fe:2f:bc:9d:5f:36:9c:4e:a0:2f:76:b0:23:
5a:56:1a:0e:5e:36:1b:dd:c2:6e:ee:2c:12:c4:cc:
c6:60:e3:97:3f:f1:d1:a1:8c:a9:f8:01:06:c7:e7:
89:34:c3:84:12:82:5d:56:cb:cf:1f:8e:f6:d8:df:
94:c7:d6:ee:c0:db:cd:5e:97:3a:cb:ff:15:1e:be:
dd:1b:b4:b6:7a:08:e1:3e:15:cc:a9:28:39:54:51:
61:06:50:68:c1:bd:c4:a3:48:95:c2:1e:cb:e8:36:
af:f9:98:72:ba:e0:81:d3:79:30:b4:91:3d:b4:43:
52:6f:8b:70:97:a1:9c:e8:5f:d6:99:13:01:d7:a2:
b0:23:54:a8:a6:44:fe:2d:9a:26:46:11:09:5b:ff:
f8:0e:ff:ee:3f:82:66:06:8c:37:5c:4e:61:f7:33:
ab:24:66:ad:f7:7d:f1:8b:8c:72:3b:fb:69:1e:2e:
df:50:0a:73:bc:fc:21:cf:a6:5d:ff:f0:b2:96:ad:
04:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:7F:51:9C:D3:74:C7:56:B2:96:FC:98:CE:33:B4:07:F4:6D:2C:79
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lH9RnNN0x1aylvyYzjO0B_RtLHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.71.0/24
163.5.110.0/23
163.5.126.0/24
163.5.128.0/24
163.5.165.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:13:18:6c:a1:e9:9e:c2:55:4d:ef:02:05:3d:08:ce:96:b1:
d9:a9:30:7d:0e:cf:3b:fa:76:2a:62:6f:d2:77:c6:0b:ea:ef:
ce:43:76:39:cc:a2:fa:f1:8e:95:94:23:bf:e4:29:c8:0b:79:
c9:e1:4e:22:a7:e2:8d:79:ef:7e:d7:06:d0:b0:03:c5:56:df:
bf:62:c5:b9:ee:ab:20:51:21:56:7b:40:9a:58:e2:80:38:46:
43:98:64:a7:9e:df:68:12:e8:4a:5f:fe:ce:0a:d8:a7:8d:86:
92:0e:07:68:da:a8:45:84:ad:c0:49:b8:fe:3a:eb:1a:9c:16:
d2:f3:91:44:55:5c:2f:c9:41:66:ac:1c:8e:64:57:24:01:f2:
1b:a0:5c:2f:23:a9:99:c2:6c:fa:a4:21:7b:88:7a:9e:4f:62:
39:3d:cd:48:93:b7:98:76:1d:a3:dd:5f:18:51:5a:46:dc:ec:
f4:7c:7d:56:66:64:3e:9a:82:11:1d:47:41:f0:d8:e5:f7:b5:
94:0c:05:6e:40:c3:ec:54:7e:db:25:43:94:a5:bd:e4:e0:9b:
b0:2d:34:b9:46:4a:14:71:14:d1:25:62:01:f6:7d:4a:a1:fd:
db:cc:81:73:8d:6f:78:23:6a:62:8f:6a:58:d7:3c:70:85:3d:
bd:30:14:1f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVwQrTQJsal4yd5WdRVPJtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDdmNTE5Y2QzNzRjNzU2YjI5NmZjOThjZTMzYjQwN2Y0NmQyYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNmm3Nz2j/WELOA/i3MHPEuVr6t8
WC/3HUnieVqigYHfEhdP/ik0A2sCKjUlNfiZxp7Ei/nzZQx93IfEsP4vvJ1fNpxO
oC92sCNaVhoOXjYb3cJu7iwSxMzGYOOXP/HRoYyp+AEGx+eJNMOEEoJdVsvPH472
2N+Ux9buwNvNXpc6y/8VHr7dG7S2egjhPhXMqSg5VFFhBlBowb3Eo0iVwh7L6Dav
+ZhyuuCB03kwtJE9tENSb4twl6Gc6F/WmRMB16KwI1SopkT+LZomRhEJW//4Dv/u
P4JmBow3XE5h9zOrJGat933xi4xyO/tpHi7fUApzvPwhz6Zd//Cylq0ErwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJR/UZzTdMdWspb8mM4ztAf0bSx5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbEg5Um5OTjB4MWF5bHZ5WXpqTzBCX1J0TEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowVHAwQB
owVuAwQAowV+AwQAowWAAwQAowWlAwQAowX6AwQAowX9MA0GCSqGSIb3DQEBCwUA
A4IBAQBPExhsoemewlVN7wIFPQjOlrHZqTB9Ds87+nYqYm/Sd8YL6u/OQ3Y5zKL6
8Y6VlCO/5CnIC3nJ4U4ip+KNee9+1wbQsAPFVt+/YsW57qsgUSFWe0CaWOKAOEZD
mGSnnt9oEuhKX/7OCtinjYaSDgdo2qhFhK3ASbj+OusanBbS85FEVVwvyUFmrByO
ZFckAfIboFwvI6mZwmz6pCF7iHqeT2I5Pc1Ik7eYdh2j3V8YUVpG3Oz0fH1WZmQ+
moIRHUdB8Njl97WUDAVuQMPsVH7bJUOUpb3k4JuwLTS5RkoUcRTRJWIB9n1Kof3b
zIFzjW94I2pij2pY1zxwhT29MBQf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org