Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lae3KdVyCqDltJ4XLW3Axv1JccM.roa
File: lae3KdVyCqDltJ4XLW3Axv1JccM.roa (raw, json)
Hash identifier: HUw+16BzQdsbwJQlrXOyWtlU3jqnofw8ztTBRvj4jHM=
Subject key identifier: 95:A7:B7:29:D5:72:0A:A0:E5:B4:9E:17:2D:6D:C0:C6:FD:49:71:C3
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B1E3166B14800257F911224B362DB5C66
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lae3KdVyCqDltJ4XLW3Axv1JccM.roa
Signing time: Wed 11 Oct 2023 10:03:55 +0000
ROA not before: Wed 11 Oct 2023 10:03:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198831
IP address blocks: 163.5.242.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:31:66:b1:48:00:25:7f:91:12:24:b3:62:db:5c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 11 10:03:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95a7b729d5720aa0e5b49e172d6dc0c6fd4971c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ae:4a:35:d3:51:e4:12:81:0c:88:ad:e8:af:
b9:3d:63:9a:36:e0:10:4e:cc:53:b8:37:71:df:38:
4f:3c:96:17:3e:27:08:7e:c6:ee:2b:c7:56:28:1d:
45:aa:b9:13:3c:8a:a9:4c:15:d1:99:56:dd:e0:ee:
b2:24:5e:61:3e:b2:38:1a:5e:79:40:7e:ad:d5:33:
72:ac:ce:66:33:b1:b3:bf:04:3a:68:58:10:e5:2f:
13:1a:f2:44:fd:f9:f3:ea:4e:f6:68:00:9c:39:ee:
1f:33:34:4b:80:39:25:a4:a1:01:47:c2:30:ba:35:
58:2e:55:9f:b8:af:42:94:5e:15:d5:4a:fe:58:36:
dd:23:4d:31:a3:da:12:1e:88:22:b2:e4:83:c0:39:
1c:4c:4a:36:c0:e0:1e:7a:32:e0:00:78:6d:d5:36:
45:c9:aa:42:36:db:9b:be:07:38:10:0a:9f:9e:b5:
c6:6c:76:98:05:9d:20:5d:58:6e:91:d9:3a:ea:d0:
24:bf:20:f1:b5:6f:d6:16:c9:2c:dd:d1:65:25:57:
ff:eb:a8:4f:9b:95:6a:8a:32:ad:f4:cb:6f:24:91:
6e:de:fb:60:91:95:9a:d6:34:f9:77:2d:8a:e4:0d:
0d:74:da:18:c7:3d:e4:16:53:02:f0:32:25:26:0c:
c6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A7:B7:29:D5:72:0A:A0:E5:B4:9E:17:2D:6D:C0:C6:FD:49:71:C3
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lae3KdVyCqDltJ4XLW3Axv1JccM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.59.0/24
163.5.242.0/24
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:7d:e6:1b:79:b1:40:0b:c3:e6:ac:c8:22:40:13:32:2b:e2:
7a:18:83:9c:e6:19:20:94:96:d2:d9:c3:b1:6d:9a:04:f1:2b:
05:92:a2:b6:81:f4:9c:b2:f4:cf:5a:c2:52:06:32:9d:67:50:
6e:4c:da:02:1b:b4:ef:98:4d:d4:38:2c:38:25:82:b1:58:b7:
38:06:22:d2:14:7c:bd:99:f3:2e:c2:10:19:6b:48:35:9d:55:
1e:91:fa:10:91:47:e8:1b:d0:7a:20:c8:c0:65:b6:1c:45:e4:
85:13:6b:60:fc:50:a3:8c:7f:03:66:2a:3b:3c:d1:4f:ed:1a:
38:1c:a7:7b:31:0a:51:c8:ef:e8:85:3e:6a:fe:13:39:94:13:
9f:6e:8d:07:f4:9a:b1:01:24:61:04:fc:16:e5:dd:5c:92:da:
99:73:0e:90:3a:51:77:59:55:61:d3:d1:66:54:5d:b6:3e:0c:
81:94:b4:ff:11:50:ac:0c:6e:29:ef:96:c7:11:4f:be:9c:bd:
8f:77:6b:96:cb:1b:5a:82:59:f9:33:6d:95:be:3a:19:63:3a:
bc:2a:e3:7e:34:c7:85:bd:1d:51:81:b8:bd:fe:58:df:13:c4:
7b:33:5a:0c:19:a6:86:ac:b7:3f:45:4e:34:c3:e2:83:29:c6:
5f:20:ac:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYseMWaxSAAlf5ESJLNi21xmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDExMTAwMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWE3YjcyOWQ1NzIwYWEwZTViNDllMTcyZDZkYzBjNmZkNDk3MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl65KNdNR5BKBDIit6K+5PWOaNuAQ
TsxTuDdx3zhPPJYXPicIfsbuK8dWKB1FqrkTPIqpTBXRmVbd4O6yJF5hPrI4Gl55
QH6t1TNyrM5mM7GzvwQ6aFgQ5S8TGvJE/fnz6k72aACcOe4fMzRLgDklpKEBR8Iw
ujVYLlWfuK9ClF4V1Ur+WDbdI00xo9oSHogisuSDwDkcTEo2wOAeejLgAHht1TZF
yapCNtubvgc4EAqfnrXGbHaYBZ0gXVhukdk66tAkvyDxtW/WFsks3dFlJVf/66hP
m5VqijKt9MtvJJFu3vtgkZWa1jT5dy2K5A0NdNoYxz3kFlMC8DIlJgzGSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJWntynVcgqg5bSeFy1twMb9SXHDMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbGFlM0tkVnlDcURsdEo0WExXM0F4djFKY2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowU7AwQA
owXyAwQAuf02MA0GCSqGSIb3DQEBCwUAA4IBAQCrfeYbebFAC8PmrMgiQBMyK+J6
GIOc5hkglJbS2cOxbZoE8SsFkqK2gfScsvTPWsJSBjKdZ1BuTNoCG7TvmE3UOCw4
JYKxWLc4BiLSFHy9mfMuwhAZa0g1nVUekfoQkUfoG9B6IMjAZbYcReSFE2tg/FCj
jH8DZio7PNFP7Ro4HKd7MQpRyO/ohT5q/hM5lBOfbo0H9JqxASRhBPwW5d1cktqZ
cw6QOlF3WVVh09FmVF22PgyBlLT/EVCsDG4p75bHEU++nL2Pd2uWyxtagln5M22V
vjoZYzq8KuN+NMeFvR1Rgbi9/ljfE8R7M1oMGaaGrLc/RU40w+KDKcZfIKwV
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:19 2024 by rpki-client on console-fra.rpki-client.org