Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mcXmU3AInOKTi0mUsd37TEYT7l0.roa
File: mcXmU3AInOKTi0mUsd37TEYT7l0.roa (raw, json)
Hash identifier: slW5yblgrFTR3wGz6w0boUHPsCoSHAkOhzFyYrYd5hw=
Subject key identifier: 99:C5:E6:53:70:08:9C:E2:93:8B:49:94:B1:DD:FB:4C:46:13:EE:5D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018ACD7B7FABF1DC543C1D135EE9B0C7D175
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mcXmU3AInOKTi0mUsd37TEYT7l0.roa
Signing time: Mon 25 Sep 2023 17:55:37 +0000
ROA not before: Mon 25 Sep 2023 17:55:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202992
IP address blocks: 163.5.207.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Oct 2023 18:22:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:7b:7f:ab:f1:dc:54:3c:1d:13:5e:e9:b0:c7:d1:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 25 17:55:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99c5e65370089ce2938b4994b1ddfb4c4613ee5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2c:49:6b:38:42:80:5d:70:5c:c3:8b:96:38:
6c:40:c3:0c:8c:7f:69:c4:6d:57:a2:d4:f7:a0:71:
71:16:37:e0:df:66:ae:0d:56:ce:86:1f:39:e4:40:
c9:de:de:05:d8:a2:ef:da:ba:09:3a:f6:a4:43:af:
9c:18:f9:44:59:bd:56:ad:0b:63:57:71:66:5b:98:
dd:53:7c:e4:6a:fa:ef:81:18:05:d1:c8:45:5f:54:
95:1a:6e:67:21:f0:e4:4d:45:16:eb:fb:5c:ba:1e:
ce:bb:96:0b:3d:54:c3:17:dc:4b:d8:65:d8:b2:bf:
8b:5e:7e:7e:e5:12:33:e6:15:bf:44:62:2c:83:1c:
34:fa:0b:a5:cb:a0:e2:20:84:fe:4e:07:d8:40:8b:
d2:3a:a0:dd:b9:6d:c9:0c:67:b5:20:8f:a4:1b:94:
43:fc:a2:c3:10:22:35:14:e8:97:0a:24:84:fa:ad:
56:a1:21:35:02:af:ee:9d:c6:3d:da:fb:07:45:57:
81:0c:7c:6d:53:a8:f0:71:a1:e8:12:1e:fd:47:70:
28:a0:c7:ad:1f:b1:a1:e4:46:ae:85:73:9f:41:21:
01:00:75:f1:4f:ea:bd:06:0f:97:a6:7d:e2:bf:e6:
5a:51:b5:fb:86:9c:68:64:bb:76:9b:ad:81:9a:df:
a7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C5:E6:53:70:08:9C:E2:93:8B:49:94:B1:DD:FB:4C:46:13:EE:5D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mcXmU3AInOKTi0mUsd37TEYT7l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.155.0/24
163.5.207.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:13:ba:a1:0c:c3:18:35:93:3c:8d:28:b1:6e:d4:ba:9c:7b:
f7:cc:be:77:a8:e2:a6:45:d4:b9:26:d9:04:04:7e:ed:17:93:
06:d6:c1:81:a7:ef:ce:61:31:47:7f:4b:1d:80:c9:44:a5:69:
8e:aa:c2:6a:bb:7c:e3:a5:36:be:a2:aa:a4:22:ce:38:fe:65:
b5:13:7f:a6:ee:db:87:d4:e2:c1:35:f0:1e:77:d3:f6:e0:e0:
4e:38:51:2e:89:38:38:c0:24:6c:36:15:54:9a:e0:26:5c:f4:
cb:c4:db:0c:1d:1d:50:98:a2:7e:cc:47:1e:13:72:d9:d8:61:
06:f4:f9:90:66:ce:7c:4d:ed:ae:46:88:f6:b7:ff:8c:43:cd:
b2:29:aa:4a:01:32:94:24:fb:86:ae:00:8f:72:cf:06:dd:30:
ff:86:8b:69:09:4e:43:ac:c2:69:bc:c0:7f:25:b8:49:74:16:
c6:bd:85:30:32:3f:ee:20:05:82:18:5a:03:71:d2:7d:bb:76:
f0:6b:5a:dd:80:de:06:b3:5b:ee:70:d7:01:92:3b:74:2f:bc:
27:d8:d9:0b:12:a3:c3:60:b0:5e:0b:4f:3f:0c:b2:e0:f0:29:
df:20:f7:2f:e2:ce:df:7b:72:57:c9:e1:48:41:5a:6c:f5:f8:
41:2c:0d:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrNe3+r8dxUPB0TXumwx9F1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTI1MTc1NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWM1ZTY1MzcwMDg5Y2UyOTM4YjQ5OTRiMWRkZmI0YzQ2MTNlZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyxJazhCgF1wXMOLljhsQMMMjH9p
xG1XotT3oHFxFjfg32auDVbOhh855EDJ3t4F2KLv2roJOvakQ6+cGPlEWb1WrQtj
V3FmW5jdU3zkavrvgRgF0chFX1SVGm5nIfDkTUUW6/tcuh7Ou5YLPVTDF9xL2GXY
sr+LXn5+5RIz5hW/RGIsgxw0+guly6DiIIT+TgfYQIvSOqDduW3JDGe1II+kG5RD
/KLDECI1FOiXCiSE+q1WoSE1Aq/uncY92vsHRVeBDHxtU6jwcaHoEh79R3AooMet
H7Gh5EauhXOfQSEBAHXxT+q9Bg+Xpn3iv+ZaUbX7hpxoZLt2m62Bmt+n+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJnF5lNwCJzik4tJlLHd+0xGE+5dMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbWNYbVUzQUluT0tUaTBtVXNkMzdURVlUN2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWbAwQA
owXPAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQA8E7qhDMMYNZM8jSixbtS6nHv3
zL53qOKmRdS5JtkEBH7tF5MG1sGBp+/OYTFHf0sdgMlEpWmOqsJqu3zjpTa+oqqk
Is44/mW1E3+m7tuH1OLBNfAed9P24OBOOFEuiTg4wCRsNhVUmuAmXPTLxNsMHR1Q
mKJ+zEceE3LZ2GEG9PmQZs58Te2uRoj2t/+MQ82yKapKATKUJPuGrgCPcs8G3TD/
hotpCU5DrMJpvMB/JbhJdBbGvYUwMj/uIAWCGFoDcdJ9u3bwa1rdgN4Gs1vucNcB
kjt0L7wn2NkLEqPDYLBeC08/DLLg8CnfIPcv4s7fe3JXyeFIQVps9fhBLA3p
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org