Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nEDSqC_HODSdZfDY5lIdLhcOlZo.roa
File: nEDSqC_HODSdZfDY5lIdLhcOlZo.roa (raw, json)
Hash identifier: iP1I6nfiqAZXKG1hVGPUvxtD50Q8I1B8uz3d1ZX08+M=
Subject key identifier: 9C:40:D2:A8:2F:C7:38:34:9D:65:F0:D8:E6:52:1D:2E:17:0E:95:9A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018761D0220501E5B0EF1EBDC8EEFE654A69
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nEDSqC_HODSdZfDY5lIdLhcOlZo.roa
Signing time: Sat 08 Apr 2023 17:00:42 +0000
ROA not before: Sat 08 Apr 2023 17:00:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.71.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:61:d0:22:05:01:e5:b0:ef:1e:bd:c8:ee:fe:65:4a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 8 17:00:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c40d2a82fc738349d65f0d8e6521d2e170e959a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:96:6e:da:b6:e6:8f:bf:ad:c0:e4:ae:d9:44:
cd:7f:5b:00:37:99:b9:1f:91:ca:35:98:5b:49:64:
85:1c:f0:a8:94:d2:76:ac:fc:1b:69:50:42:a6:ab:
ad:b2:c5:a1:e8:79:a4:86:3b:fb:73:18:7d:de:4b:
2d:37:54:e7:ad:1c:4f:36:bc:dd:cd:b1:9e:86:26:
ed:e4:87:b1:29:68:fc:4c:67:c1:63:55:5d:be:4c:
10:d3:37:2d:6a:2b:67:da:88:da:4b:6e:2c:1a:27:
9f:e2:d8:e5:27:8b:d2:a3:db:52:5e:13:56:92:9c:
4f:9d:08:06:1e:87:21:70:d4:b6:7a:95:e0:2d:86:
6d:32:af:b2:bc:e3:6c:59:df:4e:a7:de:00:9d:2f:
22:69:89:20:b1:4d:55:4e:cf:17:8c:61:52:3a:c1:
64:67:41:04:fa:f6:b5:d3:b4:b5:30:c7:1e:91:f9:
b5:c2:2b:5f:e3:56:63:95:34:3d:6f:a8:88:6a:7d:
17:ee:48:a0:a5:fc:81:e6:69:03:43:9c:b7:f0:01:
16:64:16:57:a3:07:b5:e8:74:ac:9c:1a:f1:7d:d5:
61:17:30:f6:05:3d:45:1f:21:02:ff:20:fe:8f:2a:
93:61:ac:60:e3:ec:3d:ab:e8:7b:20:42:bc:31:c8:
f3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:40:D2:A8:2F:C7:38:34:9D:65:F0:D8:E6:52:1D:2E:17:0E:95:9A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nEDSqC_HODSdZfDY5lIdLhcOlZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.71.0/24
163.5.108.0/24
163.5.134.0/24
163.5.189.0/24
163.5.192.0/24
163.5.228.0/24
163.5.238.0/24
Signature Algorithm: sha256WithRSAEncryption
57:42:21:fe:4e:86:48:e0:a2:fb:ba:64:2e:e4:af:7e:6e:8e:
b4:d9:e2:df:d1:88:d7:19:05:e0:27:76:52:75:9a:e8:bf:ba:
e5:16:5d:35:62:a8:f1:dd:5e:f0:38:62:7b:40:d7:43:e3:05:
42:d5:1a:a4:88:98:38:4c:1d:9e:20:73:94:00:ca:73:7c:95:
fd:5d:5e:a6:9a:01:7e:d7:ff:3b:82:ad:cb:db:98:97:6b:7b:
55:ca:d0:4c:8d:f8:8e:33:f7:28:18:a8:71:39:3b:f1:ad:a0:
d5:fe:b6:60:45:79:65:64:10:8a:26:11:e2:db:97:da:9f:18:
19:e2:89:8b:7c:32:fd:5c:ed:28:77:6c:b7:06:ce:b7:89:b7:
0c:6a:36:f2:1e:4e:ac:86:b5:70:80:17:4f:37:ba:f3:ac:67:
20:5b:13:c5:c2:1c:45:78:5d:20:3d:32:6b:4f:b9:62:0c:f8:
88:3f:0d:6f:3c:3b:42:b0:55:97:97:d3:33:81:56:4c:34:40:
80:0f:a6:de:f1:7b:c6:99:a6:1e:44:56:1b:02:a0:64:64:f2:
79:c8:89:60:68:18:7d:6f:0c:6a:b4:ee:a8:ad:d1:0d:9b:55:
59:25:ff:29:ac:40:91:0e:ed:49:b4:01:7a:b9:96:84:2e:8d:
4e:55:0e:31
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYdh0CIFAeWw7x69yO7+ZUppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDA4MTcwMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQwZDJhODJmYzczODM0OWQ2NWYwZDhlNjUyMWQyZTE3MGU5NTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5Zu2rbmj7+twOSu2UTNf1sAN5m5
H5HKNZhbSWSFHPColNJ2rPwbaVBCpqutssWh6Hmkhjv7cxh93kstN1TnrRxPNrzd
zbGehibt5IexKWj8TGfBY1VdvkwQ0zctaitn2ojaS24sGief4tjlJ4vSo9tSXhNW
kpxPnQgGHochcNS2epXgLYZtMq+yvONsWd9Op94AnS8iaYkgsU1VTs8XjGFSOsFk
Z0EE+va107S1MMcekfm1witf41ZjlTQ9b6iIan0X7kigpfyB5mkDQ5y38AEWZBZX
owe16HSsnBrxfdVhFzD2BT1FHyEC/yD+jyqTYaxg4+w9q+h7IEK8Mcjz3wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJxA0qgvxzg0nWXw2OZSHS4XDpWaMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbkVEU3FDX0hPRFNkWmZEWTVsSWRMaGNPbFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowVHAwQA
owVsAwQAowWGAwQAowW9AwQAowXAAwQAowXkAwQAowXuMA0GCSqGSIb3DQEBCwUA
A4IBAQBXQiH+ToZI4KL7umQu5K9+bo602eLf0YjXGQXgJ3ZSdZrov7rlFl01Yqjx
3V7wOGJ7QNdD4wVC1RqkiJg4TB2eIHOUAMpzfJX9XV6mmgF+1/87gq3L25iXa3tV
ytBMjfiOM/coGKhxOTvxraDV/rZgRXllZBCKJhHi25fanxgZ4omLfDL9XO0od2y3
Bs63ibcMajbyHk6shrVwgBdPN7rzrGcgWxPFwhxFeF0gPTJrT7liDPiIPw1vPDtC
sFWXl9MzgVZMNECAD6be8XvGmaYeRFYbAqBkZPJ5yIlgaBh9bwxqtO6ordENm1VZ
Jf8prECRDu1JtAF6uZaELo1OVQ4x
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org