Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nWzHpoLCgRYLq4o0r_cKBVCURHI.roa
File: nWzHpoLCgRYLq4o0r_cKBVCURHI.roa (raw, json)
Hash identifier: D+lkUrr1XPVWfYNrRnqmYYzH+fpXpcJ94uxAHeDUAXQ=
Subject key identifier: 9D:6C:C7:A6:82:C2:81:16:0B:AB:8A:34:AF:F7:0A:05:50:94:44:72
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042B91E3F7241A1F68E57F28E9F4A80
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nWzHpoLCgRYLq4o0r_cKBVCURHI.roa
Signing time: Mon 02 Jan 2023 02:14:59 +0000
ROA not before: Mon 02 Jan 2023 02:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39120
IP address blocks: 163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:b9:1e:3f:72:41:a1:f6:8e:57:f2:8e:9f:4a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d6cc7a682c281160bab8a34aff70a0550944472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:54:c6:a0:fc:e0:95:3e:b6:da:45:c4:76:87:
46:11:3d:16:aa:b0:5f:8b:49:43:59:48:af:6c:ea:
57:2b:80:5d:ae:b7:d7:37:b2:df:8c:44:89:57:c7:
f6:52:67:0d:dc:bd:fa:e4:33:c9:2c:ac:7d:50:2d:
af:32:5d:5e:0c:4d:21:6c:f8:c4:cf:32:77:25:f9:
2d:2e:dc:56:49:b3:a8:71:87:2e:93:fa:98:84:4e:
0a:a6:fc:7d:7d:9e:a0:6d:bf:cb:51:fa:0d:51:70:
45:96:9f:39:a8:97:e6:f9:74:f7:73:82:08:d4:98:
36:f1:65:6a:3b:0e:2e:03:2b:7f:30:b6:be:cb:cf:
ab:e0:c7:73:bd:f4:a9:ce:47:dc:e1:3d:02:20:f9:
d8:32:e0:98:d6:09:b5:90:f7:f6:5a:7f:09:94:e3:
17:9a:99:25:63:8c:37:68:99:d1:84:5c:1f:d8:6a:
2e:5b:55:4e:ec:df:fa:2c:ff:f5:ac:8d:f5:af:51:
c4:b0:19:4f:2d:e9:e9:72:66:7a:93:75:8f:84:4c:
29:aa:42:aa:54:4f:0b:26:b9:a6:b2:bf:dd:49:4a:
ad:3e:fc:0a:8c:f7:64:b5:8e:6c:1f:ff:66:4b:99:
5f:62:49:af:1e:6a:c6:2b:a9:81:1d:f0:90:a1:27:
cb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6C:C7:A6:82:C2:81:16:0B:AB:8A:34:AF:F7:0A:05:50:94:44:72
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nWzHpoLCgRYLq4o0r_cKBVCURHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.201.0/24
163.5.203.0-163.5.205.255
Signature Algorithm: sha256WithRSAEncryption
73:7d:17:6d:74:10:d7:f0:55:cb:d1:e8:c5:a1:2f:57:5c:96:
9c:dd:bb:e6:00:45:63:c9:64:3a:ab:20:dd:aa:81:38:23:b2:
c8:dc:7b:d9:d8:e7:38:1d:12:5e:39:21:77:e2:80:d2:b1:f1:
4d:b6:76:68:58:4b:76:c0:37:04:d1:9f:16:f0:48:8a:44:c0:
b7:60:7c:21:1f:f6:dd:75:ba:48:62:95:8c:04:20:c5:e3:7d:
80:de:5a:e8:89:22:1b:97:7f:0e:e5:cd:ea:27:39:d6:13:63:
36:fa:34:fb:7f:96:86:18:5c:62:53:fa:f0:63:61:f1:0c:3f:
75:23:fd:23:47:15:59:ec:6d:cb:9f:90:95:54:05:1c:40:8c:
d0:68:0a:e4:7d:f8:70:ec:59:fb:ee:1a:83:d9:ac:1a:02:6b:
53:fe:e1:5f:d6:9d:b0:2c:33:f2:66:a2:2e:c7:75:57:c9:45:
c4:36:60:ee:3e:47:bc:58:d4:16:f3:37:85:6f:12:0f:33:e7:
4b:8c:20:07:b7:cf:7a:ca:5d:55:c2:e6:4d:46:e9:90:11:6d:
a0:50:3f:00:6d:98:1d:cd:fd:44:a6:5c:a3:f4:57:bb:bd:19:
57:8f:fa:72:b4:8a:44:b2:fe:3a:34:fb:7d:53:66:c1:d3:09:
95:0d:a7:b3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVwQrkeP3JBofaOV/KOn0qAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDZjYzdhNjgyYzI4MTE2MGJhYjhhMzRhZmY3MGEwNTUwOTQ0NDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lTGoPzglT622kXEdodGET0WqrBf
i0lDWUivbOpXK4BdrrfXN7LfjESJV8f2UmcN3L365DPJLKx9UC2vMl1eDE0hbPjE
zzJ3JfktLtxWSbOocYcuk/qYhE4Kpvx9fZ6gbb/LUfoNUXBFlp85qJfm+XT3c4II
1Jg28WVqOw4uAyt/MLa+y8+r4MdzvfSpzkfc4T0CIPnYMuCY1gm1kPf2Wn8JlOMX
mpklY4w3aJnRhFwf2GouW1VO7N/6LP/1rI31r1HEsBlPLenpcmZ6k3WPhEwpqkKq
VE8LJrmmsr/dSUqtPvwKjPdktY5sH/9mS5lfYkmvHmrGK6mBHfCQoSfLtQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ1sx6aCwoEWC6uKNK/3CgVQlERyMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbld6SHBvTENnUllMcTRvMHJfY0tCVkNVUkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAowXJMAwD
BACjBcsDBAGjBcwwDQYJKoZIhvcNAQELBQADggEBAHN9F210ENfwVcvR6MWhL1dc
lpzdu+YARWPJZDqrIN2qgTgjssjce9nY5zgdEl45IXfigNKx8U22dmhYS3bANwTR
nxbwSIpEwLdgfCEf9t11ukhilYwEIMXjfYDeWuiJIhuXfw7lzeonOdYTYzb6NPt/
loYYXGJT+vBjYfEMP3Uj/SNHFVnsbcufkJVUBRxAjNBoCuR9+HDsWfvuGoPZrBoC
a1P+4V/WnbAsM/Jmoi7HdVfJRcQ2YO4+R7xY1BbzN4VvEg8z50uMIAe3z3rKXVXC
5k1G6ZARbaBQPwBtmB3N/USmXKP0V7u9GVeP+nK0ikSy/jo0+31TZsHTCZUNp7M=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org