Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nZVappyvuMgDMP56aMtw0lK1zws.roa
File: nZVappyvuMgDMP56aMtw0lK1zws.roa (raw, json)
Hash identifier: /xKnV5rPm03SsHnk7QVT3S0w9Mx9ODgsj1+4eq05u54=
Subject key identifier: 9D:95:5A:A6:9C:AF:B8:C8:03:30:FE:7A:68:CB:70:D2:52:B5:CF:0B
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018A11E43F53993FBD3C1E3A4036B6BEDFB7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nZVappyvuMgDMP56aMtw0lK1zws.roa
Signing time: Sun 20 Aug 2023 07:41:25 +0000
ROA not before: Sun 20 Aug 2023 07:41:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 163.5.194.0/24 maxlen: 24
163.5.197.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:11:e4:3f:53:99:3f:bd:3c:1e:3a:40:36:b6:be:df:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 20 07:41:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d955aa69cafb8c80330fe7a68cb70d252b5cf0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:4a:4f:b4:51:5d:20:dc:b9:8c:d3:d8:ba:
78:a0:24:d3:1f:24:dc:44:43:32:06:8f:7a:e9:80:
92:78:6f:74:9b:e8:75:34:66:37:69:91:b0:ef:cb:
7e:6d:8d:4c:44:e7:8a:47:56:4d:6c:0f:2e:3d:a1:
79:9c:37:0c:45:73:f5:9d:76:28:e9:2a:ad:b2:03:
f1:c4:d9:04:0c:48:32:b5:6b:e2:35:7f:0e:7a:26:
10:30:4b:10:aa:2c:58:70:d4:a3:61:aa:ab:09:33:
f3:e5:4c:ab:26:c4:f3:18:06:6e:88:06:94:2e:95:
f8:14:4d:fc:16:38:97:62:3a:cb:37:25:b2:c2:f0:
c5:03:c6:d4:c8:a8:14:b5:58:ed:68:52:99:59:8a:
1c:72:a3:ad:37:e0:e4:b3:cc:9c:16:74:5c:ea:1b:
66:b7:4b:0c:97:31:41:8c:f3:12:dd:48:6d:d3:14:
ff:db:ac:01:d6:c9:50:32:c3:2b:45:3c:c9:83:6a:
b0:e7:ce:77:c0:97:40:67:c9:b8:71:69:0f:55:5f:
6b:a7:92:15:cb:78:ac:20:85:3c:22:a0:27:03:2f:
94:ec:d4:5c:af:e8:a0:a8:2d:1d:37:eb:74:32:3b:
d6:6d:da:41:54:b3:b6:b1:1e:ef:a9:b7:a1:83:1d:
84:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:95:5A:A6:9C:AF:B8:C8:03:30:FE:7A:68:CB:70:D2:52:B5:CF:0B
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nZVappyvuMgDMP56aMtw0lK1zws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.129.0/24
163.5.194.0/24
163.5.197.0/24
Signature Algorithm: sha256WithRSAEncryption
52:ca:c1:98:61:1a:21:cc:45:6d:42:b7:d4:2d:62:e2:f6:f6:
0f:d7:12:45:ab:bb:ce:ad:f5:e1:e4:21:77:c9:44:da:02:8d:
a7:03:69:04:d7:e9:90:a9:b8:b3:7a:38:b9:75:be:95:ef:ed:
4f:aa:05:a5:3a:7b:16:ef:e7:c8:1d:f1:81:1c:38:64:3f:8d:
9b:ea:ed:cb:03:7f:eb:19:44:3c:97:cc:6a:2b:72:e9:98:6e:
4b:7b:d3:89:d6:77:f4:6e:ab:c6:41:a9:46:94:8a:ae:be:49:
8a:cb:d4:27:42:10:fe:93:c2:51:e8:7e:e8:7f:3c:33:0f:64:
92:a0:b1:0a:59:52:ce:a0:96:f3:2b:ad:f6:cd:85:75:cc:a5:
55:4b:72:57:7e:fc:cf:fd:bf:5d:57:64:0c:9d:4e:e3:bf:9b:
b1:1a:ff:03:72:59:4b:bd:3e:96:d4:d1:26:67:a0:dc:ce:50:
7f:40:66:54:cd:14:eb:76:c4:24:27:cc:cf:d2:31:84:9e:d9:
ac:fd:1f:ee:9d:03:59:14:21:9b:5d:ee:a2:54:38:8f:c0:6b:
98:06:88:ae:e4:d9:53:8c:03:bb:3d:2f:04:09:e4:b7:13:cc:
cd:3d:35:17:ed:80:f0:04:20:96:eb:a9:af:60:0e:62:48:3f:
27:2c:d8:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoR5D9TmT+9PB46QDa2vt+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwODIwMDc0MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk1NWFhNjljYWZiOGM4MDMzMGZlN2E2OGNiNzBkMjUyYjVjZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGJKT7RRXSDcuYzT2Lp4oCTTHyTc
REMyBo966YCSeG90m+h1NGY3aZGw78t+bY1MROeKR1ZNbA8uPaF5nDcMRXP1nXYo
6SqtsgPxxNkEDEgytWviNX8OeiYQMEsQqixYcNSjYaqrCTPz5UyrJsTzGAZuiAaU
LpX4FE38FjiXYjrLNyWywvDFA8bUyKgUtVjtaFKZWYoccqOtN+Dks8ycFnRc6htm
t0sMlzFBjPMS3Uht0xT/26wB1slQMsMrRTzJg2qw5853wJdAZ8m4cWkPVV9rp5IV
y3isIIU8IqAnAy+U7NRcr+igqC0dN+t0MjvWbdpBVLO2sR7vqbehgx2EiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ2VWqacr7jIAzD+emjLcNJStc8LMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvblpWYXBweXZ1TWdETVA1NmFNdHcwbEsxendzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWBAwQA
owXCAwQAowXFMA0GCSqGSIb3DQEBCwUAA4IBAQBSysGYYRohzEVtQrfULWLi9vYP
1xJFq7vOrfXh5CF3yUTaAo2nA2kE1+mQqbizeji5db6V7+1PqgWlOnsW7+fIHfGB
HDhkP42b6u3LA3/rGUQ8l8xqK3LpmG5Le9OJ1nf0bqvGQalGlIquvkmKy9QnQhD+
k8JR6H7ofzwzD2SSoLEKWVLOoJbzK632zYV1zKVVS3JXfvzP/b9dV2QMnU7jv5ux
Gv8DcllLvT6W1NEmZ6DczlB/QGZUzRTrdsQkJ8zP0jGEntms/R/unQNZFCGbXe6i
VDiPwGuYBoiu5NlTjAO7PS8ECeS3E8zNPTUX7YDwBCCW66mvYA5iSD8nLNiY
-----END CERTIFICATE-----
Generated at Thu Aug 24 21:17:40 2023 by rpki-client on console-ams.rpki-client.org