Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/naPTbVvKWQHXv9etbejYlAw9TEU.roa
File: naPTbVvKWQHXv9etbejYlAw9TEU.roa (raw, json)
Hash identifier: ZrqfTA6eT3S4ITBBhk1CzfgvsEIJUJ+l2NqoHYxHh1c=
Subject key identifier: 9D:A3:D3:6D:5B:CA:59:01:D7:BF:D7:AD:6D:E8:D8:94:0C:3D:4C:45
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0189CA3E28CA8DFB45037C765042C069675E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/naPTbVvKWQHXv9etbejYlAw9TEU.roa
Signing time: Sun 06 Aug 2023 09:46:58 +0000
ROA not before: Sun 06 Aug 2023 09:46:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 163.5.70.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.72.0/24 maxlen: 24
163.5.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 12 Aug 2023 21:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ca:3e:28:ca:8d:fb:45:03:7c:76:50:42:c0:69:67:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 6 09:46:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9da3d36d5bca5901d7bfd7ad6de8d8940c3d4c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a2:3f:04:42:99:5d:0e:c1:2d:17:d1:46:ea:
81:90:0e:64:20:87:eb:ef:d8:84:71:6c:4a:04:33:
a0:2d:b1:64:a0:2a:9b:85:21:f0:cf:7c:13:48:6b:
34:88:73:5d:8b:cb:66:33:8c:2a:59:a2:0f:f7:f2:
6c:d4:d5:e0:6b:32:a0:c5:9d:5a:0b:f6:5c:01:0f:
fe:5b:eb:11:2a:2f:6f:44:9c:be:6b:d9:dd:5b:0e:
08:db:0d:9f:5c:ab:5a:d4:fc:b5:1d:fc:b5:79:1b:
0a:2e:9a:79:8e:e5:aa:8b:4f:40:65:54:2d:2c:4d:
cf:01:d5:47:74:e0:79:73:ce:db:61:4a:56:ed:9b:
10:09:10:c0:01:a4:85:76:d9:dc:ba:12:58:a6:6c:
e7:b8:06:06:7b:8b:a7:44:75:cb:a8:5b:04:82:0f:
4b:56:cc:7e:3d:ef:25:0b:04:15:fa:2b:1e:bc:16:
ad:45:f7:59:2b:fe:3e:75:32:cc:d6:38:da:3f:d0:
4b:96:04:ca:3d:74:70:23:02:a9:98:b4:a8:d7:ef:
ae:35:d6:aa:07:ab:ff:22:11:b2:2d:7c:a0:35:85:
5b:ec:3c:0d:3f:89:fa:a1:ba:54:89:a9:8e:da:c4:
d2:15:45:5a:cd:3d:a8:91:4e:da:2b:72:81:f5:ea:
05:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A3:D3:6D:5B:CA:59:01:D7:BF:D7:AD:6D:E8:D8:94:0C:3D:4C:45
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/naPTbVvKWQHXv9etbejYlAw9TEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.70.0/24
163.5.72.0/24
163.5.76.0/23
Signature Algorithm: sha256WithRSAEncryption
17:b7:c8:b9:ae:81:a9:c1:31:f3:59:99:48:96:e3:c8:6f:34:
87:c8:d7:61:e1:e1:ed:52:34:b2:9b:de:d6:1b:6e:ff:ff:86:
27:df:01:e7:1f:ad:23:b6:aa:37:5e:3e:b2:af:d8:83:0a:b9:
35:16:bb:32:27:4e:d7:1c:a2:a8:40:9f:54:19:a8:68:b9:0d:
40:5c:fe:d4:f0:05:57:9b:50:44:04:86:be:c1:12:55:2e:da:
cc:f4:c2:30:2c:ff:a9:f0:ca:fe:f9:89:44:1b:cd:cb:ba:d1:
f5:d9:33:46:7c:fd:41:b9:d1:1a:ba:f9:57:9f:52:d9:d1:ad:
4e:24:69:da:00:10:3e:b8:53:0f:a0:0c:b6:09:c5:d2:d8:9a:
d4:b4:f5:45:3e:07:c0:4e:8b:62:28:f5:66:9d:9a:5a:0b:ee:
8e:52:d1:11:3e:9d:52:ee:0e:5a:b3:e0:25:3a:bb:c9:c5:7b:
03:07:c2:8b:bd:49:dc:a5:ab:c6:b1:cc:f7:80:c1:f8:99:15:
36:b2:a1:8f:11:89:85:d5:c1:2f:6f:2e:38:5a:21:a7:45:e7:
a9:e3:0f:ee:87:b6:d0:a2:aa:f0:e1:76:aa:ca:39:40:e8:4a:
e3:4c:a0:05:ed:7f:b7:f0:f2:b8:ce:47:00:16:ce:58:30:9c:
bc:c3:3c:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnKPijKjftFA3x2UELAaWdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwODA2MDk0NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGEzZDM2ZDViY2E1OTAxZDdiZmQ3YWQ2ZGU4ZDg5NDBjM2Q0YzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKI/BEKZXQ7BLRfRRuqBkA5kIIfr
79iEcWxKBDOgLbFkoCqbhSHwz3wTSGs0iHNdi8tmM4wqWaIP9/Js1NXgazKgxZ1a
C/ZcAQ/+W+sRKi9vRJy+a9ndWw4I2w2fXKta1Py1Hfy1eRsKLpp5juWqi09AZVQt
LE3PAdVHdOB5c87bYUpW7ZsQCRDAAaSFdtncuhJYpmznuAYGe4unRHXLqFsEgg9L
Vsx+Pe8lCwQV+isevBatRfdZK/4+dTLM1jjaP9BLlgTKPXRwIwKpmLSo1++uNdaq
B6v/IhGyLXygNYVb7DwNP4n6obpUiamO2sTSFUVazT2okU7aK3KB9eoFSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ2j021bylkB17/XrW3o2JQMPUxFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbmFQVGJWdktXUUhYdjlldGJlallsQXc5VEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowVGAwQA
owVIAwQBowVMMA0GCSqGSIb3DQEBCwUAA4IBAQAXt8i5roGpwTHzWZlIluPIbzSH
yNdh4eHtUjSym97WG27//4Yn3wHnH60jtqo3Xj6yr9iDCrk1FrsyJ07XHKKoQJ9U
GahouQ1AXP7U8AVXm1BEBIa+wRJVLtrM9MIwLP+p8Mr++YlEG83LutH12TNGfP1B
udEauvlXn1LZ0a1OJGnaABA+uFMPoAy2CcXS2JrUtPVFPgfATotiKPVmnZpaC+6O
UtERPp1S7g5as+AlOrvJxXsDB8KLvUncpavGscz3gMH4mRU2sqGPEYmF1cEvby44
WiGnReep4w/uh7bQoqrw4XaqyjlA6ErjTKAF7X+38PK4zkcAFs5YMJy8wzyo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org