Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/o8fOpirO7S3Tocxa5aBrNNrm-7k.roa
File: o8fOpirO7S3Tocxa5aBrNNrm-7k.roa (raw, json)
Hash identifier: yuPp4aNDGwq/u898iCB0K3kmXm+8q1f08zWk4zI1ADY=
Subject key identifier: A3:C7:CE:A6:2A:CE:ED:2D:D3:A1:CC:5A:E5:A0:6B:34:DA:E6:FB:B9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188A72271C63B02E992A995297A1F8594AE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/o8fOpirO7S3Tocxa5aBrNNrm-7k.roa
Signing time: Sat 10 Jun 2023 21:07:12 +0000
ROA not before: Sat 10 Jun 2023 21:07:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 163.5.105.0/24 maxlen: 24
163.5.32.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a7:22:71:c6:3b:02:e9:92:a9:95:29:7a:1f:85:94:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 10 21:07:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3c7cea62aceed2dd3a1cc5ae5a06b34dae6fbb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1e:57:2a:8c:4c:57:db:e6:dd:a2:46:f8:99:
be:c4:39:d7:e3:89:11:c0:fb:74:15:c7:26:71:7c:
38:75:ff:09:80:1e:bd:51:8d:96:d2:06:7c:db:ec:
21:f0:c5:4e:c7:22:c2:26:62:1d:3e:3d:f3:78:19:
42:78:5b:0b:ca:15:e0:ae:56:57:ef:ac:3b:07:0a:
23:7a:30:e5:b0:66:ae:4a:e8:be:64:3f:63:bf:4b:
62:ef:cb:87:db:40:90:25:5a:d1:3b:83:63:ff:54:
cc:85:4c:f0:29:a7:98:69:37:9b:fa:13:b9:e9:eb:
a0:14:bb:57:30:59:ae:43:f5:9e:9c:af:a0:bf:31:
21:be:82:be:5c:8f:d6:55:09:0a:47:a2:8a:27:d9:
3f:b0:43:19:8e:e6:c8:0e:18:56:8b:6b:0f:8b:44:
9f:27:2f:b5:3f:21:24:27:e8:e4:77:66:ed:24:cb:
71:f3:69:dc:6f:74:6e:27:b3:9f:5c:93:b3:68:cc:
97:fa:97:5d:ee:c0:0b:b0:44:e2:37:11:b8:7f:47:
71:28:24:1f:08:b8:d6:0a:ce:54:34:d4:e2:13:0a:
60:67:77:3e:0a:7f:2d:d0:dd:1c:68:6a:ce:2e:78:
b3:74:74:f5:40:d0:60:40:ef:21:24:85:dd:06:91:
83:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C7:CE:A6:2A:CE:ED:2D:D3:A1:CC:5A:E5:A0:6B:34:DA:E6:FB:B9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/o8fOpirO7S3Tocxa5aBrNNrm-7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.105.0/24
163.5.159.0/24
163.5.168.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:08:9e:7b:7f:5e:d9:0f:8b:fe:93:40:94:dc:7b:40:1e:73:
e9:b6:c3:dd:df:8e:ae:52:14:a6:15:c5:a5:9e:51:ed:98:da:
37:b1:9e:65:d1:a8:e2:8a:06:5b:e7:a2:f5:00:bb:6f:be:68:
03:f0:32:a3:8b:fc:72:f8:50:23:aa:0e:bf:be:fa:02:34:4b:
68:9f:ca:cb:3a:64:42:ec:8d:18:74:15:bb:88:09:57:47:7f:
ba:2f:84:f2:f5:15:16:36:f1:aa:40:8e:6c:62:fd:9b:b5:eb:
43:ba:cf:6c:0c:f9:5f:9b:f2:d3:ba:21:77:4f:7c:19:b8:26:
05:39:26:a0:68:ad:e1:a8:75:5a:77:63:48:78:c6:38:8e:9f:
c3:79:66:ca:74:65:62:79:d2:53:fd:d6:ec:44:bd:a3:09:80:
5e:85:7b:bf:b0:93:07:f8:e8:48:e7:a0:57:df:d4:57:73:f8:
a2:21:9f:0b:40:ca:df:d3:8c:c0:5f:35:cc:b9:b5:a3:c0:aa:
07:1a:a0:f3:ea:76:36:e7:7e:ce:26:f5:4d:4c:56:1c:e2:12:
8d:ad:53:ee:cc:cb:e3:03:10:f4:8e:6a:fd:46:5a:e9:59:a5:
e0:30:65:e3:d5:5c:1b:1e:a2:a2:01:52:9f:cd:c1:15:fd:14:
32:09:70:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYinInHGOwLpkqmVKXofhZSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjEwMjEwNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2M3Y2VhNjJhY2VlZDJkZDNhMWNjNWFlNWEwNmIzNGRhZTZmYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB5XKoxMV9vm3aJG+Jm+xDnX44kR
wPt0FccmcXw4df8JgB69UY2W0gZ82+wh8MVOxyLCJmIdPj3zeBlCeFsLyhXgrlZX
76w7BwojejDlsGauSui+ZD9jv0ti78uH20CQJVrRO4Nj/1TMhUzwKaeYaTeb+hO5
6eugFLtXMFmuQ/WenK+gvzEhvoK+XI/WVQkKR6KKJ9k/sEMZjubIDhhWi2sPi0Sf
Jy+1PyEkJ+jkd2btJMtx82ncb3RuJ7OfXJOzaMyX+pdd7sALsETiNxG4f0dxKCQf
CLjWCs5UNNTiEwpgZ3c+Cn8t0N0caGrOLnizdHT1QNBgQO8hJIXdBpGDBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKPHzqYqzu0t06HMWuWgazTa5vu5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbzhmT3Bpck83UzNUb2N4YTVhQnJOTnJtLTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUgAwQA
owVpAwQAowWfAwQAowWoMA0GCSqGSIb3DQEBCwUAA4IBAQBuCJ57f17ZD4v+k0CU
3HtAHnPptsPd346uUhSmFcWlnlHtmNo3sZ5l0ajiigZb56L1ALtvvmgD8DKji/xy
+FAjqg6/vvoCNEton8rLOmRC7I0YdBW7iAlXR3+6L4Ty9RUWNvGqQI5sYv2btetD
us9sDPlfm/LTuiF3T3wZuCYFOSagaK3hqHVad2NIeMY4jp/DeWbKdGViedJT/dbs
RL2jCYBehXu/sJMH+OhI56BX39RXc/iiIZ8LQMrf04zAXzXMubWjwKoHGqDz6nY2
537OJvVNTFYc4hKNrVPuzMvjAxD0jmr9RlrpWaXgMGXj1VwbHqKiAVKfzcEV/RQy
CXCq
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:22 2023 by rpki-client on console-fra.rpki-client.org