Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oirjBfV2S-QgtrIbAURxAUA0HdY.roa
File: oirjBfV2S-QgtrIbAURxAUA0HdY.roa (raw, json)
Hash identifier: tqzQkuUS9asNPcODCA1o+aISkS+0pMvghemkZehQ5Zw=
Subject key identifier: A2:2A:E3:05:F5:76:4B:E4:20:B6:B2:1B:01:44:71:01:40:34:1D:D6
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C2C6CDF050A3445A3CD1EAF01A5C467A7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oirjBfV2S-QgtrIbAURxAUA0HdY.roa
Signing time: Sat 02 Dec 2023 21:26:21 +0000
ROA not before: Sat 02 Dec 2023 21:26:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 163.5.95.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2c:6c:df:05:0a:34:45:a3:cd:1e:af:01:a5:c4:67:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 2 21:26:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a22ae305f5764be420b6b21b0144710140341dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:93:e8:69:57:e2:cd:a3:1f:c8:cc:4f:8b:ea:
58:42:d2:dc:98:83:fc:02:4c:61:a5:64:01:9d:1c:
ee:ac:8b:e2:2f:53:2f:c9:37:22:97:5c:91:0e:8d:
a6:cf:4d:7b:a3:90:90:72:b3:04:c9:43:ec:b4:2f:
6b:b7:5a:e9:cd:b2:47:1b:f1:a1:c2:ee:a7:69:30:
d1:77:ee:46:56:79:ec:90:0d:79:ae:9c:b1:6b:cd:
0d:be:a6:a2:78:9a:ea:a0:c6:e0:01:cb:74:b8:34:
d9:59:d5:d0:eb:53:03:c5:1f:7d:61:98:a3:7b:37:
24:90:f1:90:a5:62:bd:cb:df:ee:21:63:1a:4a:2d:
02:e9:f7:e7:2a:e9:cc:d2:24:aa:5c:d4:be:07:50:
c7:13:ba:c6:58:82:d7:b5:b1:e8:82:c1:42:3d:ff:
c2:ab:be:0e:64:a3:1c:3d:ab:4d:c7:95:d4:13:f4:
20:0c:61:4a:ca:f1:52:cc:a3:26:be:53:2d:8b:57:
8f:2f:25:f5:88:34:b5:25:4e:4f:ae:ec:20:03:2b:
80:5e:40:35:a4:8b:78:76:a6:94:19:0b:ea:bb:7b:
22:a3:54:6a:12:01:8b:0e:62:e9:e4:8a:aa:f1:c3:
7e:f9:b0:f1:f6:a8:1d:d8:ae:dd:ee:1f:81:e0:63:
9d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:2A:E3:05:F5:76:4B:E4:20:B6:B2:1B:01:44:71:01:40:34:1D:D6
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oirjBfV2S-QgtrIbAURxAUA0HdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.36.0/24
163.5.95.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:5a:31:99:3c:fe:44:fe:19:5c:be:1b:62:49:72:7f:4e:3c:
e7:f6:6b:1c:34:e3:18:fd:da:b5:58:dd:76:8e:3f:b3:56:6f:
99:6d:cb:f5:08:04:cd:35:cd:58:d5:a7:41:38:96:fe:f6:f6:
9b:d7:60:3b:0b:04:f8:96:20:8c:93:67:57:0e:a0:d0:30:74:
a4:aa:7d:f1:aa:6d:38:08:37:11:1e:92:a4:f5:77:c6:3f:50:
0a:5c:65:d0:e0:a6:5e:45:b6:df:56:3d:21:b1:62:6b:af:cd:
f1:9c:0e:37:2e:59:d4:60:cb:3b:f3:7e:17:f5:f5:ac:a2:7b:
d4:19:df:6c:e0:b1:78:f9:2c:b8:a5:f6:60:0a:86:8b:57:2f:
36:e4:9a:ba:fd:8a:85:08:31:0c:43:11:bb:8b:8f:bb:f3:35:
d7:a4:bd:b9:33:3d:ef:53:fd:35:18:66:3a:6e:50:b0:4a:d5:
0c:ab:b2:23:9a:ec:13:e3:bf:82:0d:24:cd:4f:3d:a2:c0:94:
ec:d8:70:32:10:0a:98:2a:b0:11:6c:d9:19:7d:c3:e8:dc:0d:
e3:ce:d9:4a:b4:38:3a:94:f9:ca:91:24:29:d1:86:f6:fb:aa:
62:85:60:d0:27:58:09:89:8a:23:77:b7:ff:95:16:ae:62:3d:
cf:b9:77:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwsbN8FCjRFo80erwGlxGenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjAyMjEyNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjJhZTMwNWY1NzY0YmU0MjBiNmIyMWIwMTQ0NzEwMTQwMzQxZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJPoaVfizaMfyMxPi+pYQtLcmIP8
AkxhpWQBnRzurIviL1MvyTcil1yRDo2mz017o5CQcrMEyUPstC9rt1rpzbJHG/Gh
wu6naTDRd+5GVnnskA15rpyxa80NvqaieJrqoMbgAct0uDTZWdXQ61MDxR99YZij
ezckkPGQpWK9y9/uIWMaSi0C6ffnKunM0iSqXNS+B1DHE7rGWILXtbHogsFCPf/C
q74OZKMcPatNx5XUE/QgDGFKyvFSzKMmvlMti1ePLyX1iDS1JU5PruwgAyuAXkA1
pIt4dqaUGQvqu3sio1RqEgGLDmLp5Iqq8cN++bDx9qgd2K7d7h+B4GOddwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIq4wX1dkvkILayGwFEcQFANB3WMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvb2lyakJmVjJTLVFndHJJYkFVUnhBVUEwSGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowUkAwQA
owVfMA0GCSqGSIb3DQEBCwUAA4IBAQC0WjGZPP5E/hlcvhtiSXJ/Tjzn9mscNOMY
/dq1WN12jj+zVm+Zbcv1CATNNc1Y1adBOJb+9vab12A7CwT4liCMk2dXDqDQMHSk
qn3xqm04CDcRHpKk9XfGP1AKXGXQ4KZeRbbfVj0hsWJrr83xnA43LlnUYMs7834X
9fWsonvUGd9s4LF4+Sy4pfZgCoaLVy825Jq6/YqFCDEMQxG7i4+78zXXpL25Mz3v
U/01GGY6blCwStUMq7IjmuwT47+CDSTNTz2iwJTs2HAyEAqYKrARbNkZfcPo3A3j
ztlKtDg6lPnKkSQp0Yb2+6pihWDQJ1gJiYojd7f/lRauYj3PuXeA
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org