Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/onGpE83iZ9ifU0Ej1pd009SBZt8.roa
File: onGpE83iZ9ifU0Ej1pd009SBZt8.roa (raw, json)
Hash identifier: 208E8PIt8djNG+ALlAZI7s8o3XCLrH5cX0UZ2msHiHo=
Subject key identifier: A2:71:A9:13:CD:E2:67:D8:9F:53:41:23:D6:97:74:D3:D4:81:66:DF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042C699BD567278E9E39AA00143DACA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/onGpE83iZ9ifU0Ej1pd009SBZt8.roa
Signing time: Mon 02 Jan 2023 02:15:02 +0000
ROA not before: Mon 02 Jan 2023 02:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.100.0/24 maxlen: 24
163.5.107.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.239.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.210.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.222.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:c6:99:bd:56:72:78:e9:e3:9a:a0:01:43:da:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a271a913cde267d89f534123d69774d3d48166df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:14:7f:e0:f8:85:33:39:ce:9d:c6:77:0f:c5:
8f:96:51:0d:61:26:a1:c8:56:9c:e0:9d:4b:f4:fc:
52:1d:93:82:eb:0e:5f:5a:38:ec:ff:ed:bd:fb:bb:
55:00:4f:59:ee:cd:c0:b0:db:82:d2:8a:2b:c2:39:
4e:f0:b6:28:9a:d5:7c:6a:99:90:be:88:ad:58:c0:
63:00:1e:3f:8e:48:59:dc:79:cd:82:2f:a0:e8:a1:
9c:8f:a9:4a:fd:e0:e4:b1:57:93:02:38:71:b8:5f:
b9:c5:e8:6a:ce:44:40:0a:6c:a6:3a:53:87:ea:e3:
4d:99:b6:f1:a7:9c:8c:00:6d:a1:0d:bc:69:1a:cc:
6d:f8:24:48:2e:b4:f9:36:2f:45:e0:82:97:36:64:
54:df:88:29:f1:ea:d4:a4:5e:fd:47:57:79:a3:8c:
08:19:a2:06:e8:f5:e7:95:54:91:cb:6f:97:27:56:
fb:22:54:c9:58:cc:22:3a:48:7b:0c:0c:c2:61:32:
0a:4c:da:52:9e:50:f9:61:a1:94:ab:fe:26:02:8b:
05:d6:7a:65:19:2d:ba:0e:2d:e0:fb:d9:89:d5:7f:
0d:3c:e6:4f:cd:80:2d:8a:02:b1:43:a1:f6:4c:ee:
a1:77:5c:32:9a:05:96:8a:83:2b:d7:9a:c8:85:75:
4c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:71:A9:13:CD:E2:67:D8:9F:53:41:23:D6:97:74:D3:D4:81:66:DF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/onGpE83iZ9ifU0Ej1pd009SBZt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.35.0/24
163.5.100.0/24
163.5.107.0/24
163.5.127.0/24
163.5.132.0/23
163.5.138.0/24
163.5.145.0/24
163.5.158.0/24
163.5.161.0/24
163.5.166.0/24
163.5.202.0/24
163.5.210.0/23
163.5.222.0/24
163.5.226.0/23
163.5.230.0/24
163.5.239.0-163.5.241.255
163.5.244.0/24
163.5.246.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:14:2d:f9:3a:3d:96:ef:73:8f:77:3a:7c:ee:51:2d:61:a5:
3a:56:1c:dc:59:ae:d1:97:5d:bc:32:34:cf:36:81:26:5d:af:
24:be:5e:23:d4:12:9c:dc:bb:18:9a:31:69:04:11:6c:f1:8a:
1a:bf:bb:bd:eb:c5:67:62:98:73:a5:61:20:be:0a:bc:00:d8:
fb:5d:84:c0:e2:cf:af:a7:89:04:29:fe:fa:31:c4:56:19:2a:
4f:0c:5e:1f:fa:79:05:4a:8f:10:59:f9:4c:91:47:85:eb:e6:
7d:a8:5c:6e:38:df:2d:d4:51:8a:8e:24:a1:4d:e1:c2:43:56:
57:65:e5:ce:3b:2d:89:3f:df:8b:2d:b8:39:d1:5d:f1:15:13:
07:98:90:fd:c9:50:1b:79:2f:0d:ff:ba:13:9b:84:29:17:c2:
79:85:24:35:c4:37:7f:69:80:11:a9:48:1a:9d:bd:7b:e4:66:
f4:8e:82:61:6c:84:15:ce:43:e2:61:e4:a2:47:90:fd:e8:d3:
4b:6c:35:ae:3c:98:1b:2b:f5:67:a2:7c:64:b9:bf:53:6b:ab:
e9:2f:68:4b:f5:89:f4:31:21:ad:69:65:f5:43:c5:1e:90:c8:
71:3d:12:57:15:90:59:e4:e2:00:8b:cf:f0:7c:08:57:6e:39:
31:bb:fd:e9
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYVwQsaZvVZyeOnjmqABQ9rKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjcxYTkxM2NkZTI2N2Q4OWY1MzQxMjNkNjk3NzRkM2Q0ODE2NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhR/4PiFMznOncZ3D8WPllENYSah
yFac4J1L9PxSHZOC6w5fWjjs/+29+7tVAE9Z7s3AsNuC0oorwjlO8LYomtV8apmQ
voitWMBjAB4/jkhZ3HnNgi+g6KGcj6lK/eDksVeTAjhxuF+5xehqzkRACmymOlOH
6uNNmbbxp5yMAG2hDbxpGsxt+CRILrT5Ni9F4IKXNmRU34gp8erUpF79R1d5o4wI
GaIG6PXnlVSRy2+XJ1b7IlTJWMwiOkh7DAzCYTIKTNpSnlD5YaGUq/4mAosF1npl
GS26Di3g+9mJ1X8NPOZPzYAtigKxQ6H2TO6hd1wymgWWioMr15rIhXVMrQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFKJxqRPN4mfYn1NBI9aXdNPUgWbfMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvb25HcEU4M2laOWlmVTBFajFwZDAwOVNCWnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAKMF
IwMEAKMFZAMEAKMFawMEAKMFfwMEAaMFhAMEAKMFigMEAKMFkQMEAKMFngMEAKMF
oQMEAKMFpgMEAKMFygMEAaMF0gMEAKMF3gMEAaMF4gMEAKMF5jAMAwQAowXvAwQB
owXwAwQAowX0AwQAowX2AwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQCpFC35Oj2W
73OPdzp87lEtYaU6VhzcWa7Rl128MjTPNoEmXa8kvl4j1BKc3LsYmjFpBBFs8Yoa
v7u968VnYphzpWEgvgq8ANj7XYTA4s+vp4kEKf76McRWGSpPDF4f+nkFSo8QWflM
kUeF6+Z9qFxuON8t1FGKjiShTeHCQ1ZXZeXOOy2JP9+LLbg50V3xFRMHmJD9yVAb
eS8N/7oTm4QpF8J5hSQ1xDd/aYARqUganb175Gb0joJhbIQVzkPiYeSiR5D96NNL
bDWuPJgbK/Vnonxkub9Ta6vpL2hL9Yn0MSGtaWX1Q8UekMhxPRJXFZBZ5OIAi8/w
fAhXbjkxu/3p
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org