Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oxhLIaXb-7LHLJ3aRdyHcgzGf0A.roa
File: oxhLIaXb-7LHLJ3aRdyHcgzGf0A.roa (raw, json)
Hash identifier: OD2yUkEQsr1G3XV47bDcdYab9GMXlmPmB36YiEQN7LA=
Subject key identifier: A3:18:4B:21:A5:DB:FB:B2:C7:2C:9D:DA:45:DC:87:72:0C:C6:7F:40
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0187B844172542383CF1F176D7EB0C4E7922
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oxhLIaXb-7LHLJ3aRdyHcgzGf0A.roa
Signing time: Tue 25 Apr 2023 11:54:42 +0000
ROA not before: Tue 25 Apr 2023 11:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 163.5.91.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:44:17:25:42:38:3c:f1:f1:76:d7:eb:0c:4e:79:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 25 11:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3184b21a5dbfbb2c72c9dda45dc87720cc67f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:33:da:7c:00:1b:ee:b2:42:4c:0c:c6:a6:e2:
80:4d:3f:43:d8:5f:33:8c:9e:17:de:ca:8a:25:0a:
b8:8d:3f:f2:d7:3c:3a:2e:5a:23:01:3a:43:b3:6c:
59:d0:77:34:33:f1:c5:2e:e9:b7:8d:37:99:47:3a:
78:83:88:ed:d4:5e:62:6d:54:ad:89:2d:e7:81:ab:
e2:0e:45:87:23:03:50:d1:32:68:26:f1:bf:ec:c7:
84:1f:f4:f4:27:31:c8:28:c6:2a:48:53:7f:48:af:
b8:24:fc:fc:e0:84:59:0e:74:c4:da:d7:d1:34:b5:
44:a1:39:5b:95:e4:a5:a3:b1:09:f1:00:7e:90:34:
29:5d:ef:da:a4:71:8e:43:c7:b1:b8:9d:bd:54:74:
74:d8:f6:c3:d8:f8:f2:a7:81:4b:d3:3c:8a:c8:80:
28:62:ea:92:94:7d:3d:0d:63:7a:57:f1:b3:0d:79:
e1:9f:3a:79:3c:7b:6a:9b:91:35:4c:be:3c:fa:9f:
80:cd:e7:f5:28:ab:28:5b:00:53:33:9d:15:b4:31:
1e:2f:db:08:3f:11:a4:f4:1e:2d:7d:b4:58:1a:ec:
52:dd:a7:98:6c:7b:4e:16:c5:e7:6d:43:e5:42:a7:
cd:a1:c0:9e:6c:d9:f7:e7:8f:ab:fe:21:94:bf:e4:
a6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:18:4B:21:A5:DB:FB:B2:C7:2C:9D:DA:45:DC:87:72:0C:C6:7F:40
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oxhLIaXb-7LHLJ3aRdyHcgzGf0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.39.0/24
163.5.91.0/24
163.5.97.0/24
Signature Algorithm: sha256WithRSAEncryption
60:15:ef:13:95:8c:54:4f:71:7b:cb:71:53:f1:89:d9:d8:43:
55:10:5c:6d:5a:0c:ce:72:ca:11:dc:5d:d8:7d:28:c5:d2:5f:
ad:1f:82:eb:fe:ff:c2:0d:3a:00:db:a3:0f:7e:8e:4e:e2:18:
b8:ba:b0:41:19:a5:72:a9:60:06:f1:e4:14:9b:0c:6a:cd:88:
9b:ae:83:3a:c0:83:d0:b5:dc:45:5f:dd:df:91:b5:08:ed:80:
92:e6:8e:a3:c9:e7:96:bc:d6:b8:f7:19:1d:5d:26:7a:8c:ad:
4b:f1:d9:08:a6:90:ac:99:f6:25:79:60:7b:8c:d7:8d:2c:ae:
ed:81:1a:6c:d7:bf:59:f0:aa:50:fc:3b:d7:7f:a5:51:93:07:
4a:09:98:6b:0d:2a:7c:8b:a9:ad:e0:e1:d6:9c:60:a9:4e:ef:
72:1c:55:26:6e:39:35:c8:97:eb:0a:dd:00:3a:dd:17:5c:30:
34:0a:1d:f6:fe:8a:44:8d:a0:2a:97:27:b4:05:9d:87:d3:01:
58:78:f3:40:a8:8e:c0:e4:bd:f6:91:09:36:39:50:38:fb:9b:
38:21:19:aa:1f:c5:e9:ec:f8:e7:bb:5d:dd:26:20:29:f3:68:
c3:d1:c5:3b:f8:c9:ee:f9:d8:ef:34:8b:d6:90:5e:cd:8e:16:
d4:3d:54:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYe4RBclQjg88fF21+sMTnkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDI1MTE1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzE4NGIyMWE1ZGJmYmIyYzcyYzlkZGE0NWRjODc3MjBjYzY3ZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjPafAAb7rJCTAzGpuKATT9D2F8z
jJ4X3sqKJQq4jT/y1zw6LlojATpDs2xZ0Hc0M/HFLum3jTeZRzp4g4jt1F5ibVSt
iS3ngaviDkWHIwNQ0TJoJvG/7MeEH/T0JzHIKMYqSFN/SK+4JPz84IRZDnTE2tfR
NLVEoTlbleSlo7EJ8QB+kDQpXe/apHGOQ8exuJ29VHR02PbD2Pjyp4FL0zyKyIAo
YuqSlH09DWN6V/GzDXnhnzp5PHtqm5E1TL48+p+Azef1KKsoWwBTM50VtDEeL9sI
PxGk9B4tfbRYGuxS3aeYbHtOFsXnbUPlQqfNocCebNn354+r/iGUv+SmZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKMYSyGl2/uyxyyd2kXch3IMxn9AMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvb3hoTElhWGItN0xITEozYVJkeUhjZ3pHZjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUiAwQA
owUnAwQAowVbAwQAowVhMA0GCSqGSIb3DQEBCwUAA4IBAQBgFe8TlYxUT3F7y3FT
8YnZ2ENVEFxtWgzOcsoR3F3YfSjF0l+tH4Lr/v/CDToA26MPfo5O4hi4urBBGaVy
qWAG8eQUmwxqzYibroM6wIPQtdxFX93fkbUI7YCS5o6jyeeWvNa49xkdXSZ6jK1L
8dkIppCsmfYleWB7jNeNLK7tgRps179Z8KpQ/DvXf6VRkwdKCZhrDSp8i6mt4OHW
nGCpTu9yHFUmbjk1yJfrCt0AOt0XXDA0Ch32/opEjaAqlye0BZ2H0wFYePNAqI7A
5L32kQk2OVA4+5s4IRmqH8Xp7Pjnu13dJiAp82jD0cU7+Mnu+djvNIvWkF7NjhbU
PVQV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:22 2023 by rpki-client on console-fra.rpki-client.org