Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pK2lsM2lBOByKZKTC2-IlDQcmh0.roa
File: pK2lsM2lBOByKZKTC2-IlDQcmh0.roa (raw, json)
Hash identifier: DCgacpX81a71YKIxcWhGe0IjXfDDGbDtKOJRuGE3Jns=
Subject key identifier: A4:AD:A5:B0:CD:A5:04:E0:72:29:92:93:0B:6F:88:94:34:1C:9A:1D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042D141D5659940A4D2667DF9AC07A9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pK2lsM2lBOByKZKTC2-IlDQcmh0.roa
Signing time: Mon 02 Jan 2023 02:15:05 +0000
ROA not before: Mon 02 Jan 2023 02:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399486
IP address blocks: 163.5.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Mar 2023 11:54:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:d1:41:d5:65:99:40:a4:d2:66:7d:f9:ac:07:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4ada5b0cda504e0722992930b6f8894341c9a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7c:e5:b2:86:75:2d:0f:cb:51:cf:b4:b4:2b:
3d:1e:5f:2f:19:26:1b:c9:20:c0:22:d4:7e:32:5d:
94:e2:c1:f4:42:41:49:9a:c5:ee:a6:56:9c:25:5d:
7b:2b:34:00:d9:34:96:cd:62:37:70:13:03:9e:a5:
b1:4c:0b:65:bd:65:51:6d:23:5d:0a:12:16:b0:d7:
f9:21:f8:c5:f8:db:11:64:a4:b7:d6:85:db:8b:ac:
b5:f3:92:e0:1b:19:bf:b1:f4:08:ea:78:cb:a1:b3:
b4:1d:67:63:13:2d:09:97:91:ac:17:1e:cb:03:1c:
43:23:e9:9c:90:c7:94:4f:21:88:4a:33:25:d9:70:
ca:a6:54:4b:27:12:5b:73:71:1f:bf:b1:cc:68:27:
b0:48:bf:2e:7b:58:df:16:ed:c9:c3:88:27:f8:8f:
6e:79:76:03:eb:fb:cf:60:f5:cb:fb:a7:67:90:66:
d2:c3:e7:0c:32:37:4e:de:ee:2a:bb:6a:c9:fe:2e:
7f:b8:8c:29:b9:35:04:0c:6d:41:30:b7:4b:1e:ae:
79:72:ab:3a:66:c0:e2:b2:7c:a5:35:df:19:77:5c:
56:71:46:db:d9:e1:02:92:74:f4:f0:de:cc:28:e5:
75:ce:67:fe:59:ab:5e:fd:4f:57:eb:25:ff:f0:fa:
40:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AD:A5:B0:CD:A5:04:E0:72:29:92:93:0B:6F:88:94:34:1C:9A:1D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pK2lsM2lBOByKZKTC2-IlDQcmh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.160.0/24
Signature Algorithm: sha256WithRSAEncryption
35:f9:18:12:8a:a8:11:87:74:61:fe:ac:37:11:88:ac:45:db:
7d:37:e4:6f:cb:c5:62:b3:32:d1:7a:ba:41:db:43:0d:bd:34:
a4:e9:a1:e6:c3:87:39:91:74:bd:c3:7f:24:85:f2:ee:a4:c2:
3d:48:82:fc:f1:4c:59:75:50:8b:7f:7f:33:ea:9d:2e:04:03:
73:66:25:98:ef:17:13:25:47:11:1b:d8:4f:bf:56:41:9a:f0:
30:a1:30:38:75:44:bb:2d:af:4c:f3:5d:3d:8c:64:af:5e:16:
5f:4a:45:e3:a8:ff:8a:d9:d9:f1:ca:6a:ab:30:54:30:6f:88:
76:c5:1c:cd:56:4d:88:0f:9e:b5:06:f8:a0:d6:fb:86:c7:d8:
a8:d0:f8:aa:c4:62:2c:6f:cb:f5:99:db:12:bc:ef:4e:fd:6f:
ee:52:d3:9d:f3:28:92:25:12:82:34:61:72:29:6e:b5:fb:3c:
90:a9:16:0c:ef:21:ac:77:70:9e:fd:a3:8c:28:d4:4b:f3:e1:
77:aa:bf:60:9f:63:03:e6:bc:b9:6b:83:39:fa:6d:97:11:a5:
cc:79:bf:23:30:1e:fe:ca:91:32:9a:43:4d:81:ca:62:4d:05:
fa:d7:7b:ed:d6:26:71:d1:81:3a:15:38:c9:5c:88:1a:30:c0:
50:2d:49:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQtFB1WWZQKTSZn35rAepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGFkYTViMGNkYTUwNGUwNzIyOTkyOTMwYjZmODg5NDM0MWM5YTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnzlsoZ1LQ/LUc+0tCs9Hl8vGSYb
ySDAItR+Ml2U4sH0QkFJmsXuplacJV17KzQA2TSWzWI3cBMDnqWxTAtlvWVRbSNd
ChIWsNf5IfjF+NsRZKS31oXbi6y185LgGxm/sfQI6njLobO0HWdjEy0Jl5GsFx7L
AxxDI+mckMeUTyGISjMl2XDKplRLJxJbc3Efv7HMaCewSL8ue1jfFu3Jw4gn+I9u
eXYD6/vPYPXL+6dnkGbSw+cMMjdO3u4qu2rJ/i5/uIwpuTUEDG1BMLdLHq55cqs6
ZsDisnylNd8Zd1xWcUbb2eECknT08N7MKOV1zmf+Wate/U9X6yX/8PpAPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKStpbDNpQTgcimSkwtviJQ0HJodMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcEsybHNNMmxCT0J5S1pLVEMyLUlsRFFjbWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWgMA0G
CSqGSIb3DQEBCwUAA4IBAQA1+RgSiqgRh3Rh/qw3EYisRdt9N+Rvy8ViszLRerpB
20MNvTSk6aHmw4c5kXS9w38khfLupMI9SIL88UxZdVCLf38z6p0uBANzZiWY7xcT
JUcRG9hPv1ZBmvAwoTA4dUS7La9M8109jGSvXhZfSkXjqP+K2dnxymqrMFQwb4h2
xRzNVk2ID561Bvig1vuGx9io0PiqxGIsb8v1mdsSvO9O/W/uUtOd8yiSJRKCNGFy
KW61+zyQqRYM7yGsd3Ce/aOMKNRL8+F3qr9gn2MD5ry5a4M5+m2XEaXMeb8jMB7+
ypEymkNNgcpiTQX613vt1iZx0YE6FTjJXIgaMMBQLUl0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org