Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/po3i8BWcBqFoboprD9mEm5c2H2I.roa
File: po3i8BWcBqFoboprD9mEm5c2H2I.roa (raw, json)
Hash identifier: amcHA3x5/sLkb0IWNSlmXYqDSbJDGqUwpy/1hAEDlFU=
Subject key identifier: A6:8D:E2:F0:15:9C:06:A1:68:6E:8A:6B:0F:D9:84:9B:97:36:1F:62
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B1D73E2EC287C0D543679768A1885A0C9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/po3i8BWcBqFoboprD9mEm5c2H2I.roa
Signing time: Wed 11 Oct 2023 06:36:55 +0000
ROA not before: Wed 11 Oct 2023 06:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396026
IP address blocks: 163.5.231.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:73:e2:ec:28:7c:0d:54:36:79:76:8a:18:85:a0:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 11 06:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a68de2f0159c06a1686e8a6b0fd9849b97361f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:68:6e:74:01:a2:f0:45:c2:05:1d:79:9c:c5:
0c:32:dc:08:89:c0:71:7c:08:d1:de:40:0a:fa:78:
6d:d5:38:db:38:ee:a2:c0:66:71:10:4b:eb:08:cd:
44:22:6f:ae:5d:3f:61:22:85:fd:59:1c:2d:c1:56:
06:ae:2a:2a:38:64:b5:b9:f7:db:12:25:3b:b4:0c:
72:1c:78:a5:56:1c:c0:bd:f9:5d:38:d2:18:94:9a:
8d:fa:b9:d6:15:c1:2a:94:58:23:db:5b:ed:ed:79:
26:c7:15:58:73:d6:85:0d:12:36:af:be:d4:d5:4b:
47:fb:db:16:17:10:ee:15:a4:f1:f7:d0:1e:18:a3:
0f:da:1b:ba:4a:cc:6f:f3:29:17:ca:60:25:01:98:
92:2c:cc:b1:a9:b7:ed:28:44:c1:cc:cd:a1:15:41:
6b:9c:d5:43:68:5d:68:81:2a:ca:48:a9:46:f8:ca:
a2:69:cf:11:fb:12:66:9d:ed:4d:67:7c:42:0c:b9:
43:a1:de:3f:72:93:54:5c:73:11:a3:fc:34:59:ce:
38:1b:7b:be:4b:24:e2:b7:59:ef:67:7c:2b:35:17:
f6:d3:21:79:25:98:c7:ad:d7:3e:6b:46:7d:5b:72:
00:dc:88:11:88:41:20:10:cd:eb:45:93:b7:a3:f2:
13:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8D:E2:F0:15:9C:06:A1:68:6E:8A:6B:0F:D9:84:9B:97:36:1F:62
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/po3i8BWcBqFoboprD9mEm5c2H2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.231.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:dc:fc:4a:92:95:a6:78:68:bc:be:3a:7c:c5:8a:fe:3c:2b:
ac:f4:2e:ed:f9:fc:75:e7:6c:fc:e2:c9:76:ea:8b:b3:d1:7d:
97:90:0d:a5:ba:2d:85:bc:e6:5e:a5:cd:1e:94:0e:ef:16:fb:
27:e1:71:27:ff:77:1a:1e:0b:5c:6b:d5:53:19:60:05:63:c8:
eb:28:41:72:f0:e7:d5:02:66:00:e8:9b:fe:25:ac:72:43:1a:
3d:a3:b7:19:2b:f6:79:20:76:a4:9e:14:04:ad:c8:be:1f:1f:
ef:7f:37:e9:94:14:7e:99:c2:01:84:8b:f2:51:8e:c2:33:f4:
0b:97:a2:55:45:cc:7f:c7:15:03:2b:f8:dd:d4:09:a6:0c:56:
67:96:5b:6e:2f:46:eb:ce:09:ec:4e:54:b4:a7:19:54:bd:5c:
6d:5b:8c:0b:05:af:ba:18:68:61:54:40:f0:6a:5f:3b:1c:7a:
38:99:b1:5b:1b:c8:90:9a:13:bb:57:eb:9a:70:f1:9e:a4:08:
20:b8:7b:46:a8:7f:39:52:55:96:20:87:94:e4:d7:0d:57:13:
cc:33:d5:40:c9:6a:cd:06:e2:4e:8c:8b:3b:e3:d5:6c:75:40:
7a:71:28:50:4f:3c:1a:f8:65:71:aa:36:b1:f5:8d:e3:28:e7:
fd:1c:01:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsdc+LsKHwNVDZ5dooYhaDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDExMDYzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjhkZTJmMDE1OWMwNmExNjg2ZThhNmIwZmQ5ODQ5Yjk3MzYxZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWhudAGi8EXCBR15nMUMMtwIicBx
fAjR3kAK+nht1TjbOO6iwGZxEEvrCM1EIm+uXT9hIoX9WRwtwVYGrioqOGS1uffb
EiU7tAxyHHilVhzAvfldONIYlJqN+rnWFcEqlFgj21vt7XkmxxVYc9aFDRI2r77U
1UtH+9sWFxDuFaTx99AeGKMP2hu6Ssxv8ykXymAlAZiSLMyxqbftKETBzM2hFUFr
nNVDaF1ogSrKSKlG+Mqiac8R+xJmne1NZ3xCDLlDod4/cpNUXHMRo/w0Wc44G3u+
SyTit1nvZ3wrNRf20yF5JZjHrdc+a0Z9W3IA3IgRiEEgEM3rRZO3o/ITiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKaN4vAVnAahaG6Kaw/ZhJuXNh9iMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcG8zaThCV2NCcUZvYm9wckQ5bUVtNWMySDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXnMA0G
CSqGSIb3DQEBCwUAA4IBAQCM3PxKkpWmeGi8vjp8xYr+PCus9C7t+fx152z84sl2
6ouz0X2XkA2lui2FvOZepc0elA7vFvsn4XEn/3caHgtca9VTGWAFY8jrKEFy8OfV
AmYA6Jv+JaxyQxo9o7cZK/Z5IHaknhQErci+Hx/vfzfplBR+mcIBhIvyUY7CM/QL
l6JVRcx/xxUDK/jd1AmmDFZnlltuL0brzgnsTlS0pxlUvVxtW4wLBa+6GGhhVEDw
al87HHo4mbFbG8iQmhO7V+uacPGepAgguHtGqH85UlWWIIeU5NcNVxPMM9VAyWrN
BuJOjIs749VsdUB6cShQTzwa+GVxqjax9Y3jKOf9HAEu
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org