Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qlLnvD1tH-1eH7E_ny3HnAHb0B0.roa
File: qlLnvD1tH-1eH7E_ny3HnAHb0B0.roa (raw, json)
Hash identifier: piOOxJV3JuO2bJD7cvWNbI15tM9FLeK0s3P3WBEWqiM=
Subject key identifier: AA:52:E7:BC:3D:6D:1F:ED:5E:1F:B1:3F:9F:2D:C7:9C:01:DB:D0:1D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01864C3E36BEDF7B53BCE7FFAEC23B9D118B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qlLnvD1tH-1eH7E_ny3HnAHb0B0.roa
Signing time: Mon 13 Feb 2023 19:26:30 +0000
ROA not before: Mon 13 Feb 2023 19:26:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 163.5.186.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4c:3e:36:be:df:7b:53:bc:e7:ff:ae:c2:3b:9d:11:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 13 19:26:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa52e7bc3d6d1fed5e1fb13f9f2dc79c01dbd01d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b5:be:2f:a9:d6:2a:3f:9a:4b:c4:13:18:12:
a6:71:f4:39:e6:70:64:fe:cc:6d:5a:b9:bc:b4:99:
f7:66:2a:7f:c4:a9:e9:92:e6:a4:53:77:77:4f:4f:
c3:a4:b6:d0:e4:b9:5a:8e:58:29:7c:f7:d2:88:c1:
2c:92:ac:1e:92:13:e7:5d:3d:37:79:ac:1d:6c:3c:
b0:27:6b:44:31:a4:73:00:eb:90:4d:f6:d4:6e:16:
80:1c:08:9a:3e:44:fb:ca:17:46:b7:ba:13:e7:f4:
5d:56:36:69:e0:15:6d:df:7d:29:4d:a9:e2:a0:7b:
5d:16:b4:9e:4c:29:ba:b6:f7:37:99:0c:52:b5:50:
1f:7e:27:dd:93:8d:0c:76:64:a8:ea:ba:5e:69:49:
f7:a8:4e:9e:f1:d9:01:a9:55:5f:83:d8:87:55:60:
9f:c4:1f:b8:d6:b8:3e:74:4d:e8:7e:4d:d4:5c:42:
36:35:c1:b8:99:5f:16:98:a1:98:5f:76:d4:03:cf:
f4:88:df:06:aa:0d:53:90:fc:b5:61:a0:a9:8b:2b:
98:1a:78:99:98:5d:bf:cc:7f:23:6c:80:5a:87:f5:
8d:cf:e9:51:ab:f4:5e:a6:3f:8c:73:7c:7f:a1:0a:
47:5d:f9:73:55:79:12:7e:79:6f:5d:1c:19:fd:c1:
cc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:52:E7:BC:3D:6D:1F:ED:5E:1F:B1:3F:9F:2D:C7:9C:01:DB:D0:1D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qlLnvD1tH-1eH7E_ny3HnAHb0B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.94.0/23
163.5.112.0/23
163.5.116.0/24
163.5.135.0/24
163.5.142.0/24
163.5.186.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:58:f2:b9:3d:d8:1c:25:1f:f1:bd:44:74:ca:59:a8:c8:b9:
c4:a6:c4:00:8a:01:52:6e:f3:59:17:c2:aa:a2:b2:22:2e:ab:
ad:26:2b:9f:4a:ac:e8:7e:bf:df:33:a9:24:68:56:46:f6:a4:
27:54:91:18:f9:48:1f:4d:c9:01:da:7e:a5:e9:2b:42:10:f0:
ac:28:c5:e4:e2:74:0f:15:b1:1e:9a:50:68:dc:1c:64:61:9f:
4f:12:ad:06:ca:30:e4:72:eb:f4:a5:35:f3:93:6b:f7:17:8c:
84:10:05:a8:95:fa:6a:29:41:cb:aa:18:b5:de:54:f4:3c:85:
32:01:65:d9:ad:2d:a1:5f:d3:8a:ee:44:e4:57:13:3b:0b:d1:
a4:31:e9:9f:ac:24:62:ea:71:e6:58:37:f5:99:a5:3a:2c:47:
d2:8c:49:12:51:76:68:cf:51:b8:25:2b:8b:f0:45:cf:51:83:
56:f7:a5:36:c2:64:d7:e5:f6:e4:f6:69:75:4e:66:64:c4:93:
75:07:1f:69:7a:b6:e2:a3:9f:25:32:73:5f:83:81:c6:84:14:
7a:e5:46:60:8a:fa:dd:1a:a2:54:82:a2:e6:ef:85:be:e2:b3:
b0:13:1d:95:e3:66:97:b5:d2:8c:8f:aa:35:1d:58:8a:82:18:
97:3c:88:2a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZMPja+33tTvOf/rsI7nRGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMjEzMTkyNjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTUyZTdiYzNkNmQxZmVkNWUxZmIxM2Y5ZjJkYzc5YzAxZGJkMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7W+L6nWKj+aS8QTGBKmcfQ55nBk
/sxtWrm8tJn3Zip/xKnpkuakU3d3T0/DpLbQ5LlajlgpfPfSiMEskqwekhPnXT03
eawdbDywJ2tEMaRzAOuQTfbUbhaAHAiaPkT7yhdGt7oT5/RdVjZp4BVt330pTani
oHtdFrSeTCm6tvc3mQxStVAffifdk40MdmSo6rpeaUn3qE6e8dkBqVVfg9iHVWCf
xB+41rg+dE3ofk3UXEI2NcG4mV8WmKGYX3bUA8/0iN8Gqg1TkPy1YaCpiyuYGniZ
mF2/zH8jbIBah/WNz+lRq/Repj+Mc3x/oQpHXflzVXkSfnlvXRwZ/cHMyQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKpS57w9bR/tXh+xP58tx5wB29AdMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcWxMbnZEMXRILTFlSDdFX255M0huQUhiMEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBowVeAwQB
owVwAwQAowV0AwQAowWHAwQAowWOAwQAowW6MA0GCSqGSIb3DQEBCwUAA4IBAQCy
WPK5PdgcJR/xvUR0ylmoyLnEpsQAigFSbvNZF8KqorIiLqutJiufSqzofr/fM6kk
aFZG9qQnVJEY+UgfTckB2n6l6StCEPCsKMXk4nQPFbEemlBo3BxkYZ9PEq0GyjDk
cuv0pTXzk2v3F4yEEAWolfpqKUHLqhi13lT0PIUyAWXZrS2hX9OK7kTkVxM7C9Gk
MemfrCRi6nHmWDf1maU6LEfSjEkSUXZoz1G4JSuL8EXPUYNW96U2wmTX5fbk9ml1
TmZkxJN1Bx9perbio58lMnNfg4HGhBR65UZgivrdGqJUgqLm74W+4rOwEx2V42aX
tdKMj6o1HViKghiXPIgq
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org