Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rYnivC2GfoW3yX75jW9YpOdLpe4.roa
File: rYnivC2GfoW3yX75jW9YpOdLpe4.roa (raw, json)
Hash identifier: UAwgsNdo4RMH9hwZA8wpb36sCowP73oapCt4rI+9MLo=
Subject key identifier: AD:89:E2:BC:2D:86:7E:85:B7:C9:7E:F9:8D:6F:58:A4:E7:4B:A5:EE
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188BFC1BA202876C34983A37DD5E2DA0A03
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rYnivC2GfoW3yX75jW9YpOdLpe4.roa
Signing time: Thu 15 Jun 2023 15:52:04 +0000
ROA not before: Thu 15 Jun 2023 15:52:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 163.5.70.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.72.0/24 maxlen: 24
163.5.77.0/24 maxlen: 24
163.5.78.0/24 maxlen: 24
163.5.98.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jul 2023 09:22:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:c1:ba:20:28:76:c3:49:83:a3:7d:d5:e2:da:0a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 15 15:52:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad89e2bc2d867e85b7c97ef98d6f58a4e74ba5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:16:30:e5:04:67:5b:3b:df:a9:95:c6:7f:48:
0f:b2:d7:26:60:58:f9:ba:04:18:fd:5d:bd:b4:38:
ae:19:4f:a6:51:ef:70:43:f5:ad:48:ea:1f:5d:ce:
0b:bc:75:bb:05:20:b4:15:ea:a0:64:08:b7:7a:20:
8a:c8:71:cd:6c:25:ed:53:b0:b1:2c:7b:df:28:3f:
30:a4:a1:eb:c5:d5:55:6f:6b:ef:97:2f:46:2c:64:
85:c9:60:fd:e3:3d:4a:c7:49:7b:bf:b8:0c:dd:19:
5f:c2:e5:4c:cb:15:c3:da:89:a0:70:db:37:f6:4b:
82:77:ed:65:49:13:15:ea:16:bd:13:0e:7f:27:a9:
19:e8:ad:1f:19:37:d9:a6:b7:03:99:ec:bc:50:1d:
0d:b7:01:3e:8e:dc:4a:6d:5b:b0:69:76:ce:45:57:
81:62:12:39:6e:77:c1:b0:1c:5b:53:e3:f0:a0:7a:
f3:94:f7:61:23:fe:f1:10:ff:b0:12:31:22:8d:4f:
88:c4:7a:d8:74:fc:da:eb:1e:62:ea:31:4b:36:6a:
e8:05:fd:41:75:6a:44:d1:ea:31:f4:2e:45:a0:d9:
5b:2a:98:89:d3:10:b7:24:5b:0f:2a:1b:0b:b2:30:
71:5e:71:eb:c3:a8:bc:22:9e:59:fa:7b:ef:13:ac:
12:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:89:E2:BC:2D:86:7E:85:B7:C9:7E:F9:8D:6F:58:A4:E7:4B:A5:EE
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rYnivC2GfoW3yX75jW9YpOdLpe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.70.0/24
163.5.72.0/24
163.5.76.0-163.5.78.255
163.5.92.0/24
163.5.98.0/24
163.5.243.0/24
163.5.245.0/24
Signature Algorithm: sha256WithRSAEncryption
71:cf:5c:e3:89:0d:d1:9f:47:94:92:9c:e3:59:92:9b:25:dc:
ec:98:34:90:b9:9b:fa:aa:59:5a:bd:8e:52:ec:61:2f:70:fb:
8d:ed:dc:b1:7c:70:0b:a0:25:74:61:b4:a6:50:33:84:1b:17:
d0:cc:b7:e1:25:e7:cf:89:61:2b:37:9c:0a:42:99:8b:21:53:
1f:c9:d2:f8:08:c4:a4:2e:82:96:c3:76:71:1b:7e:64:26:c1:
fe:8a:07:f4:3d:2c:6e:bf:8c:49:b9:70:8d:26:20:cc:eb:cb:
fe:86:f7:01:2c:ac:00:84:39:f5:5b:f4:64:3f:ac:9b:85:fa:
61:77:3b:5e:44:22:a4:ea:30:9b:5c:fd:17:6f:71:e3:b7:68:
c8:8e:be:75:4a:78:65:cb:ad:55:53:16:b3:bf:1c:14:94:02:
f6:f6:12:76:05:67:91:a7:be:da:fb:55:96:08:01:17:07:ce:
00:c9:b6:79:46:49:97:d3:db:d1:d3:f8:4e:da:48:11:c9:45:
c0:d7:87:13:bb:91:84:6d:ce:70:b8:7d:f7:4c:c6:43:7a:04:
3d:bd:b5:ca:f5:bd:3c:8a:7e:2c:c0:c7:38:96:ed:c5:92:78:
44:86:be:ad:64:72:fe:62:20:1b:a5:f0:55:ff:6b:d0:60:1d:
bb:c0:ec:1d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYi/wbogKHbDSYOjfdXi2goDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjE1MTU1MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDg5ZTJiYzJkODY3ZTg1YjdjOTdlZjk4ZDZmNThhNGU3NGJhNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxYw5QRnWzvfqZXGf0gPstcmYFj5
ugQY/V29tDiuGU+mUe9wQ/WtSOofXc4LvHW7BSC0FeqgZAi3eiCKyHHNbCXtU7Cx
LHvfKD8wpKHrxdVVb2vvly9GLGSFyWD94z1Kx0l7v7gM3RlfwuVMyxXD2omgcNs3
9kuCd+1lSRMV6ha9Ew5/J6kZ6K0fGTfZprcDmey8UB0NtwE+jtxKbVuwaXbORVeB
YhI5bnfBsBxbU+PwoHrzlPdhI/7xEP+wEjEijU+IxHrYdPza6x5i6jFLNmroBf1B
dWpE0eox9C5FoNlbKpiJ0xC3JFsPKhsLsjBxXnHrw6i8Ip5Z+nvvE6wSGwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFK2J4rwthn6Ft8l++Y1vWKTnS6XuMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvclluaXZDMkdmb1czeVg3NWpXOVlwT2RMcGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAowVGAwQA
owVIMAwDBAKjBUwDBACjBU4DBACjBVwDBACjBWIDBACjBfMDBACjBfUwDQYJKoZI
hvcNAQELBQADggEBAHHPXOOJDdGfR5SSnONZkpsl3OyYNJC5m/qqWVq9jlLsYS9w
+43t3LF8cAugJXRhtKZQM4QbF9DMt+El58+JYSs3nApCmYshUx/J0vgIxKQugpbD
dnEbfmQmwf6KB/Q9LG6/jEm5cI0mIMzry/6G9wEsrACEOfVb9GQ/rJuF+mF3O15E
IqTqMJtc/RdvceO3aMiOvnVKeGXLrVVTFrO/HBSUAvb2EnYFZ5Gnvtr7VZYIARcH
zgDJtnlGSZfT29HT+E7aSBHJRcDXhxO7kYRtznC4ffdMxkN6BD29tcr1vTyKfizA
xziW7cWSeESGvq1kcv5iIBul8FX/a9BgHbvA7B0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org