Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rltSKf1p7A7lvpbrNMivkFITinQ.roa
File: rltSKf1p7A7lvpbrNMivkFITinQ.roa (raw, json)
Hash identifier: SUxitoSCcawrk6CS9FWcQb8Qg4nSafV6o+glu+FXWvQ=
Subject key identifier: AE:5B:52:29:FD:69:EC:0E:E5:BE:96:EB:34:C8:AF:90:52:13:8A:74
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018BE27A830492846F0834C080133706E3B0
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rltSKf1p7A7lvpbrNMivkFITinQ.roa
Signing time: Sat 18 Nov 2023 12:49:21 +0000
ROA not before: Sat 18 Nov 2023 12:49:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 163.5.220.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e2:7a:83:04:92:84:6f:08:34:c0:80:13:37:06:e3:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 18 12:49:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae5b5229fd69ec0ee5be96eb34c8af9052138a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f4:7f:18:e8:72:0d:97:c5:15:65:96:e6:cc:
98:22:3c:55:24:03:52:e2:ce:1e:97:87:e9:97:df:
f7:ec:f4:6b:10:4f:ef:52:df:92:c9:ac:ad:3b:6f:
11:42:4f:23:82:07:aa:e0:cc:b2:87:f3:ea:84:34:
2d:a3:be:eb:fa:45:f8:f3:2c:f6:7c:11:33:5f:16:
cf:19:55:ce:08:39:23:1f:9c:8e:75:47:e4:9c:6e:
47:bd:ee:6b:f7:82:94:d1:ae:eb:9f:f7:5d:af:f0:
7c:78:92:51:e0:bd:0d:66:e6:7d:d4:93:86:0e:b4:
53:0c:4a:da:55:bf:a3:3c:f3:ba:26:14:5b:98:48:
70:90:0a:8f:c6:31:a8:44:3d:52:e7:c6:b4:ac:d8:
7c:63:4a:e5:ac:1a:a3:08:96:be:6b:6e:8c:cd:67:
ac:dc:8e:64:18:7d:21:3e:76:aa:26:d2:68:d2:5a:
11:4f:ee:c7:70:fd:6c:b9:f0:7a:1e:21:87:19:7a:
cf:60:9f:2d:3a:36:48:04:f3:54:aa:0e:47:17:d1:
7d:c7:d2:4d:88:48:83:83:54:bb:b2:2d:6a:56:8b:
83:d6:48:72:52:24:2a:f1:c4:06:f3:32:42:6f:4d:
63:b5:ef:5c:c8:34:50:37:90:f6:a9:a9:97:7d:cb:
be:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:5B:52:29:FD:69:EC:0E:E5:BE:96:EB:34:C8:AF:90:52:13:8A:74
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rltSKf1p7A7lvpbrNMivkFITinQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.149.0/24
163.5.155.0/24
163.5.220.0/24
163.5.223.0/24
163.5.244.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:7d:0c:2a:bf:56:c5:2d:72:89:f0:7a:1a:3c:0b:d6:88:81:
55:7d:21:e9:33:3c:56:37:64:4b:f8:06:d8:6f:f7:e8:e0:90:
8b:cd:a2:d4:23:96:56:73:f6:78:e8:74:65:c0:b0:9d:e3:38:
de:b4:8d:6b:60:a0:41:f5:d1:62:90:7b:50:9b:5d:aa:a9:40:
d1:75:1e:73:3d:40:d7:0d:0d:10:47:42:fc:59:6b:9f:d9:3a:
73:43:1b:b8:31:f6:af:a0:1a:07:1c:e9:a9:b6:69:da:c5:f3:
71:c9:b6:4e:62:52:a6:b2:a5:7b:f9:ea:af:5c:69:64:8b:ef:
67:b0:34:80:c5:6f:d2:20:69:2d:a9:1f:67:7b:5a:15:10:7c:
f8:4f:b6:33:a7:45:4a:0f:58:b2:bc:e5:d8:98:18:b5:56:c9:
82:49:77:6d:38:e7:dc:b9:c3:20:78:a1:fd:d5:67:ba:a0:76:
cf:85:57:5a:cb:f4:8f:4c:dc:2d:08:44:79:8c:af:32:01:dd:
17:40:cf:93:b8:48:c1:99:bd:e6:54:27:e5:f4:9e:dc:5a:99:
10:04:e2:28:67:04:6e:d0:56:ba:26:c8:09:90:c5:23:ad:68:
08:b8:3e:cd:c4:e6:4b:d6:ea:f1:41:d8:d3:a7:13:dc:da:d1:
76:62:b7:cf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvieoMEkoRvCDTAgBM3BuOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTE4MTI0OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTViNTIyOWZkNjllYzBlZTViZTk2ZWIzNGM4YWY5MDUyMTM4YTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/R/GOhyDZfFFWWW5syYIjxVJANS
4s4el4fpl9/37PRrEE/vUt+SyaytO28RQk8jggeq4Myyh/PqhDQto77r+kX48yz2
fBEzXxbPGVXOCDkjH5yOdUfknG5Hve5r94KU0a7rn/ddr/B8eJJR4L0NZuZ91JOG
DrRTDEraVb+jPPO6JhRbmEhwkAqPxjGoRD1S58a0rNh8Y0rlrBqjCJa+a26MzWes
3I5kGH0hPnaqJtJo0loRT+7HcP1sufB6HiGHGXrPYJ8tOjZIBPNUqg5HF9F9x9JN
iEiDg1S7si1qVouD1khyUiQq8cQG8zJCb01jte9cyDRQN5D2qamXfcu+twIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK5bUin9aewO5b6W6zTIr5BSE4p0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcmx0U0tmMXA3QTdsdnBick5NaXZrRklUaW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowWVAwQA
owWbAwQAowXcAwQAowXfAwQAowX0MA0GCSqGSIb3DQEBCwUAA4IBAQAufQwqv1bF
LXKJ8HoaPAvWiIFVfSHpMzxWN2RL+AbYb/fo4JCLzaLUI5ZWc/Z46HRlwLCd4zje
tI1rYKBB9dFikHtQm12qqUDRdR5zPUDXDQ0QR0L8WWuf2TpzQxu4MfavoBoHHOmp
tmnaxfNxybZOYlKmsqV7+eqvXGlki+9nsDSAxW/SIGktqR9ne1oVEHz4T7Yzp0VK
D1iyvOXYmBi1VsmCSXdtOOfcucMgeKH91We6oHbPhVday/SPTNwtCER5jK8yAd0X
QM+TuEjBmb3mVCfl9J7cWpkQBOIoZwRu0Fa6JsgJkMUjrWgIuD7NxOZL1urxQdjT
pxPc2tF2YrfP
-----END CERTIFICATE-----
Generated at Sun Dec 17 16:42:52 2023 by rpki-client on console-fra.rpki-client.org