Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sLiWJhzT2TPyV3RyeIBPmYgWX98.roa
File: sLiWJhzT2TPyV3RyeIBPmYgWX98.roa (raw, json)
Hash identifier: 3GiKNWxAzkADlkVJzBs+XjDZQr9HkfpkdnlP24ioykg=
Subject key identifier: B0:B8:96:26:1C:D3:D9:33:F2:57:74:72:78:80:4F:99:88:16:5F:DF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018586885D0F7E445A2EE6545E1F54458A5E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sLiWJhzT2TPyV3RyeIBPmYgWX98.roa
Signing time: Fri 06 Jan 2023 10:02:41 +0000
ROA not before: Fri 06 Jan 2023 10:02:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 163.5.185.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:88:5d:0f:7e:44:5a:2e:e6:54:5e:1f:54:45:8a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 6 10:02:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0b896261cd3d933f257747278804f9988165fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3c:e5:6d:52:b0:1a:07:37:7e:be:55:75:ea:
e7:b4:8c:46:0e:59:95:27:c1:79:45:85:c8:b6:08:
5d:67:c1:ed:c1:46:b9:c0:3e:49:92:4d:88:28:f7:
d1:ff:dd:5e:7a:15:3a:10:b0:72:a8:bd:00:dd:0a:
f4:98:6c:3b:fc:89:b1:fd:25:70:5f:54:3e:04:65:
1a:b8:78:df:f1:84:fc:88:4d:c6:21:9c:60:bf:51:
a7:95:df:34:29:14:ef:9c:69:13:02:67:37:c0:55:
cf:b3:8b:1a:57:9c:5f:1d:33:df:8d:e4:51:73:81:
cc:50:b4:1d:76:c1:20:2b:06:b4:c3:2b:ed:24:f2:
f2:71:81:53:67:18:20:fd:69:06:02:22:33:db:e4:
db:54:88:e0:90:de:38:33:49:98:c6:f3:6d:d6:ea:
97:47:5b:ad:94:43:11:ca:6d:4b:60:02:9e:40:ab:
5f:b7:82:6f:ec:9c:3d:a7:d5:c7:37:63:bb:20:7e:
0e:8a:56:f2:68:12:b1:47:44:77:95:cb:6a:dd:48:
8d:82:b5:7f:70:77:7f:7d:44:a0:4a:2f:79:5f:5f:
93:ab:37:9c:ac:da:be:bc:e0:b6:b6:58:f9:4f:f6:
68:ea:7e:fd:03:b2:e6:a6:3f:31:8b:18:a5:a4:f9:
60:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B8:96:26:1C:D3:D9:33:F2:57:74:72:78:80:4F:99:88:16:5F:DF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sLiWJhzT2TPyV3RyeIBPmYgWX98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.90.0/24
163.5.140.0/24
163.5.185.0/24
Signature Algorithm: sha256WithRSAEncryption
98:c5:04:d1:3d:6e:95:c0:cc:61:7e:ef:48:db:be:ad:cc:b3:
0c:70:f8:2e:6e:78:da:7f:07:22:c8:e1:52:32:e1:2b:a0:03:
62:72:3d:94:a7:68:58:ae:2a:32:29:78:df:7f:08:86:54:ab:
ab:3c:ee:94:43:cb:3a:bf:09:1a:2c:5d:b5:21:6c:a1:72:fe:
90:d5:20:65:1c:9e:c5:1c:cd:5f:93:c6:ac:47:8b:81:e2:d0:
31:1c:09:f0:91:b2:2f:d6:4a:2e:b6:68:f7:09:5d:b7:40:9a:
a6:32:76:0a:73:9e:d7:9a:fb:de:3a:2c:86:bc:8b:5e:77:97:
45:2e:21:e1:b6:8b:41:bd:5d:b2:6d:27:df:7e:00:d5:5b:10:
25:3a:e7:1c:2e:96:36:6c:79:d5:0c:e2:94:73:7e:1e:b8:df:
5d:12:e2:1d:49:dc:17:e7:4c:2a:ac:c5:ec:2b:78:1b:f9:51:
72:da:ae:39:8d:a3:e4:4c:30:d8:a9:b9:46:28:a3:2a:6b:c0:
c2:d3:44:3c:c1:97:4f:b6:6b:37:c1:1b:bc:ae:25:da:ed:45:
09:37:74:82:5e:f5:34:9b:d5:a9:da:4e:ad:16:5e:61:cd:2c:
11:d6:43:6b:96:4c:d5:a2:6b:98:9f:d0:5f:d0:00:b0:61:1a:
b4:ba:b7:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWGiF0PfkRaLuZUXh9URYpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTA2MTAwMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGI4OTYyNjFjZDNkOTMzZjI1Nzc0NzI3ODgwNGY5OTg4MTY1ZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDzlbVKwGgc3fr5VderntIxGDlmV
J8F5RYXItghdZ8HtwUa5wD5Jkk2IKPfR/91eehU6ELByqL0A3Qr0mGw7/Imx/SVw
X1Q+BGUauHjf8YT8iE3GIZxgv1Gnld80KRTvnGkTAmc3wFXPs4saV5xfHTPfjeRR
c4HMULQddsEgKwa0wyvtJPLycYFTZxgg/WkGAiIz2+TbVIjgkN44M0mYxvNt1uqX
R1utlEMRym1LYAKeQKtft4Jv7Jw9p9XHN2O7IH4OilbyaBKxR0R3lctq3UiNgrV/
cHd/fUSgSi95X1+TqzecrNq+vOC2tlj5T/Zo6n79A7Lmpj8xixilpPlgwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLC4liYc09kz8ld0cniAT5mIFl/fMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvc0xpV0poelQyVFB5VjNSeWVJQlBtWWdXWDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowVaAwQA
owWMAwQAowW5MA0GCSqGSIb3DQEBCwUAA4IBAQCYxQTRPW6VwMxhfu9I276tzLMM
cPgubnjafwciyOFSMuEroANicj2Up2hYrioyKXjffwiGVKurPO6UQ8s6vwkaLF21
IWyhcv6Q1SBlHJ7FHM1fk8asR4uB4tAxHAnwkbIv1koutmj3CV23QJqmMnYKc57X
mvveOiyGvIted5dFLiHhtotBvV2ybSfffgDVWxAlOuccLpY2bHnVDOKUc34euN9d
EuIdSdwX50wqrMXsK3gb+VFy2q45jaPkTDDYqblGKKMqa8DC00Q8wZdPtms3wRu8
riXa7UUJN3SCXvU0m9Wp2k6tFl5hzSwR1kNrlkzVomuYn9Bf0ACwYRq0urcN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-ams.rpki-client.org