Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sd8bzU9F9k79jtHyQM5Xeb3qpB4.roa
File: sd8bzU9F9k79jtHyQM5Xeb3qpB4.roa (raw, json)
Hash identifier: LOxX4EZoOH5XtfbueEr8jvwzGVMXZOGqD1Q028Z+c9s=
Subject key identifier: B1:DF:1B:CD:4F:45:F6:4E:FD:8E:D1:F2:40:CE:57:79:BD:EA:A4:1E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018AF5867326C551546AC680C626333E17C4
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sd8bzU9F9k79jtHyQM5Xeb3qpB4.roa
Signing time: Tue 03 Oct 2023 12:32:23 +0000
ROA not before: Tue 03 Oct 2023 12:32:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 163.5.175.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:86:73:26:c5:51:54:6a:c6:80:c6:26:33:3e:17:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 3 12:32:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1df1bcd4f45f64efd8ed1f240ce5779bdeaa41e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9f:fe:9c:3b:58:73:c4:ae:2f:94:c1:34:80:
78:54:2e:90:8b:77:de:42:7c:f7:a1:e6:aa:b6:01:
80:2e:73:d8:87:f5:a9:3c:43:f9:1c:26:1b:e6:ed:
f5:0e:46:77:22:76:f3:2f:11:84:1b:f9:a7:4f:ff:
22:94:3d:74:df:4b:b4:8a:ed:e0:08:10:47:d5:32:
ec:5c:d4:18:0c:92:87:5a:9f:ce:12:e7:81:ea:4a:
08:96:d6:fa:6c:13:d8:95:be:c8:42:d1:62:8e:1d:
41:9e:cd:5e:98:99:e7:70:85:36:44:69:d8:f0:f8:
a6:13:0e:70:f5:95:84:b4:06:1b:e1:20:62:73:d2:
54:e4:9c:e8:1f:76:72:0c:bd:9c:53:f2:dc:57:7e:
51:51:54:5a:a7:2a:1f:61:a3:a6:54:0f:49:44:17:
a7:b9:7f:69:fb:b3:75:5a:50:69:a3:bd:63:03:1c:
03:4e:75:ab:46:49:d9:f1:65:dc:98:71:a7:f0:32:
61:bc:1c:cd:08:24:83:02:83:4b:65:34:70:e7:f6:
06:43:ae:dc:af:43:61:22:ff:f1:b5:30:6e:6b:3a:
6f:11:1b:e7:1f:48:01:2a:ef:47:0f:c1:0a:6a:fc:
4f:79:76:a8:71:01:90:97:f1:16:ff:2f:a2:42:cc:
04:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:DF:1B:CD:4F:45:F6:4E:FD:8E:D1:F2:40:CE:57:79:BD:EA:A4:1E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sd8bzU9F9k79jtHyQM5Xeb3qpB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.135.0-163.5.136.255
163.5.175.0/24
163.5.209.0/24
163.5.211.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:c4:43:d2:d2:1e:f2:2a:5f:07:71:f3:6b:29:07:5a:52:e0:
21:91:e7:7c:c4:a7:e7:99:e8:8e:7a:c4:95:9d:c5:60:4a:bb:
75:b3:23:31:61:05:1e:61:b8:c7:58:fc:09:a0:20:b9:75:b7:
84:a0:9d:eb:87:7b:3c:9d:46:0c:f3:5f:31:67:ce:42:5a:f6:
34:d3:94:15:98:95:68:8d:7e:50:2e:e7:09:7d:75:06:cb:e8:
11:a9:35:32:0d:4c:78:45:27:e3:ba:6f:78:0a:bd:e7:00:35:
77:23:44:c3:8f:3b:00:20:ff:85:38:ab:59:65:46:2d:32:1a:
5d:7e:78:1e:38:17:ab:ab:34:60:8a:bb:0d:6d:09:ef:3f:fc:
eb:2e:a1:4f:5c:b8:0c:6d:28:9a:84:91:53:af:62:2b:7b:60:
ed:5a:26:e7:0d:6d:41:ae:27:8e:80:b6:bb:19:e9:87:84:3b:
1c:f4:bf:44:6e:af:c0:06:16:b9:e1:e1:3b:b6:53:19:c8:27:
a1:f1:97:9f:19:c0:ab:b9:11:1c:fb:cd:3f:cd:9f:19:75:6b:
9a:01:fc:c8:c5:e4:06:8d:2a:35:94:20:b5:57:ab:81:6f:a5:
28:29:86:cf:cd:a6:3f:91:0d:14:46:f8:64:3f:fa:1b:75:a7:
87:8d:63:ae
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYr1hnMmxVFUasaAxiYzPhfEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDAzMTIzMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWRmMWJjZDRmNDVmNjRlZmQ4ZWQxZjI0MGNlNTc3OWJkZWFhNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ/+nDtYc8SuL5TBNIB4VC6Qi3fe
Qnz3oeaqtgGALnPYh/WpPEP5HCYb5u31DkZ3InbzLxGEG/mnT/8ilD1030u0iu3g
CBBH1TLsXNQYDJKHWp/OEueB6koIltb6bBPYlb7IQtFijh1Bns1emJnncIU2RGnY
8PimEw5w9ZWEtAYb4SBic9JU5JzoH3ZyDL2cU/LcV35RUVRapyofYaOmVA9JRBen
uX9p+7N1WlBpo71jAxwDTnWrRknZ8WXcmHGn8DJhvBzNCCSDAoNLZTRw5/YGQ67c
r0NhIv/xtTBuazpvERvnH0gBKu9HD8EKavxPeXaocQGQl/EW/y+iQswEIwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLHfG81PRfZO/Y7R8kDOV3m96qQeMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvc2Q4YnpVOUY5azc5anRIeVFNNVhlYjNxcEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBACjBYcD
BACjBYgDBACjBa8DBACjBdEDBACjBdMwDQYJKoZIhvcNAQELBQADggEBAKTEQ9LS
HvIqXwdx82spB1pS4CGR53zEp+eZ6I56xJWdxWBKu3WzIzFhBR5huMdY/AmgILl1
t4SgneuHezydRgzzXzFnzkJa9jTTlBWYlWiNflAu5wl9dQbL6BGpNTINTHhFJ+O6
b3gKvecANXcjRMOPOwAg/4U4q1llRi0yGl1+eB44F6urNGCKuw1tCe8//OsuoU9c
uAxtKJqEkVOvYit7YO1aJucNbUGuJ46AtrsZ6YeEOxz0v0Rur8AGFrnh4Tu2UxnI
J6Hxl58ZwKu5ERz7zT/Nnxl1a5oB/MjF5AaNKjWUILVXq4FvpSgphs/Npj+RDRRG
+GQ/+ht1p4eNY64=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org