Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tRYQWSQffWqhbJMtBblJUDxPO-A.roa
File: tRYQWSQffWqhbJMtBblJUDxPO-A.roa (raw, json)
Hash identifier: j+8zfTsJzDZiawnyBGy7eZJSAfrkmh7mL754L6I4pO4=
Subject key identifier: B5:16:10:59:24:1F:7D:6A:A1:6C:93:2D:05:B9:49:50:3C:4F:3B:E0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01859FFFCCD7FEE2A9DDD082211F27F9874E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tRYQWSQffWqhbJMtBblJUDxPO-A.roa
Signing time: Wed 11 Jan 2023 08:43:39 +0000
ROA not before: Wed 11 Jan 2023 08:43:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 163.5.173.0/24 maxlen: 24
163.5.197.0/24 maxlen: 24
163.5.235.0/24 maxlen: 24
163.5.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9f:ff:cc:d7:fe:e2:a9:dd:d0:82:21:1f:27:f9:87:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 11 08:43:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5161059241f7d6aa16c932d05b949503c4f3be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:aa:4f:59:38:a5:92:cc:21:78:dc:33:15:95:
01:f7:88:c7:c7:57:67:3e:af:fc:1a:44:ae:d4:df:
1b:cd:35:c6:2d:8d:42:53:4e:81:39:c3:4f:c8:d1:
f4:67:65:9b:45:b4:02:54:e5:94:63:85:5b:7c:e5:
2b:7a:cd:9b:18:43:53:19:25:3f:bc:fc:a4:d9:df:
01:e4:80:9b:f8:81:2f:7d:08:67:f9:12:b5:8f:0b:
59:d2:0e:5a:59:45:97:25:32:59:40:0f:39:c3:00:
99:97:fc:5c:96:26:5c:26:de:53:fb:f7:1b:c8:14:
d0:1b:c7:e4:c2:3e:d7:8b:c9:53:84:67:13:f1:c0:
90:a3:63:ba:b7:78:55:3c:65:e9:c3:af:de:51:c3:
e1:2b:d2:e0:c8:2f:1e:bf:8b:4b:11:10:3c:bb:a2:
81:26:70:c6:4c:65:7d:25:cd:7a:26:1c:0e:6c:59:
78:86:a6:c1:2c:d4:1c:5c:3e:02:c0:c1:52:47:23:
41:6e:e6:e7:9f:b3:30:cd:9f:e5:3d:b2:f3:06:67:
2a:3c:d7:6a:f6:77:a0:0d:79:7a:ce:1a:3c:af:c2:
71:33:01:e9:2f:eb:f2:cf:f5:dd:00:42:d1:1b:d7:
4c:bd:ac:bb:88:df:f3:19:e6:9c:ed:c2:55:da:94:
6b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:16:10:59:24:1F:7D:6A:A1:6C:93:2D:05:B9:49:50:3C:4F:3B:E0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tRYQWSQffWqhbJMtBblJUDxPO-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.37.0/24
163.5.173.0/24
163.5.197.0/24
163.5.235.0/24
Signature Algorithm: sha256WithRSAEncryption
77:90:63:7b:b8:c7:bf:db:18:4d:1f:3e:84:e7:e6:39:4b:52:
73:12:5f:d8:91:3b:dc:8f:ac:12:ca:fd:62:3c:b0:65:11:d1:
45:5e:14:6c:f8:72:e3:63:21:d3:3f:9e:e1:1c:cc:c0:f8:01:
ea:c2:6c:21:e2:73:93:c9:3b:7b:ba:88:23:dd:90:43:1f:e1:
a2:b9:93:26:7f:e6:b8:73:84:42:6e:82:5e:08:87:78:e5:0d:
f8:44:7a:25:1d:53:d5:d0:6e:21:fb:70:ba:0e:60:5f:6c:b0:
a2:b3:3e:f9:cb:2f:49:4f:71:b1:b0:85:b7:dc:25:d0:b0:bf:
82:eb:84:04:b8:71:b3:ff:9f:4c:0e:2f:43:b8:bf:8f:90:cb:
ff:db:fa:4e:80:d6:22:fa:e6:71:b6:c2:5e:25:db:11:50:10:
b5:cc:65:71:37:83:a6:d3:8d:2a:59:2f:d9:85:a9:6b:de:08:
0c:b2:b4:24:ad:01:c4:e3:23:29:1d:61:bf:c8:53:b4:3c:ab:
80:b1:42:19:3d:75:2d:c3:f0:c8:7a:81:f7:d5:d5:af:bd:68:
3c:05:8b:dd:31:63:dd:fa:e3:c9:2b:43:4e:89:97:ec:ae:c6:
04:65:34:73:73:46:e4:74:9c:0d:db:55:c1:94:3a:81:00:9d:
5f:ac:4c:eb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWf/8zX/uKp3dCCIR8n+YdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTExMDg0MzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTE2MTA1OTI0MWY3ZDZhYTE2YzkzMmQwNWI5NDk1MDNjNGYzYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/apPWTilkswheNwzFZUB94jHx1dn
Pq/8GkSu1N8bzTXGLY1CU06BOcNPyNH0Z2WbRbQCVOWUY4VbfOUres2bGENTGSU/
vPyk2d8B5ICb+IEvfQhn+RK1jwtZ0g5aWUWXJTJZQA85wwCZl/xcliZcJt5T+/cb
yBTQG8fkwj7Xi8lThGcT8cCQo2O6t3hVPGXpw6/eUcPhK9LgyC8ev4tLERA8u6KB
JnDGTGV9Jc16JhwObFl4hqbBLNQcXD4CwMFSRyNBbubnn7MwzZ/lPbLzBmcqPNdq
9negDXl6zho8r8JxMwHpL+vyz/XdAELRG9dMvay7iN/zGeac7cJV2pRrZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLUWEFkkH31qoWyTLQW5SVA8TzvgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdFJZUVdTUWZmV3FoYkpNdEJibEpVRHhQTy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUlAwQA
owWtAwQAowXFAwQAowXrMA0GCSqGSIb3DQEBCwUAA4IBAQB3kGN7uMe/2xhNHz6E
5+Y5S1JzEl/YkTvcj6wSyv1iPLBlEdFFXhRs+HLjYyHTP57hHMzA+AHqwmwh4nOT
yTt7uogj3ZBDH+GiuZMmf+a4c4RCboJeCId45Q34RHolHVPV0G4h+3C6DmBfbLCi
sz75yy9JT3GxsIW33CXQsL+C64QEuHGz/59MDi9DuL+PkMv/2/pOgNYi+uZxtsJe
JdsRUBC1zGVxN4Om040qWS/Zhalr3ggMsrQkrQHE4yMpHWG/yFO0PKuAsUIZPXUt
w/DIeoH31dWvvWg8BYvdMWPd+uPJK0NOiZfsrsYEZTRzc0bkdJwN21XBlDqBAJ1f
rEzr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:23 2023 by rpki-client on console-fra.rpki-client.org