Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vVtgTPPUH7IdDhAUmqsPNgGxKoY.roa
File: vVtgTPPUH7IdDhAUmqsPNgGxKoY.roa (raw, json)
Hash identifier: zWDIkDzCevmJSbaKfUQycD6auZv1Rvy9AInnfjd/Z6A=
Subject key identifier: BD:5B:60:4C:F3:D4:1F:B2:1D:0E:10:14:9A:AB:0F:36:01:B1:2A:86
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042C6D50B945CF1DB70525856CA7608
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vVtgTPPUH7IdDhAUmqsPNgGxKoY.roa
Signing time: Mon 02 Jan 2023 02:15:02 +0000
ROA not before: Mon 02 Jan 2023 02:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204968
IP address blocks: 163.5.199.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.208.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.207.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:c6:d5:0b:94:5c:f1:db:70:52:58:56:ca:76:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd5b604cf3d41fb21d0e10149aab0f3601b12a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bc:03:02:e6:17:16:e2:79:89:43:50:d3:f0:
e5:89:fd:9c:9f:19:0e:7e:c1:fc:86:ea:6e:88:75:
19:8d:81:51:87:ed:9a:7a:c5:00:a3:76:c5:62:f0:
cb:27:72:1b:24:50:02:ab:bf:1d:c1:9d:c6:7b:8e:
c4:31:da:23:10:ac:b0:2a:07:73:9c:85:33:e9:d9:
c6:0b:88:45:29:3b:90:86:6b:87:6c:f7:1e:88:c7:
5d:a0:5c:a4:3a:b9:8e:3d:4d:06:c7:80:03:a6:42:
0e:4e:d4:2e:73:f9:66:1e:e1:36:83:46:aa:6f:63:
ab:6c:5b:d6:24:bc:1a:3b:99:81:0f:22:5b:c4:22:
d5:02:44:ef:aa:82:5e:56:4c:73:65:bf:c1:7b:15:
1f:06:1e:5b:75:db:51:80:22:00:a8:b8:77:33:a1:
07:36:d7:ac:38:3a:a4:f5:08:c7:6c:b3:db:ca:fa:
6f:d6:be:97:ec:32:98:1f:27:92:06:4d:ac:1e:2b:
dc:2c:da:5e:33:9d:97:08:0f:87:cf:26:38:f8:c1:
5d:89:a1:0b:31:8e:70:7b:86:1c:4e:4a:08:01:e3:
9c:80:15:48:f3:e6:e9:e3:71:e6:34:82:19:4f:7c:
9c:f9:92:f0:4d:e2:5c:49:30:f7:09:97:e4:d1:17:
53:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:5B:60:4C:F3:D4:1F:B2:1D:0E:10:14:9A:AB:0F:36:01:B1:2A:86
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vVtgTPPUH7IdDhAUmqsPNgGxKoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.155.0-163.5.157.255
163.5.199.0/24
163.5.206.0-163.5.209.255
163.5.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:04:be:b6:53:33:9f:0e:48:1e:56:1f:36:f5:6f:5b:2f:5c:
c6:65:ef:71:c1:49:03:72:73:01:de:27:14:af:a1:67:92:ff:
1c:c3:2d:f3:e7:d8:a2:d0:95:95:6c:ef:86:f8:82:92:a4:73:
9c:50:72:91:e5:19:f9:d3:6d:18:29:c0:fe:46:36:e1:12:6a:
4d:3c:34:6c:ed:bc:a3:94:f6:71:09:f9:a2:e9:86:93:20:7a:
cd:29:1d:89:5a:e4:a0:15:84:24:89:6a:c2:33:4c:ff:a0:d8:
7a:ee:51:a6:c4:be:bf:5f:f8:3a:e4:99:cc:d5:26:75:99:fa:
a7:e9:83:96:ac:7d:c0:c9:18:a1:9d:81:d6:cb:09:1f:4a:d5:
8a:8d:ca:4b:63:f3:50:82:c6:5e:5e:50:6d:6f:d9:a1:9d:45:
61:08:5c:3f:91:73:f8:ae:9f:64:e9:13:87:8c:34:09:84:a0:
85:47:0a:01:22:5c:c7:43:88:a6:81:1a:43:17:52:be:67:d8:
d9:f1:48:58:fa:81:66:2f:8a:19:92:ae:06:17:25:5d:4a:e0:
22:7c:fa:a2:ed:e1:6f:37:46:d7:29:df:3b:eb:0e:37:40:da:
91:6e:d7:75:64:43:28:a6:ee:60:01:2a:da:13:33:e7:30:fe:
4c:4b:50:3a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVwQsbVC5Rc8dtwUlhWynYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDViNjA0Y2YzZDQxZmIyMWQwZTEwMTQ5YWFiMGYzNjAxYjEyYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrwDAuYXFuJ5iUNQ0/Dlif2cnxkO
fsH8hupuiHUZjYFRh+2aesUAo3bFYvDLJ3IbJFACq78dwZ3Ge47EMdojEKywKgdz
nIUz6dnGC4hFKTuQhmuHbPceiMddoFykOrmOPU0Gx4ADpkIOTtQuc/lmHuE2g0aq
b2OrbFvWJLwaO5mBDyJbxCLVAkTvqoJeVkxzZb/BexUfBh5bddtRgCIAqLh3M6EH
NtesODqk9QjHbLPbyvpv1r6X7DKYHyeSBk2sHivcLNpeM52XCA+HzyY4+MFdiaEL
MY5we4YcTkoIAeOcgBVI8+bp43HmNIIZT3yc+ZLwTeJcSTD3CZfk0RdTSQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFL1bYEzz1B+yHQ4QFJqrDzYBsSqGMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdlZ0Z1RQUFVIN0lkRGhBVW1xc1BOZ0d4S29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBACjBZsD
BAGjBZwDBACjBccwDAMEAaMFzgMEAaMF0AMEAKMF1TANBgkqhkiG9w0BAQsFAAOC
AQEASgS+tlMznw5IHlYfNvVvWy9cxmXvccFJA3JzAd4nFK+hZ5L/HMMt8+fYotCV
lWzvhviCkqRznFBykeUZ+dNtGCnA/kY24RJqTTw0bO28o5T2cQn5oumGkyB6zSkd
iVrkoBWEJIlqwjNM/6DYeu5RpsS+v1/4OuSZzNUmdZn6p+mDlqx9wMkYoZ2B1ssJ
H0rVio3KS2PzUILGXl5QbW/ZoZ1FYQhcP5Fz+K6fZOkTh4w0CYSghUcKASJcx0OI
poEaQxdSvmfY2fFIWPqBZi+KGZKuBhclXUrgInz6ou3hbzdG1ynfO+sON0DakW7X
dWRDKKbuYAEq2hMz5zD+TEtQOg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:23 2023 by rpki-client on console-fra.rpki-client.org