Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/x4VgPmf2cj5JBmW6Zq2dNAHeAas.roa
File: x4VgPmf2cj5JBmW6Zq2dNAHeAas.roa (raw, json)
Hash identifier: qZLWWm3+6EOzjt51UyotrbYUJa/xpqMUEtWDxYy/6Q0=
Subject key identifier: C7:85:60:3E:67:F6:72:3E:49:06:65:BA:66:AD:9D:34:01:DE:01:AB
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01890B9E193515E36C2D6B67FA247954BC54
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/x4VgPmf2cj5JBmW6Zq2dNAHeAas.roa
Signing time: Fri 30 Jun 2023 09:24:17 +0000
ROA not before: Fri 30 Jun 2023 09:24:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.229.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.102.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.63.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0b:9e:19:35:15:e3:6c:2d:6b:67:fa:24:79:54:bc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 30 09:24:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c785603e67f6723e490665ba66ad9d3401de01ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d4:fe:00:50:b2:30:23:96:48:2a:29:b8:c4:
fc:34:b0:03:4f:06:45:93:57:d1:37:fe:f1:73:03:
59:9c:f1:29:08:10:b7:17:c2:ac:6f:4e:3b:c4:0c:
26:11:b3:99:39:eb:f0:f5:2e:64:92:5b:59:25:0b:
0f:90:a2:61:10:c3:29:58:95:4c:11:cd:b6:eb:a6:
a6:8c:6c:e3:ba:80:ef:20:1b:c7:8a:13:a3:d4:6b:
4b:48:eb:5b:50:87:82:8f:03:b1:fc:a4:47:43:7e:
c4:b5:1c:f7:e9:66:ff:f9:0b:47:f5:a3:18:76:4a:
ad:35:16:ba:42:6d:bb:72:7e:a4:e3:54:ba:56:f4:
87:f8:b7:c1:f9:a3:3c:65:de:89:61:6f:3e:c9:d2:
96:e0:e1:6f:c8:5b:63:e2:90:ad:38:e7:37:f5:47:
e9:97:85:1e:be:ee:ac:cc:2a:fb:c1:3c:8f:9e:de:
67:1a:66:c1:80:a0:b0:79:0f:f5:d9:48:6f:dc:28:
dc:dc:4e:fe:ca:ac:83:db:d5:88:1d:31:13:c1:ab:
11:32:93:5b:bc:54:d1:7c:ad:98:e3:8f:06:62:78:
bf:4c:86:ad:8b:e5:d1:0f:0e:a3:f9:d2:18:f1:1a:
52:ef:0c:13:55:02:1f:07:3b:ab:d6:43:88:ca:f9:
75:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:85:60:3E:67:F6:72:3E:49:06:65:BA:66:AD:9D:34:01:DE:01:AB
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/x4VgPmf2cj5JBmW6Zq2dNAHeAas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.38.0/23
163.5.60.0/24
163.5.63.0/24
163.5.71.0/24
163.5.88.0/24
163.5.90.0/24
163.5.93.0/24
163.5.101.0-163.5.102.255
163.5.108.0/23
163.5.116.0/24
163.5.119.0/24
163.5.131.0/24
163.5.134.0/24
163.5.147.0/24
163.5.171.0/24
163.5.174.0/24
163.5.189.0/24
163.5.192.0/24
163.5.225.0/24
163.5.228.0/23
163.5.240.0/24
163.5.246.0/24
Signature Algorithm: sha256WithRSAEncryption
97:3e:a3:de:54:91:2e:d0:b4:9d:24:59:6c:fb:7b:15:82:25:
b1:93:9f:be:28:2a:15:62:85:6c:71:f0:b6:c4:47:93:cc:8b:
58:e0:f8:57:08:14:ab:ff:4c:c0:a5:33:e5:53:0d:7a:be:49:
b3:4e:04:06:0a:0a:e4:20:ed:d3:c6:c8:61:b9:e3:13:71:9b:
83:f9:14:16:a2:9d:fd:6a:58:af:ab:c2:33:e0:b2:0b:ea:34:
68:dd:32:d7:79:42:b5:d3:b9:92:f2:e2:b2:83:f7:15:75:94:
ed:c6:25:23:fa:31:78:5a:9c:af:88:2a:2e:25:ef:e6:5f:0e:
f4:d7:d0:4d:4d:15:80:a8:22:be:ef:32:74:01:40:50:87:a3:
00:f7:d6:c0:ff:93:8b:14:4b:ad:70:c6:8c:5a:58:e8:cc:db:
fe:27:c2:89:bb:57:bd:c7:bc:27:ed:90:5d:bb:ff:83:20:bc:
43:55:f7:2b:a9:b8:e1:5c:59:a7:7b:f3:e6:6c:ff:64:86:73:
97:b9:c2:6c:90:07:d9:d2:5a:a5:84:53:1b:b0:76:92:d2:a9:
00:55:9f:57:33:45:16:58:4b:0b:ef:bc:8f:b3:b0:c0:bd:b7:
66:1b:c4:24:e4:f1:d3:ae:ef:cf:c5:e5:da:f6:d6:20:f9:59:
58:a1:60:56
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYkLnhk1FeNsLWtn+iR5VLxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjMwMDkyNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzg1NjAzZTY3ZjY3MjNlNDkwNjY1YmE2NmFkOWQzNDAxZGUwMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9T+AFCyMCOWSCopuMT8NLADTwZF
k1fRN/7xcwNZnPEpCBC3F8Ksb047xAwmEbOZOevw9S5kkltZJQsPkKJhEMMpWJVM
Ec2266amjGzjuoDvIBvHihOj1GtLSOtbUIeCjwOx/KRHQ37EtRz36Wb/+QtH9aMY
dkqtNRa6Qm27cn6k41S6VvSH+LfB+aM8Zd6JYW8+ydKW4OFvyFtj4pCtOOc39Ufp
l4Uevu6szCr7wTyPnt5nGmbBgKCweQ/12Uhv3Cjc3E7+yqyD29WIHTETwasRMpNb
vFTRfK2Y448GYni/TIati+XRDw6j+dIY8RpS7wwTVQIfBzur1kOIyvl12wIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFMeFYD5n9nI+SQZlumatnTQB3gGrMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveDRWZ1BtZjJjajVKQm1XNlpxMmROQUhlQWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAGj
BSYDBACjBTwDBACjBT8DBACjBUcDBACjBVgDBACjBVoDBACjBV0wDAMEAKMFZQME
AKMFZgMEAaMFbAMEAKMFdAMEAKMFdwMEAKMFgwMEAKMFhgMEAKMFkwMEAKMFqwME
AKMFrgMEAKMFvQMEAKMFwAMEAKMF4QMEAaMF5AMEAKMF8AMEAKMF9jANBgkqhkiG
9w0BAQsFAAOCAQEAlz6j3lSRLtC0nSRZbPt7FYIlsZOfvigqFWKFbHHwtsRHk8yL
WOD4VwgUq/9MwKUz5VMNer5Js04EBgoK5CDt08bIYbnjE3Gbg/kUFqKd/WpYr6vC
M+CyC+o0aN0y13lCtdO5kvLisoP3FXWU7cYlI/oxeFqcr4gqLiXv5l8O9NfQTU0V
gKgivu8ydAFAUIejAPfWwP+TixRLrXDGjFpY6Mzb/ifCibtXvce8J+2QXbv/gyC8
Q1X3K6m44VxZp3vz5mz/ZIZzl7nCbJAH2dJapYRTG7B2ktKpAFWfVzNFFlhLC++8
j7OwwL23ZhvEJOTx067vz8Xl2vbWIPlZWKFgVg==
-----END CERTIFICATE-----
Generated at Sat Jul 22 13:39:44 2023 by rpki-client on console-ams.rpki-client.org