Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xAYte7lgx_y-jBc0tsmL4pONBNE.roa
File: xAYte7lgx_y-jBc0tsmL4pONBNE.roa (raw, json)
Hash identifier: oamOJxjiGT8fNVGWZyU7RYbUoZr5WeuSvFscYSSqY4c=
Subject key identifier: C4:06:2D:7B:B9:60:C7:FC:BE:8C:17:34:B6:C9:8B:E2:93:8D:04:D1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC425529F7E21C6D61A4B5715F872490A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xAYte7lgx_y-jBc0tsmL4pONBNE.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 163.5.212.0/24 maxlen: 24
163.5.219.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.61.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:52:9f:7e:21:c6:d6:1a:4b:57:15:f8:72:49:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4062d7bb960c7fcbe8c1734b6c98be2938d04d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ea:6a:ec:c0:44:1c:73:36:43:40:db:3e:0e:
20:2e:aa:9f:f9:71:80:b0:38:04:56:6f:c0:1f:4d:
9a:bf:f9:1f:19:c8:2e:9b:80:ee:43:ef:92:05:96:
23:65:b4:e9:14:5d:1f:19:61:48:23:d8:9d:c0:48:
5a:04:58:0b:a3:a3:83:00:9a:58:b8:d1:36:5c:51:
e1:ec:7e:16:3b:2e:7e:b8:07:15:d6:b2:5c:8e:60:
1e:67:44:7b:54:10:5a:e7:44:2e:7e:88:b9:85:d1:
49:93:3e:bb:40:43:43:4c:b7:51:be:45:3c:37:bc:
6f:38:82:6a:50:54:36:d1:55:19:a3:7f:f6:f5:e6:
58:55:5e:c4:29:66:fc:ed:65:a4:ed:7d:4b:15:2f:
2e:2f:ce:25:2e:0f:49:a0:d5:de:56:7c:7e:b1:83:
6e:bb:eb:74:87:e8:55:ce:05:6c:5f:68:36:02:8b:
65:f6:68:9c:54:4b:4d:96:0a:1b:1c:6b:c1:c9:87:
04:cc:58:df:29:77:80:0e:3c:88:ae:04:74:31:c4:
c6:03:a2:a7:6c:af:2b:06:1f:57:0d:46:e7:77:d6:
6c:a1:23:e3:43:cd:92:a4:df:bf:9a:c8:30:70:01:
18:bd:90:af:65:aa:1a:4e:9e:e3:06:99:34:1a:08:
f8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:06:2D:7B:B9:60:C7:FC:BE:8C:17:34:B6:C9:8B:E2:93:8D:04:D1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xAYte7lgx_y-jBc0tsmL4pONBNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.61.0/24
163.5.141.0/24
163.5.212.0/24
163.5.219.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
78:56:e8:6a:3e:ef:8f:37:e4:75:85:b1:71:09:67:2e:f1:4d:
8c:d6:62:94:56:22:aa:91:59:2a:c7:af:4e:f9:80:eb:6d:19:
5d:86:92:64:84:b0:04:4b:5c:01:65:9a:18:1a:b5:26:7b:72:
62:f4:ab:a2:30:6d:9e:1c:21:58:d0:cb:98:6f:71:cf:7b:0f:
53:19:da:a1:a1:8a:56:5b:e4:59:35:03:1f:63:1f:27:f5:b6:
73:99:d8:5f:6d:79:df:df:63:f9:62:c9:26:57:75:d4:13:08:
fd:07:4a:6a:bf:d5:54:30:e8:e1:3e:1c:8d:47:c9:68:32:b4:
67:d2:90:51:00:bd:ec:2d:3d:7e:e8:c1:f7:63:41:c8:65:a5:
64:1f:0c:99:7a:5e:a3:6c:21:d4:e0:ef:e6:58:ce:83:c2:d9:
47:89:13:ac:a2:24:62:04:64:66:a7:65:b5:9d:4a:06:b4:99:
7c:ad:c1:cc:81:76:b9:b3:39:55:95:4d:e5:d4:00:d7:b0:16:
00:4b:f9:40:cf:a6:5f:1a:de:05:31:1d:0d:30:c0:94:b3:73:
e7:fe:fc:5d:4d:6c:71:6c:7e:e5:68:59:15:5c:6f:9b:41:6a:
20:d3:dd:b5:8a:32:fb:1c:22:bc:47:83:90:f2:60:db:62:78:
49:29:5f:ae
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJVKffiHG1hpLVxX4ckkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDA2MmQ3YmI5NjBjN2ZjYmU4YzE3MzRiNmM5OGJlMjkzOGQwNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhupq7MBEHHM2Q0DbPg4gLqqf+XGA
sDgEVm/AH02av/kfGcgum4DuQ++SBZYjZbTpFF0fGWFII9idwEhaBFgLo6ODAJpY
uNE2XFHh7H4WOy5+uAcV1rJcjmAeZ0R7VBBa50Qufoi5hdFJkz67QENDTLdRvkU8
N7xvOIJqUFQ20VUZo3/29eZYVV7EKWb87WWk7X1LFS8uL84lLg9JoNXeVnx+sYNu
u+t0h+hVzgVsX2g2Aotl9micVEtNlgobHGvByYcEzFjfKXeADjyIrgR0McTGA6Kn
bK8rBh9XDUbnd9ZsoSPjQ82SpN+/msgwcAEYvZCvZaoaTp7jBpk0Ggj4QQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMQGLXu5YMf8vowXNLbJi+KTjQTRMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveEFZdGU3bGd4X3ktakJjMHRzbUw0cE9OQk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowU9AwQA
owWNAwQAowXUAwQAowXbAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQB4VuhqPu+P
N+R1hbFxCWcu8U2M1mKUViKqkVkqx69O+YDrbRldhpJkhLAES1wBZZoYGrUme3Ji
9KuiMG2eHCFY0MuYb3HPew9TGdqhoYpWW+RZNQMfYx8n9bZzmdhfbXnf32P5Yskm
V3XUEwj9B0pqv9VUMOjhPhyNR8loMrRn0pBRAL3sLT1+6MH3Y0HIZaVkHwyZel6j
bCHU4O/mWM6DwtlHiROsoiRiBGRmp2W1nUoGtJl8rcHMgXa5szlVlU3l1ADXsBYA
S/lAz6ZfGt4FMR0NMMCUs3Pn/vxdTWxxbH7laFkVXG+bQWog0921ijL7HCK8R4OQ
8mDbYnhJKV+u
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:35:55 2024 by rpki-client on console-fra.rpki-client.org