Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yZepVRGsCjW0BsDZpryY545IPDA.roa
File: yZepVRGsCjW0BsDZpryY545IPDA.roa (raw, json)
Hash identifier: WFHAcuwQgnSsturGUHbJxsVPCVsz5sRmfJVt+jEOCzc=
Subject key identifier: C9:97:A9:55:11:AC:0A:35:B4:06:C0:D9:A6:BC:98:E7:8E:48:3C:30
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B149E886A164490E0D9540DD1B73F92CE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yZepVRGsCjW0BsDZpryY545IPDA.roa
Signing time: Mon 09 Oct 2023 13:26:55 +0000
ROA not before: Mon 09 Oct 2023 13:26:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 163.5.77.0/24 maxlen: 24
163.5.72.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:9e:88:6a:16:44:90:e0:d9:54:0d:d1:b7:3f:92:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 9 13:26:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c997a95511ac0a35b406c0d9a6bc98e78e483c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:87:ca:a4:1e:23:2b:ff:e8:81:9f:04:78:fe:
57:dd:93:df:60:02:b5:dc:ad:48:b2:c1:98:97:c0:
8c:6c:3e:27:67:33:62:15:a1:ba:10:63:0f:20:9e:
7f:c1:c4:6c:e1:74:ae:1c:7d:95:cd:97:35:2a:31:
84:61:aa:f3:9a:73:03:30:41:b1:85:3a:0a:0f:ca:
c4:e1:6c:e2:8d:69:38:a0:d3:b6:c0:96:18:b8:a3:
bc:96:dc:75:f6:19:b6:1b:cb:f3:83:0e:6a:c0:91:
86:ce:63:8c:c8:86:c0:48:aa:76:f4:73:10:8d:93:
e6:17:f4:18:c2:12:f2:eb:c2:7e:82:b3:f4:a3:b5:
c5:b1:c7:e2:4c:4c:97:2b:1f:43:e0:81:41:e0:64:
33:8f:4e:92:34:72:c3:77:d9:57:92:50:3e:d2:23:
bf:25:bb:6a:1b:a9:c6:85:d6:e8:8a:30:1a:1d:66:
c7:26:cd:aa:bc:9e:6c:4e:30:8d:3b:46:09:8e:df:
1e:b3:9f:d7:7b:ac:6f:9b:58:57:31:56:03:68:1e:
05:19:23:d2:35:20:b1:4c:fd:03:54:b5:bf:a4:3a:
82:ec:4c:74:44:a9:18:71:53:a6:bf:42:79:d1:8f:
ae:1c:61:3c:a7:59:8c:05:51:2e:b7:5c:60:45:ea:
17:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:97:A9:55:11:AC:0A:35:B4:06:C0:D9:A6:BC:98:E7:8E:48:3C:30
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yZepVRGsCjW0BsDZpryY545IPDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.72.0/24
163.5.77.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:63:e5:1f:e7:48:df:56:39:90:39:d4:98:74:4b:35:80:64:
04:72:16:2e:34:a5:1d:1b:76:eb:3e:1f:17:01:0f:36:24:f0:
04:c0:07:bd:98:13:bc:d7:ac:b3:70:ac:3e:f2:70:68:c9:04:
ac:ec:b2:31:70:76:1d:39:06:cc:3c:c8:67:41:95:36:0f:dd:
ea:17:27:d6:11:f0:0b:98:27:8a:c3:12:89:6c:eb:d6:ba:81:
43:4f:86:6c:3d:73:a8:03:92:26:a5:b9:91:55:5e:46:a9:60:
78:dd:af:5e:8a:4c:e1:3c:96:02:66:8c:52:92:c7:e2:d0:1e:
3a:84:bd:10:f5:a0:f9:3d:da:f6:d1:b2:87:73:a3:bf:d8:ed:
22:55:20:74:84:1e:da:02:8d:6b:f6:22:7b:d6:b5:80:64:c2:
86:db:a2:86:5e:e2:96:cc:3b:55:e5:a1:31:3e:65:de:ad:df:
ed:61:0b:8e:64:11:d4:53:33:66:bb:b2:87:6d:c9:43:67:a8:
9c:cd:1d:0e:75:70:dd:cc:66:51:c1:f5:fa:e8:a4:b8:53:1a:
fb:90:d3:74:40:b7:ac:13:5a:ad:06:70:02:27:6b:23:ec:24:
fc:17:cd:32:da:12:d5:67:6c:c5:a5:86:92:4f:75:b1:5a:d2:
6e:5f:e8:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsUnohqFkSQ4NlUDdG3P5LOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDA5MTMyNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk3YTk1NTExYWMwYTM1YjQwNmMwZDlhNmJjOThlNzhlNDgzYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4fKpB4jK//ogZ8EeP5X3ZPfYAK1
3K1IssGYl8CMbD4nZzNiFaG6EGMPIJ5/wcRs4XSuHH2VzZc1KjGEYarzmnMDMEGx
hToKD8rE4WzijWk4oNO2wJYYuKO8ltx19hm2G8vzgw5qwJGGzmOMyIbASKp29HMQ
jZPmF/QYwhLy68J+grP0o7XFscfiTEyXKx9D4IFB4GQzj06SNHLDd9lXklA+0iO/
JbtqG6nGhdboijAaHWbHJs2qvJ5sTjCNO0YJjt8es5/Xe6xvm1hXMVYDaB4FGSPS
NSCxTP0DVLW/pDqC7Ex0RKkYcVOmv0J50Y+uHGE8p1mMBVEut1xgReoXnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmXqVURrAo1tAbA2aa8mOeOSDwwMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveVplcFZSR3NDalcwQnNEWnByeVk1NDVJUERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVIAwQA
owVNMA0GCSqGSIb3DQEBCwUAA4IBAQA6Y+Uf50jfVjmQOdSYdEs1gGQEchYuNKUd
G3brPh8XAQ82JPAEwAe9mBO816yzcKw+8nBoyQSs7LIxcHYdOQbMPMhnQZU2D93q
FyfWEfALmCeKwxKJbOvWuoFDT4ZsPXOoA5ImpbmRVV5GqWB43a9eikzhPJYCZoxS
ksfi0B46hL0Q9aD5Pdr20bKHc6O/2O0iVSB0hB7aAo1r9iJ71rWAZMKG26KGXuKW
zDtV5aExPmXerd/tYQuOZBHUUzNmu7KHbclDZ6iczR0OdXDdzGZRwfX66KS4Uxr7
kNN0QLesE1qtBnACJ2sj7CT8F80y2hLVZ2zFpYaST3WxWtJuX+jf
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:19 2024 by rpki-client on console-fra.rpki-client.org