Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yZgGA6jlcWbe3RvXFdom7_-MVe8.roa
File: yZgGA6jlcWbe3RvXFdom7_-MVe8.roa (raw, json)
Hash identifier: 1K9H1WPjZzMFUEhPEkBN/1AGTmRQDj5CXfo5KStX3xY=
Subject key identifier: C9:98:06:03:A8:E5:71:66:DE:DD:1B:D7:15:DA:26:EF:FF:8C:55:EF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018BBDE70B9C99C449BF79748067478B8BF9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yZgGA6jlcWbe3RvXFdom7_-MVe8.roa
Signing time: Sat 11 Nov 2023 10:21:57 +0000
ROA not before: Sat 11 Nov 2023 10:21:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:e7:0b:9c:99:c4:49:bf:79:74:80:67:47:8b:8b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 11 10:21:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9980603a8e57166dedd1bd715da26efff8c55ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7f:2f:00:29:3f:6f:ef:40:52:23:6f:02:09:
7f:b6:4a:f5:69:0a:a4:c3:9d:a1:6a:36:b4:cb:f2:
56:91:4d:5f:01:ec:8d:8a:c7:c5:d7:5c:5d:3c:a8:
b9:e1:2a:40:d5:57:bf:14:5b:b6:22:1c:6b:82:ba:
df:5b:d9:4b:7d:81:de:3b:3d:4f:59:67:7e:c9:7a:
32:ca:e4:54:22:54:ee:4a:51:78:39:ba:1e:ac:05:
2d:77:53:b9:7a:9c:d3:f9:a2:ec:39:f8:41:94:5d:
f2:aa:c5:72:7e:a7:c9:29:d7:6b:80:97:24:16:35:
b9:46:d5:59:a0:58:4e:64:85:aa:ea:c2:de:23:6f:
21:32:4b:e2:cf:71:67:66:6b:55:c8:2d:9c:7b:8c:
a0:34:38:34:18:cb:78:2a:73:ba:1d:f7:67:8e:4a:
3e:cd:aa:8e:75:6d:6c:15:9f:9d:98:8b:b0:83:07:
d1:d6:7f:ab:fc:b9:88:7d:d0:1b:2c:31:43:c1:cf:
31:eb:3d:9f:91:4d:e6:f4:04:0a:8a:a9:1f:6d:2c:
1b:9f:91:f5:5e:c6:86:1f:b3:67:a5:f3:c8:be:b2:
ac:d9:66:29:36:0f:ff:56:50:e4:d5:48:58:2d:20:
71:b0:de:fd:9e:e9:30:b9:33:67:48:f1:81:05:60:
c3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:98:06:03:A8:E5:71:66:DE:DD:1B:D7:15:DA:26:EF:FF:8C:55:EF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yZgGA6jlcWbe3RvXFdom7_-MVe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.86.0/24
163.5.97.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:28:42:14:ff:73:4e:e8:84:49:a9:17:88:f4:82:ca:bf:3e:
60:04:50:1b:9c:b5:cf:e3:1d:70:2e:d4:ae:2f:01:19:b7:95:
19:dc:e6:c8:45:86:05:c4:88:0c:ac:23:de:c4:9e:d1:37:df:
e6:6a:5f:62:e5:56:16:24:53:f6:22:86:98:db:92:4d:3c:38:
2b:3c:34:d7:a7:a3:93:97:0e:63:7d:95:e4:e5:ae:6a:61:d5:
33:18:15:9a:35:e3:45:9d:2b:43:64:c8:af:97:d3:20:19:ba:
83:fb:c8:f9:4d:cc:11:7a:39:96:30:6b:0e:32:ee:d6:71:b1:
20:c1:0d:5a:bf:3a:ab:89:29:2c:84:06:c0:96:e9:d5:ee:eb:
65:48:0a:f5:4e:c5:75:97:3a:32:76:15:dd:cc:7d:df:46:02:
b1:2d:d7:bc:e2:e3:21:26:41:8f:43:ce:6b:cb:9f:40:1c:02:
71:1c:21:07:92:7b:d9:cc:6e:84:1d:bd:31:29:04:63:1d:86:
76:4c:1a:33:c8:c7:03:20:d0:64:dd:bd:14:5f:3d:dd:db:fa:
ec:ac:7f:af:10:4d:40:48:3c:94:49:31:78:74:c1:12:61:f4:
a0:3a:6f:a1:76:7b:ae:90:48:87:8d:40:a6:bb:ee:71:b3:fa:
24:1b:19:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYu95wucmcRJv3l0gGdHi4v5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTExMTAyMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk4MDYwM2E4ZTU3MTY2ZGVkZDFiZDcxNWRhMjZlZmZmOGM1NWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn8vACk/b+9AUiNvAgl/tkr1aQqk
w52haja0y/JWkU1fAeyNisfF11xdPKi54SpA1Ve/FFu2IhxrgrrfW9lLfYHeOz1P
WWd+yXoyyuRUIlTuSlF4OboerAUtd1O5epzT+aLsOfhBlF3yqsVyfqfJKddrgJck
FjW5RtVZoFhOZIWq6sLeI28hMkviz3FnZmtVyC2ce4ygNDg0GMt4KnO6Hfdnjko+
zaqOdW1sFZ+dmIuwgwfR1n+r/LmIfdAbLDFDwc8x6z2fkU3m9AQKiqkfbSwbn5H1
XsaGH7NnpfPIvrKs2WYpNg//VlDk1UhYLSBxsN79nukwuTNnSPGBBWDD6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmYBgOo5XFm3t0b1xXaJu//jFXvMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveVpnR0E2amxjV2JlM1J2WEZkb203Xy1NVmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVWAwQA
owVhMA0GCSqGSIb3DQEBCwUAA4IBAQAsKEIU/3NO6IRJqReI9ILKvz5gBFAbnLXP
4x1wLtSuLwEZt5UZ3ObIRYYFxIgMrCPexJ7RN9/mal9i5VYWJFP2IoaY25JNPDgr
PDTXp6OTlw5jfZXk5a5qYdUzGBWaNeNFnStDZMivl9MgGbqD+8j5TcwRejmWMGsO
Mu7WcbEgwQ1avzqriSkshAbAlunV7utlSAr1TsV1lzoydhXdzH3fRgKxLde84uMh
JkGPQ85ry59AHAJxHCEHknvZzG6EHb0xKQRjHYZ2TBozyMcDINBk3b0UXz3d2/rs
rH+vEE1ASDyUSTF4dMESYfSgOm+hdnuukEiHjUCmu+5xs/okGxkY
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:19 2024 by rpki-client on console-fra.rpki-client.org