Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/10TWndBc-c6H6DSyocmdreLqDmE.roa
File: 10TWndBc-c6H6DSyocmdreLqDmE.roa (raw, json)
Hash identifier: zczrHixL2VUA28MPue5tX8bYpabTM19JJ7MR2FylyAQ=
Subject key identifier: D7:44:D6:9D:D0:5C:F9:CE:87:E8:34:B2:A1:C9:9D:AD:E2:EA:0E:61
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC425584B9D5D56E0DC7E7704D9045EBD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/10TWndBc-c6H6DSyocmdreLqDmE.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56339
IP address blocks: 163.5.2.0/24 maxlen: 24
163.5.10.0/24 maxlen: 24
163.5.11.0/24 maxlen: 24
163.5.5.0/24 maxlen: 24
163.5.68.0/24 maxlen: 24
163.5.69.0/24 maxlen: 24
163.5.65.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.82.0/24 maxlen: 24
163.5.85.0/24 maxlen: 24
163.5.80.0/24 maxlen: 24
163.5.81.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.14.0/24 maxlen: 24
163.5.12.0/24 maxlen: 24
163.5.20.0/24 maxlen: 24
163.5.23.0/24 maxlen: 24
163.5.40.0/24 maxlen: 24
163.5.41.0/24 maxlen: 24
163.5.42.0/24 maxlen: 24
163.5.43.0/24 maxlen: 24
163.5.44.0/24 maxlen: 24
163.5.48.0/24 maxlen: 24
163.5.49.0/24 maxlen: 24
163.5.50.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.45.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.47.0/24 maxlen: 24
163.5.54.0/24 maxlen: 24
163.5.55.0/24 maxlen: 24
163.5.56.0/24 maxlen: 24
163.5.57.0/24 maxlen: 24
163.5.52.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:58:4b:9d:5d:56:e0:dc:7e:77:04:d9:04:5e:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d744d69dd05cf9ce87e834b2a1c99dade2ea0e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5c:42:c1:a8:2a:4c:55:dd:1a:08:8d:07:11:
fa:67:1e:de:61:59:be:bd:de:bb:ff:a8:99:bd:86:
33:72:95:9b:14:08:2f:4a:98:69:8c:56:c3:18:61:
3a:5b:3a:be:a0:96:96:03:c4:46:61:7a:5b:69:73:
fe:fe:a8:73:60:eb:19:9d:65:4d:53:c0:9d:dc:79:
4d:29:7a:29:b1:27:63:49:81:93:5d:e0:a7:e1:d8:
8c:09:ea:10:e4:3e:a6:e7:d7:09:16:62:01:53:47:
0a:20:48:ad:15:cc:1a:3c:b2:53:2a:21:fb:c7:f8:
e3:6d:ac:bf:e0:58:5b:49:b2:d1:38:c2:b5:59:01:
30:9c:73:b6:9b:a5:82:c6:43:6d:1e:e8:ea:3f:fb:
a7:5a:d0:eb:14:01:dc:53:8b:b6:3b:52:04:ff:d2:
bb:63:6f:8c:22:46:1f:5b:a1:9e:6b:7b:7a:90:59:
b4:0f:60:d3:6f:0c:19:c5:fa:67:96:fe:51:07:4a:
c7:4d:91:6d:87:a6:b9:16:f1:71:09:bf:b9:0c:48:
8c:47:a0:e9:2c:1e:71:a3:52:78:31:93:0b:90:d3:
e1:dd:74:06:6d:e9:be:21:49:19:3f:bc:da:20:03:
6e:8d:2d:4b:68:c4:a1:b9:14:42:0d:6d:88:bd:34:
34:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:44:D6:9D:D0:5C:F9:CE:87:E8:34:B2:A1:C9:9D:AD:E2:EA:0E:61
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/10TWndBc-c6H6DSyocmdreLqDmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.2.0/24
163.5.5.0/24
163.5.10.0-163.5.14.255
163.5.20.0/24
163.5.23.0/24
163.5.40.0-163.5.57.255
163.5.65.0/24
163.5.68.0/23
163.5.73.0/24
163.5.80.0-163.5.82.255
163.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
70:3c:00:b6:ad:13:09:af:ec:45:d4:a3:56:89:01:ca:25:5f:
a6:9d:fc:d6:7f:a4:2f:82:7d:80:7d:d6:21:a2:50:ae:b5:80:
d0:90:c8:a0:d6:6e:42:27:a4:68:82:e5:ae:ff:1d:03:ca:08:
60:e0:d5:e3:3a:1a:db:e5:d3:8a:bd:4e:da:73:ac:7a:81:cc:
52:cc:8c:eb:90:19:45:c4:05:3c:a0:94:48:4e:e1:7d:04:ad:
b7:97:b8:c8:99:b8:75:5f:25:19:19:19:7d:98:0e:56:f3:25:
1a:d9:bf:33:08:23:4f:45:88:05:97:60:35:81:e5:d9:59:cf:
2e:06:f6:bd:a0:0d:ea:84:94:d2:57:cc:5f:0c:7c:37:5f:39:
84:2d:26:ee:2b:cf:84:4d:b2:44:71:c2:20:b0:61:ba:18:8c:
ae:a2:68:74:cb:1d:5f:e8:99:c5:9b:ef:67:0c:ba:02:10:c7:
a2:39:34:27:37:34:fe:6a:c8:b8:05:65:3b:c4:3f:c7:49:de:
ec:5e:8a:f4:8b:f4:0d:32:b2:93:4c:c7:a4:97:55:1e:d5:e8:
fb:d4:4e:36:34:82:01:64:5b:a9:84:be:4a:af:ba:4f:d8:02:
cc:db:8c:cf:8e:c8:3d:27:c2:86:90:3b:e1:fc:e0:66:06:ff:
70:03:1b:b0
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYzEJVhLnV1W4Nx+dwTZBF69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQ0ZDY5ZGQwNWNmOWNlODdlODM0YjJhMWM5OWRhZGUyZWEwZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1xCwagqTFXdGgiNBxH6Zx7eYVm+
vd67/6iZvYYzcpWbFAgvSphpjFbDGGE6Wzq+oJaWA8RGYXpbaXP+/qhzYOsZnWVN
U8Cd3HlNKXopsSdjSYGTXeCn4diMCeoQ5D6m59cJFmIBU0cKIEitFcwaPLJTKiH7
x/jjbay/4FhbSbLROMK1WQEwnHO2m6WCxkNtHujqP/unWtDrFAHcU4u2O1IE/9K7
Y2+MIkYfW6Gea3t6kFm0D2DTbwwZxfpnlv5RB0rHTZFth6a5FvFxCb+5DEiMR6Dp
LB5xo1J4MZMLkNPh3XQGbem+IUkZP7zaIANujS1LaMShuRRCDW2IvTQ0gwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFNdE1p3QXPnOh+g0sqHJna3i6g5hMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMTBUV25kQmMtYzZINkRTeW9jbWRyZUxxRG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAowUCAwQA
owUFMAwDBAGjBQoDBACjBQ4DBACjBRQDBACjBRcwDAMEA6MFKAMEAaMFOAMEAKMF
QQMEAaMFRAMEAKMFSTAMAwQEowVQAwQAowVSAwQAowVVMA0GCSqGSIb3DQEBCwUA
A4IBAQBwPAC2rRMJr+xF1KNWiQHKJV+mnfzWf6Qvgn2AfdYholCutYDQkMig1m5C
J6RoguWu/x0Dyghg4NXjOhrb5dOKvU7ac6x6gcxSzIzrkBlFxAU8oJRITuF9BK23
l7jImbh1XyUZGRl9mA5W8yUa2b8zCCNPRYgFl2A1geXZWc8uBva9oA3qhJTSV8xf
DHw3XzmELSbuK8+ETbJEccIgsGG6GIyuomh0yx1f6JnFm+9nDLoCEMeiOTQnNzT+
asi4BWU7xD/HSd7sXor0i/QNMrKTTMekl1Ue1ej71E42NIIBZFuphL5Kr7pP2ALM
24zPjsg9J8KGkDvh/OBmBv9wAxuw
-----END CERTIFICATE-----
Generated at Tue Jan 2 20:23:37 2024 by rpki-client on console-fra.rpki-client.org