Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3tyw01_EX4alIrXkNvhuJsTTQ4o.roa
File: 3tyw01_EX4alIrXkNvhuJsTTQ4o.roa (raw, json)
Hash identifier: hjSd3IZA6vb9xNXrGu5xeqtctvig47yRAiNdOkwu9uI=
Subject key identifier: DE:DC:B0:D3:5F:C4:5F:86:A5:22:B5:E4:36:F8:6E:26:C4:D3:43:8A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C54CD7754782659E163BD952B12FA4B5C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3tyw01_EX4alIrXkNvhuJsTTQ4o.roa
Signing time: Sun 10 Dec 2023 17:36:40 +0000
ROA not before: Sun 10 Dec 2023 17:36:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:54:cd:77:54:78:26:59:e1:63:bd:95:2b:12:fa:4b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 10 17:36:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dedcb0d35fc45f86a522b5e436f86e26c4d3438a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:03:00:c8:f5:df:b2:9b:3e:90:05:57:f9:3c:
4c:c7:73:09:51:d5:ff:27:31:84:53:89:7c:6b:ae:
33:94:86:27:27:64:d5:33:3a:9d:28:d0:0d:6a:17:
43:39:c7:d2:66:44:d6:d0:b0:80:58:90:48:e3:67:
d5:85:6b:b7:69:85:6a:0b:a4:c1:ee:54:f5:1f:3a:
38:6f:7c:3d:00:47:f9:4f:f6:45:ff:68:b3:7d:04:
c8:fe:25:91:5e:02:8f:5a:27:d7:1d:ef:00:b5:05:
46:c8:4e:a5:96:e8:ef:db:50:41:37:2f:c8:51:a8:
d0:f9:3e:17:ae:c0:01:be:79:90:43:8c:f4:3c:d3:
be:2e:bc:eb:a1:24:2d:0f:d5:de:5e:84:d9:8a:a6:
70:e0:f3:41:38:ac:5e:f1:b6:e1:1e:1f:1e:84:2f:
c9:03:da:65:44:db:b7:48:7f:4c:0b:4e:46:07:e4:
ee:9a:fd:4c:29:c0:0b:b9:50:bd:94:67:fd:b6:24:
4a:a6:a7:6b:38:f6:1e:92:bc:5a:12:12:a5:25:36:
d9:9d:f5:1d:83:4b:93:27:c0:cb:97:d1:01:7d:f2:
91:76:e4:ba:3b:cb:06:d9:c3:2d:71:2a:47:75:9c:
bf:bd:cd:f3:07:d4:c2:4f:23:e7:31:48:64:aa:70:
e3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:DC:B0:D3:5F:C4:5F:86:A5:22:B5:E4:36:F8:6E:26:C4:D3:43:8A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3tyw01_EX4alIrXkNvhuJsTTQ4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.36.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.106.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.139.0/24
163.5.142.0/23
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/24
163.5.167.0/24
163.5.170.0/24
163.5.176.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
87:ec:8c:e5:a6:00:9d:63:6a:22:1e:04:03:8e:7f:59:75:42:
0b:b8:28:71:84:a4:d6:4e:5f:4f:79:17:06:66:07:ff:e5:a0:
37:1a:54:e9:9f:63:a5:aa:14:f8:81:7b:dc:9d:41:b5:a1:b7:
a5:3c:17:53:1d:43:e6:39:5c:51:51:c4:59:fc:25:ee:84:b8:
95:81:e3:cf:c3:cb:8d:49:b6:31:d6:0e:b4:ff:b8:8d:01:ab:
1f:07:81:d8:ea:f2:ea:a8:9a:ff:fe:7e:9f:56:c8:76:8a:84:
b3:5b:e8:4a:ee:25:c4:78:6d:a1:d0:02:c2:b4:14:fb:0b:e7:
9c:e7:fb:b9:1c:23:0e:b3:3b:11:51:e8:cf:36:15:eb:d3:b2:
dd:5a:ad:44:d3:19:14:c8:15:cf:6d:f8:4b:1e:eb:97:84:1c:
d3:29:90:bb:92:48:42:0a:47:66:5e:c2:84:96:2a:e8:82:33:
bf:af:7f:77:0e:22:fb:00:3b:72:92:30:57:ab:47:46:3e:9f:
39:c7:ee:16:9e:58:8a:08:9a:11:4e:50:53:5b:87:fe:7f:19:
52:00:e4:e4:b6:73:de:26:3b:2a:80:0a:7a:49:98:01:15:4c:
12:0e:ba:55:c1:d6:56:ba:b1:6a:4d:1e:d2:b5:96:1f:ff:1c:
25:42:8d:57
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAYxUzXdUeCZZ4WO9lSsS+ktcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjEwMTczNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWRjYjBkMzVmYzQ1Zjg2YTUyMmI1ZTQzNmY4NmUyNmM0ZDM0MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwMAyPXfsps+kAVX+TxMx3MJUdX/
JzGEU4l8a64zlIYnJ2TVMzqdKNANahdDOcfSZkTW0LCAWJBI42fVhWu3aYVqC6TB
7lT1Hzo4b3w9AEf5T/ZF/2izfQTI/iWRXgKPWifXHe8AtQVGyE6llujv21BBNy/I
UajQ+T4XrsABvnmQQ4z0PNO+LrzroSQtD9XeXoTZiqZw4PNBOKxe8bbhHh8ehC/J
A9plRNu3SH9MC05GB+Tumv1MKcALuVC9lGf9tiRKpqdrOPYekrxaEhKlJTbZnfUd
g0uTJ8DLl9EBffKRduS6O8sG2cMtcSpHdZy/vc3zB9TCTyPnMUhkqnDjYQIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFN7csNNfxF+GpSK15Db4bibE00OKMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvM3R5dzAxX0VYNGFsSXJYa052aHVKc1RUUTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCB/QQCAAEwgfYD
BACjBR4DBACjBSQDBACjBU8DBACjBVMDBACjBVkDBAGjBV4DBACjBWowDAMEAaMF
bgMEAaMFcAMEAKMFeQMEAKMFfgMEAKMFgAMEAKMFhgMEAKMFiwMEAaMFjgMEAKMF
kgMEAKMFlAMEAaMFlgMEAKMFnAMEAKMFoAMEAKMFpwMEAKMFqgMEAKMFsAMEAKMF
sjAMAwQAowW1AwQAowW2AwQAowW6AwQBowW8AwQAowW/AwQAowXHAwQAowXJMAwD
BACjBcsDBAGjBcwDBACjBdoDBACjBeADBACjBeQDBACjBfEDBACjBfoDBACjBf0D
BACjBf8wDQYJKoZIhvcNAQELBQADggEBAIfsjOWmAJ1jaiIeBAOOf1l1Qgu4KHGE
pNZOX095FwZmB//loDcaVOmfY6WqFPiBe9ydQbWht6U8F1MdQ+Y5XFFRxFn8Je6E
uJWB48/Dy41JtjHWDrT/uI0Bqx8Hgdjq8uqomv/+fp9WyHaKhLNb6EruJcR4baHQ
AsK0FPsL55zn+7kcIw6zOxFR6M82FevTst1arUTTGRTIFc9t+Ese65eEHNMpkLuS
SEIKR2ZewoSWKuiCM7+vf3cOIvsAO3KSMFerR0Y+nznH7haeWIoImhFOUFNbh/5/
GVIA5OS2c94mOyqACnpJmAEVTBIOulXB1la6sWpNHtK1lh//HCVCjVc=
-----END CERTIFICATE-----
Generated at Tue Dec 12 20:32:15 2023 by rpki-client on console-ams.rpki-client.org