Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8TyANSvMmkSTO2jtOKONvQZxTL8.roa
File: 8TyANSvMmkSTO2jtOKONvQZxTL8.roa (raw, json)
Hash identifier: 0dyB1zqXOCEc0ZWf2rmEJ+B1dO0blJ/SVmODjuZX4fo=
Subject key identifier: F1:3C:80:35:2B:CC:9A:44:93:3B:68:ED:38:A3:8D:BD:06:71:4C:BF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC4020FEA69063174E37C3BA999D91428
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8TyANSvMmkSTO2jtOKONvQZxTL8.roa
Signing time: Mon 01 Jan 2024 07:51:58 +0000
ROA not before: Mon 01 Jan 2024 07:51:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.186.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:02:0f:ea:69:06:31:74:e3:7c:3b:a9:99:d9:14:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 07:51:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f13c80352bcc9a44933b68ed38a38dbd06714cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:77:d7:10:62:d3:2c:3d:0c:f2:a1:d5:ad:c6:
c4:f2:a8:f5:4b:55:71:3b:7e:93:9e:06:97:56:d0:
22:55:a8:78:67:0f:f1:c5:b2:90:d8:bf:fa:86:98:
9c:a5:ba:30:de:7e:f3:d0:e3:b1:48:ed:c5:f8:fa:
5f:7a:25:52:1f:47:4f:77:16:24:dc:e9:37:32:a3:
2b:f2:8e:4d:61:63:83:a1:9a:8c:e2:ab:b6:49:d9:
ef:27:89:56:8b:04:af:ce:46:78:cc:e3:dd:0f:3e:
f9:b5:66:10:c3:5e:0e:22:55:24:76:54:ee:d4:39:
61:05:5a:5d:bb:e2:59:52:e1:9f:6f:ca:5e:9b:64:
27:ca:a5:fa:d8:5f:5d:aa:71:c4:5c:f4:0a:dd:5f:
f2:62:94:aa:8b:fd:cf:88:34:58:8a:7b:32:cb:5b:
3b:ba:e8:5e:9b:f8:cd:c7:97:f6:2f:44:10:a0:a8:
85:32:dd:1e:7f:13:48:92:8b:37:ce:d3:14:b5:02:
e3:8c:bc:bc:94:86:e9:85:2e:fa:08:6b:fa:6f:3d:
70:7d:32:12:54:e7:a6:27:a0:0f:bb:90:f7:27:ee:
4a:28:57:0c:fa:7e:3f:32:4a:30:6a:3f:51:b1:8c:
b7:46:ae:f7:4a:9a:1f:72:3c:5d:cd:34:6e:e8:ab:
da:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:3C:80:35:2B:CC:9A:44:93:3B:68:ED:38:A3:8D:BD:06:71:4C:BF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8TyANSvMmkSTO2jtOKONvQZxTL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.156.0/24
163.5.168.0/24
163.5.170.0/24
163.5.186.0/24
163.5.220.0/24
Signature Algorithm: sha256WithRSAEncryption
02:92:c0:05:b8:65:3d:8b:c2:93:77:a3:30:c9:1f:55:23:f0:
c7:6d:0d:bc:44:4d:43:ab:53:8d:bd:94:49:b4:02:be:28:f5:
a5:f7:e1:af:ec:aa:bf:39:40:db:12:56:13:ff:eb:84:f2:a8:
a0:7a:b3:87:ea:e3:5a:75:22:d4:e0:94:1d:48:74:cd:20:c0:
67:0a:d0:c0:a3:ee:fb:2b:7c:d3:ca:dc:0e:4b:9a:16:ea:47:
37:4c:9f:40:d4:58:0e:ae:75:1f:cf:12:03:0d:7d:98:19:8f:
06:a4:b8:f4:15:53:ce:6f:c7:bb:ad:e5:d8:89:d2:12:6a:66:
ce:1c:f7:72:dd:ee:06:83:59:83:a4:d5:d0:15:b1:ae:ab:c6:
3e:92:8d:6b:41:76:f1:0b:62:d9:fd:71:f3:05:58:55:09:0f:
53:0f:f8:06:df:33:6c:be:36:36:91:75:24:c9:25:6f:df:63:
ba:fd:1c:db:a9:1a:11:c1:56:62:e9:7c:2e:a6:cf:f2:bc:c8:
8e:c9:c7:dc:5a:f4:5c:40:ac:f1:10:07:64:5c:38:94:94:e7:
d4:33:4a:c7:53:15:8e:8e:c2:5d:53:5e:a8:df:86:92:71:86:
8e:12:70:78:23:cf:40:67:68:c0:15:bb:2b:5b:33:42:49:0b:
12:95:b1:5d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEAg/qaQYxdON8O6mZ2RQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDc1MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTNjODAzNTJiY2M5YTQ0OTMzYjY4ZWQzOGEzOGRiZDA2NzE0Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHfXEGLTLD0M8qHVrcbE8qj1S1Vx
O36TngaXVtAiVah4Zw/xxbKQ2L/6hpicpbow3n7z0OOxSO3F+PpfeiVSH0dPdxYk
3Ok3MqMr8o5NYWODoZqM4qu2SdnvJ4lWiwSvzkZ4zOPdDz75tWYQw14OIlUkdlTu
1DlhBVpdu+JZUuGfb8pem2QnyqX62F9dqnHEXPQK3V/yYpSqi/3PiDRYinsyy1s7
uuhem/jNx5f2L0QQoKiFMt0efxNIkos3ztMUtQLjjLy8lIbphS76CGv6bz1wfTIS
VOemJ6APu5D3J+5KKFcM+n4/Mkowaj9RsYy3Rq73SpofcjxdzTRu6KvaSQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPE8gDUrzJpEkzto7Tijjb0GcUy/MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOFR5QU5Tdk1ta1NUTzJqdE9LT052UVp4VEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowWcAwQA
owWoAwQAowWqAwQAowW6AwQAowXcMA0GCSqGSIb3DQEBCwUAA4IBAQACksAFuGU9
i8KTd6MwyR9VI/DHbQ28RE1Dq1ONvZRJtAK+KPWl9+Gv7Kq/OUDbElYT/+uE8qig
erOH6uNadSLU4JQdSHTNIMBnCtDAo+77K3zTytwOS5oW6kc3TJ9A1FgOrnUfzxID
DX2YGY8GpLj0FVPOb8e7reXYidISambOHPdy3e4Gg1mDpNXQFbGuq8Y+ko1rQXbx
C2LZ/XHzBVhVCQ9TD/gG3zNsvjY2kXUkySVv32O6/RzbqRoRwVZi6Xwups/yvMiO
ycfcWvRcQKzxEAdkXDiUlOfUM0rHUxWOjsJdU16o34aScYaOEnB4I89AZ2jAFbsr
WzNCSQsSlbFd
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:19 2024 by rpki-client on console-fra.rpki-client.org