Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AyIKC-BVQqupfUaKMSYbbLQs0OE.roa
File: AyIKC-BVQqupfUaKMSYbbLQs0OE.roa (raw, json)
Hash identifier: lUYYiMrO38y8wn3pz6P4xSocXty3i8HvIU1zw4f9XHM=
Subject key identifier: 03:22:0A:0B:E0:55:42:AB:A9:7D:46:8A:31:26:1B:6C:B4:2C:D0:E1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0187C1A9294EFC2CFC1A24FBF1EE2CD05183
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AyIKC-BVQqupfUaKMSYbbLQs0OE.roa
Signing time: Thu 27 Apr 2023 07:41:41 +0000
ROA not before: Thu 27 Apr 2023 07:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 163.5.70.0/24 maxlen: 24
163.5.74.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.72.0/24 maxlen: 24
163.5.78.0/24 maxlen: 24
163.5.75.0/24 maxlen: 24
163.5.77.0/24 maxlen: 24
163.5.98.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c1:a9:29:4e:fc:2c:fc:1a:24:fb:f1:ee:2c:d0:51:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 27 07:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03220a0be05542aba97d468a31261b6cb42cd0e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:25:7d:4e:72:05:1b:d6:44:68:1b:c5:35:54:
e1:f9:d8:5e:ef:81:f1:30:c9:44:78:95:41:df:77:
3f:11:38:01:e0:19:cc:a1:fb:11:f4:1b:3b:79:28:
f9:da:47:8e:07:ac:17:13:57:be:8d:86:85:81:55:
68:da:a9:d1:f9:73:7a:16:6a:d8:95:88:90:44:aa:
26:0c:b5:d5:d2:73:b1:d7:2a:c8:00:72:c7:f6:a3:
a4:97:2c:db:dd:e0:33:27:ef:20:02:69:03:cc:37:
f2:f3:37:d6:65:14:83:16:c7:24:db:ee:16:a5:9d:
c1:31:9d:57:38:57:f2:1a:73:2f:59:ea:93:eb:fd:
79:be:78:00:3d:ce:36:37:4a:00:4d:b8:6e:3c:fb:
42:71:b0:34:6c:ca:66:d5:2f:1c:f5:92:28:10:de:
01:07:68:1b:f3:67:76:cd:6b:0d:23:d8:ea:3e:c3:
5c:3e:d8:a9:d3:dc:4a:33:18:bf:f9:a4:56:57:d6:
0e:6e:1e:69:34:3d:40:59:7c:0b:21:88:39:d5:cd:
73:05:7e:90:91:b9:f4:5f:0d:0d:57:29:64:7e:c7:
ff:be:96:4f:23:28:a7:25:02:13:6a:5e:3e:d5:7f:
30:56:6f:81:49:f9:c2:80:61:e5:2c:ec:9e:c4:d0:
00:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:22:0A:0B:E0:55:42:AB:A9:7D:46:8A:31:26:1B:6C:B4:2C:D0:E1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AyIKC-BVQqupfUaKMSYbbLQs0OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.70.0/24
163.5.72.0/24
163.5.74.0-163.5.78.255
163.5.92.0/24
163.5.98.0/24
163.5.243.0/24
163.5.245.0/24
Signature Algorithm: sha256WithRSAEncryption
57:9c:3e:20:9c:7a:62:52:ee:10:de:a3:9e:4f:78:1a:9e:79:
39:7c:12:07:1f:d5:18:4e:b3:d8:c3:98:36:07:90:9f:1c:c4:
3e:ee:f5:e3:cb:53:b8:77:ed:80:f1:28:d1:cb:bd:67:11:33:
d4:97:24:61:30:36:21:03:ef:c5:89:a9:e4:c7:98:a8:be:a9:
3a:8a:46:41:bd:3c:47:f4:7c:8d:cc:d7:c6:b5:83:13:1c:4a:
d5:93:46:b3:92:e0:c2:6e:6d:9b:69:06:99:2d:16:de:0b:41:
dd:e4:7e:40:0d:b7:c1:e7:5a:95:e5:ca:8c:37:fe:04:d4:40:
1d:4a:18:0e:2c:4c:4c:1d:8d:75:6d:bc:9d:5e:f1:f0:ba:d2:
d5:16:d7:ba:bc:47:15:d8:3d:67:1f:8f:1c:32:fa:a3:50:6a:
c4:f4:74:af:66:b5:f2:e2:83:a1:7b:14:b9:88:43:e4:cc:74:
06:6e:24:e2:b9:26:5f:30:58:71:c5:c1:74:32:ec:c7:50:38:
58:ad:7c:a3:6f:91:16:32:66:d4:6a:4e:97:2b:e9:aa:b7:de:
fe:8d:5a:64:7e:8d:be:d9:7f:32:f0:de:42:ae:7e:c3:28:62:
4b:08:ba:f7:d4:8c:24:ba:08:c9:74:ef:ee:e1:25:f6:93:0e:
cf:b4:77:f9
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYfBqSlO/Cz8GiT78e4s0FGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDI3MDc0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzIyMGEwYmUwNTU0MmFiYTk3ZDQ2OGEzMTI2MWI2Y2I0MmNkMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyV9TnIFG9ZEaBvFNVTh+dhe74Hx
MMlEeJVB33c/ETgB4BnMofsR9Bs7eSj52keOB6wXE1e+jYaFgVVo2qnR+XN6FmrY
lYiQRKomDLXV0nOx1yrIAHLH9qOklyzb3eAzJ+8gAmkDzDfy8zfWZRSDFsck2+4W
pZ3BMZ1XOFfyGnMvWeqT6/15vngAPc42N0oATbhuPPtCcbA0bMpm1S8c9ZIoEN4B
B2gb82d2zWsNI9jqPsNcPtip09xKMxi/+aRWV9YObh5pND1AWXwLIYg51c1zBX6Q
kbn0Xw0NVylkfsf/vpZPIyinJQITal4+1X8wVm+BSfnCgGHlLOyexNAAMQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAMiCgvgVUKrqX1GijEmG2y0LNDhMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQXlJS0MtQlZRcXVwZlVhS01TWWJiTFFzME9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAowVGAwQA
owVIMAwDBAGjBUoDBACjBU4DBACjBVwDBACjBWIDBACjBfMDBACjBfUwDQYJKoZI
hvcNAQELBQADggEBAFecPiCcemJS7hDeo55PeBqeeTl8Egcf1RhOs9jDmDYHkJ8c
xD7u9ePLU7h37YDxKNHLvWcRM9SXJGEwNiED78WJqeTHmKi+qTqKRkG9PEf0fI3M
18a1gxMcStWTRrOS4MJubZtpBpktFt4LQd3kfkANt8HnWpXlyow3/gTUQB1KGA4s
TEwdjXVtvJ1e8fC60tUW17q8RxXYPWcfjxwy+qNQasT0dK9mtfLig6F7FLmIQ+TM
dAZuJOK5Jl8wWHHFwXQy7MdQOFitfKNvkRYyZtRqTpcr6aq33v6NWmR+jb7ZfzLw
3kKufsMoYksIuvfUjCS6CMl07+7hJfaTDs+0d/k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:08 2023 by rpki-client on console-ams.rpki-client.org