Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CeyZYcsfxkSi6WYF10dWZskQMtA.roa
File: CeyZYcsfxkSi6WYF10dWZskQMtA.roa (raw, json)
Hash identifier: Z9ctGj77uNEm2iY+GZgabfxRh5Np/MfzlA7+acSAwp8=
Subject key identifier: 09:EC:99:61:CB:1F:C6:44:A2:E9:66:05:D7:47:56:66:C9:10:32:D0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018ACD7517A82EC6B7DEB304253B27BB5C4E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CeyZYcsfxkSi6WYF10dWZskQMtA.roa
Signing time: Mon 25 Sep 2023 17:48:37 +0000
ROA not before: Mon 25 Sep 2023 17:48:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.230.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.102.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.63.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:75:17:a8:2e:c6:b7:de:b3:04:25:3b:27:bb:5c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 25 17:48:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09ec9961cb1fc644a2e96605d7475666c91032d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5e:72:0f:66:5b:7d:8c:a2:12:fb:f5:d8:f9:
83:c0:37:2f:89:6e:e5:de:19:2e:3f:a2:74:2c:ae:
58:38:6c:68:e8:5c:28:e1:c6:7d:ea:27:62:06:bc:
62:2f:8f:96:2a:ba:8b:5c:79:68:8f:15:d7:96:e3:
a2:40:91:bd:b6:5e:45:91:35:18:4a:a6:e4:41:9f:
13:29:06:9a:80:8b:5b:7e:11:e6:a3:68:58:36:69:
14:78:14:16:08:3f:16:7d:42:f7:d8:ad:db:49:64:
d7:8f:d6:2a:e0:a9:ba:1c:46:97:7e:3f:52:ae:b4:
9e:f8:c2:67:5d:4b:66:c1:53:0a:6b:6c:1e:2f:08:
d6:2a:34:90:49:cf:3e:3b:bb:86:56:8d:36:eb:e8:
6e:3a:e4:10:72:2b:90:7d:23:02:21:a2:15:8d:15:
f5:89:00:b9:35:5f:14:ef:84:ff:c5:3e:46:b3:0d:
59:2c:8f:fa:2d:b7:75:2b:28:80:88:27:b1:da:57:
0d:b4:b3:e4:da:0f:aa:b8:09:4e:06:f5:21:4f:56:
d7:35:0d:f6:73:c2:ea:6f:25:1a:0d:f5:4a:4b:d7:
63:1f:92:7d:39:7c:c6:87:7b:eb:55:6c:25:f6:3d:
9f:7c:34:56:43:3e:e7:aa:97:98:0c:b3:8b:4c:53:
44:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EC:99:61:CB:1F:C6:44:A2:E9:66:05:D7:47:56:66:C9:10:32:D0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CeyZYcsfxkSi6WYF10dWZskQMtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.38.0/23
163.5.60.0/24
163.5.63.0/24
163.5.88.0/24
163.5.90.0/24
163.5.93.0/24
163.5.101.0-163.5.102.255
163.5.108.0/23
163.5.116.0/22
163.5.130.0/23
163.5.133.0-163.5.134.255
163.5.147.0/24
163.5.174.0/24
163.5.189.0/24
163.5.192.0/24
163.5.225.0-163.5.230.255
163.5.238.0/24
163.5.240.0/24
163.5.243.0/24
163.5.245.0-163.5.246.255
Signature Algorithm: sha256WithRSAEncryption
6e:2b:f1:4d:c1:51:dc:5d:71:03:67:e3:77:0c:cc:13:af:f7:
6d:15:24:39:aa:71:c2:8c:49:20:6e:e4:88:33:d9:ee:66:5d:
16:f8:0c:fe:e7:ed:fc:51:5a:53:f1:3c:53:d0:cf:76:b9:5c:
88:26:1e:99:ce:0f:66:ce:f7:4a:3c:5f:50:1a:13:de:d9:11:
6d:e1:52:f3:91:63:b8:ca:df:3d:bf:7e:5c:2b:61:57:83:28:
87:32:0f:3e:ab:7b:b3:16:64:a6:d5:0c:57:a4:84:a9:cc:34:
5c:44:12:35:b1:c0:4d:7a:ff:fb:38:af:76:6c:10:ce:9c:56:
47:f0:ea:95:9f:cd:5c:a3:66:86:bd:c7:60:eb:cf:96:c2:04:
e3:71:8f:a0:d4:d3:9d:d7:1d:d1:24:34:fc:09:c6:1e:4d:83:
56:1e:f0:3f:da:dd:c6:9a:bf:3f:12:b1:2b:71:b8:8b:73:28:
4e:28:98:97:d1:c5:c4:8b:bf:d0:72:45:0a:1d:76:6c:57:b8:
89:70:ab:be:c8:91:dc:6d:bd:57:ee:89:51:64:9c:7d:9c:c5:
70:ec:65:da:04:64:67:9a:5d:69:a7:d3:40:05:77:39:05:47:
40:9d:33:e4:65:58:e5:10:81:88:d1:c6:59:f2:59:47:fb:2d:
96:0e:79:64
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYrNdReoLsa33rMEJTsnu1xOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTI1MTc0ODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWVjOTk2MWNiMWZjNjQ0YTJlOTY2MDVkNzQ3NTY2NmM5MTAzMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl5yD2ZbfYyiEvv12PmDwDcviW7l
3hkuP6J0LK5YOGxo6Fwo4cZ96idiBrxiL4+WKrqLXHlojxXXluOiQJG9tl5FkTUY
SqbkQZ8TKQaagItbfhHmo2hYNmkUeBQWCD8WfUL32K3bSWTXj9Yq4Km6HEaXfj9S
rrSe+MJnXUtmwVMKa2weLwjWKjSQSc8+O7uGVo026+huOuQQciuQfSMCIaIVjRX1
iQC5NV8U74T/xT5Gsw1ZLI/6Lbd1KyiAiCex2lcNtLPk2g+quAlOBvUhT1bXNQ32
c8LqbyUaDfVKS9djH5J9OXzGh3vrVWwl9j2ffDRWQz7nqpeYDLOLTFNEyQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFAnsmWHLH8ZEoulmBddHVmbJEDLQMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQ2V5Wlljc2Z4a1NpNldZRjEwZFdac2tRTXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAGj
BSYDBACjBTwDBACjBT8DBACjBVgDBACjBVoDBACjBV0wDAMEAKMFZQMEAKMFZgME
AaMFbAMEAqMFdAMEAaMFgjAMAwQAowWFAwQAowWGAwQAowWTAwQAowWuAwQAowW9
AwQAowXAMAwDBACjBeEDBACjBeYDBACjBe4DBACjBfADBACjBfMwDAMEAKMF9QME
AKMF9jANBgkqhkiG9w0BAQsFAAOCAQEAbivxTcFR3F1xA2fjdwzME6/3bRUkOapx
woxJIG7kiDPZ7mZdFvgM/uft/FFaU/E8U9DPdrlciCYemc4PZs73SjxfUBoT3tkR
beFS85FjuMrfPb9+XCthV4MohzIPPqt7sxZkptUMV6SEqcw0XEQSNbHATXr/+ziv
dmwQzpxWR/DqlZ/NXKNmhr3HYOvPlsIE43GPoNTTndcd0SQ0/AnGHk2DVh7wP9rd
xpq/PxKxK3G4i3MoTiiYl9HFxIu/0HJFCh12bFe4iXCrvsiR3G29V+6JUWScfZzF
cOxl2gRkZ5pdaafTQAV3OQVHQJ0z5GVY5RCBiNHGWfJZR/stlg55ZA==
-----END CERTIFICATE-----
Generated at Thu Sep 28 21:38:49 2023 by rpki-client on console-ams.rpki-client.org