Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Gjzy714pPB0w4oMOYMBvoAIm4hc.roa
File: Gjzy714pPB0w4oMOYMBvoAIm4hc.roa (raw, json)
Hash identifier: E4kelHYutkdfqbVBeCgXoW2/kIV+sXZgriwpY4Kxr0Q=
Subject key identifier: 1A:3C:F2:EF:5E:29:3C:1D:30:E2:83:0E:60:C0:6F:A0:02:26:E2:17
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01867ECBE8318B032FBF46F500BF01B1BD3C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Gjzy714pPB0w4oMOYMBvoAIm4hc.roa
Signing time: Thu 23 Feb 2023 15:02:17 +0000
ROA not before: Thu 23 Feb 2023 15:02:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 163.5.186.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:cb:e8:31:8b:03:2f:bf:46:f5:00:bf:01:b1:bd:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 23 15:02:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a3cf2ef5e293c1d30e2830e60c06fa00226e217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:10:eb:d9:66:7b:f8:9c:7c:cd:0a:cf:70:35:
b0:3a:ea:d9:24:52:f9:4f:73:79:c5:80:fb:b0:40:
27:53:32:94:ac:f4:75:35:76:c5:8a:aa:d7:63:6f:
68:dc:0d:2f:52:ae:36:40:47:29:2d:95:bf:17:72:
de:09:de:2a:14:dc:db:3a:43:cf:a1:ad:6d:2d:eb:
7c:18:79:d9:b7:d2:02:f8:63:7a:ce:b6:b5:12:43:
1a:ae:7c:54:e1:38:65:22:1d:a7:e3:47:bf:b1:b8:
fb:32:a1:38:cb:85:bc:41:52:4a:ca:cb:a6:f5:a7:
1b:88:57:84:d9:00:7d:52:c2:28:b0:72:a2:b8:be:
88:09:63:5c:48:6a:f2:13:51:4d:66:a7:d6:e5:2d:
b9:80:41:b3:b3:57:13:a6:ea:53:93:21:80:fd:f6:
4b:07:64:11:a8:c0:4a:db:ee:b5:f0:ec:1b:9f:e6:
5c:5c:81:77:5b:52:65:61:21:67:ee:6b:2f:e5:31:
ce:30:4d:74:c6:b9:e9:1c:f8:66:d2:d1:c4:e2:0a:
e9:5b:a3:80:e2:ce:1e:44:de:9b:6e:b9:c3:d0:25:
9f:7c:c0:be:95:15:f2:35:b1:fa:e1:e6:c4:03:8f:
1b:57:84:75:43:43:cc:30:30:51:1e:70:2a:99:8f:
8d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3C:F2:EF:5E:29:3C:1D:30:E2:83:0E:60:C0:6F:A0:02:26:E2:17
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Gjzy714pPB0w4oMOYMBvoAIm4hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.94.0/23
163.5.113.0/24
163.5.116.0/24
163.5.142.0/24
163.5.186.0/24
Signature Algorithm: sha256WithRSAEncryption
17:09:ad:df:1f:ab:58:4c:f4:64:82:45:23:94:85:b5:85:7a:
17:6a:16:05:ca:6f:94:24:17:12:0b:ab:6b:ae:10:f8:c4:5d:
84:a5:23:da:c5:65:f1:a5:0d:83:22:14:0f:6d:ea:a9:9e:6b:
97:28:09:15:80:cc:b7:35:66:1d:2d:df:cf:67:89:19:a2:94:
ad:37:30:99:f7:1d:d0:1b:0d:10:c1:7f:cf:ac:1c:c3:c2:b0:
c2:9d:9f:78:25:98:b7:96:d4:60:c7:40:f7:06:b3:9a:42:35:
b4:f8:4c:20:c0:64:68:74:22:08:13:10:c3:08:6b:0f:ac:09:
2f:3f:dd:4b:ca:e4:72:94:bf:58:d0:63:9d:15:25:ef:6e:de:
48:7a:32:a3:b5:2c:d7:51:13:c0:1d:e5:78:e8:df:9f:ce:3e:
d3:95:d1:9e:cf:56:5f:9b:6e:17:88:54:46:12:01:eb:6e:f3:
96:fc:4d:74:b5:d0:14:31:72:88:eb:be:09:bf:20:e6:69:58:
e6:2f:37:65:e7:67:ed:3b:17:d5:76:ff:11:4e:f0:67:c2:81:
18:46:33:9b:45:32:e9:23:61:db:6c:06:c5:fe:dd:48:44:3e:
14:52:93:2d:ba:22:8a:65:78:c7:ad:9f:4b:12:d0:8b:1b:e6:
d6:86:a9:c3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYZ+y+gxiwMvv0b1AL8Bsb08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMjIzMTUwMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTNjZjJlZjVlMjkzYzFkMzBlMjgzMGU2MGMwNmZhMDAyMjZlMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBDr2WZ7+Jx8zQrPcDWwOurZJFL5
T3N5xYD7sEAnUzKUrPR1NXbFiqrXY29o3A0vUq42QEcpLZW/F3LeCd4qFNzbOkPP
oa1tLet8GHnZt9IC+GN6zra1EkMarnxU4ThlIh2n40e/sbj7MqE4y4W8QVJKysum
9acbiFeE2QB9UsIosHKiuL6ICWNcSGryE1FNZqfW5S25gEGzs1cTpupTkyGA/fZL
B2QRqMBK2+618Owbn+ZcXIF3W1JlYSFn7msv5THOME10xrnpHPhm0tHE4grpW6OA
4s4eRN6bbrnD0CWffMC+lRXyNbH64ebEA48bV4R1Q0PMMDBRHnAqmY+N9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBo88u9eKTwdMOKDDmDAb6ACJuIXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvR2p6eTcxNHBQQjB3NG9NT1lNQnZvQUltNGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBowVeAwQA
owVxAwQAowV0AwQAowWOAwQAowW6MA0GCSqGSIb3DQEBCwUAA4IBAQAXCa3fH6tY
TPRkgkUjlIW1hXoXahYFym+UJBcSC6trrhD4xF2EpSPaxWXxpQ2DIhQPbeqpnmuX
KAkVgMy3NWYdLd/PZ4kZopStNzCZ9x3QGw0QwX/PrBzDwrDCnZ94JZi3ltRgx0D3
BrOaQjW0+EwgwGRodCIIExDDCGsPrAkvP91LyuRylL9Y0GOdFSXvbt5IejKjtSzX
URPAHeV46N+fzj7TldGez1Zfm24XiFRGEgHrbvOW/E10tdAUMXKI674JvyDmaVjm
Lzdl52ftOxfVdv8RTvBnwoEYRjObRTLpI2HbbAbF/t1IRD4UUpMtuiKKZXjHrZ9L
EtCLG+bWhqnD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-ams.rpki-client.org