Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IcMISHzv-RB5jAsvVc6DtgG_hbU.roa
File: IcMISHzv-RB5jAsvVc6DtgG_hbU.roa (raw, json)
Hash identifier: IZFu9qZlx30fT2eficzPvc+21vbORMHBCBYcv/zR/PM=
Subject key identifier: 21:C3:08:48:7C:EF:F9:10:79:8C:0B:2F:55:CE:83:B6:01:BF:85:B5
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C99F71EA84F40B51935B0B2E19B5D4F3A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IcMISHzv-RB5jAsvVc6DtgG_hbU.roa
Signing time: Sun 24 Dec 2023 03:55:58 +0000
ROA not before: Sun 24 Dec 2023 03:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:99:f7:1e:a8:4f:40:b5:19:35:b0:b2:e1:9b:5d:4f:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 24 03:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21c308487ceff910798c0b2f55ce83b601bf85b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8d:ea:07:3b:20:0c:04:b6:cb:54:67:b0:5e:
6a:dc:73:89:5d:63:2b:aa:09:94:95:26:1b:c2:98:
95:14:71:bf:ca:54:f6:c4:e2:37:68:6d:59:d9:9a:
87:65:f4:f6:3f:eb:5b:33:ed:f8:6e:7a:8d:cb:72:
32:3a:9d:ab:1f:53:82:b6:d0:81:6c:7b:d2:da:f9:
8e:d2:f9:a2:b1:17:00:88:94:95:7f:ea:a9:ae:23:
cc:79:8a:83:09:a9:90:c7:c8:ef:62:70:44:df:27:
84:23:fb:66:83:fc:46:37:b1:68:2c:4a:f0:c2:1d:
a1:95:ae:47:ad:f7:da:68:b5:5f:40:95:b5:18:05:
0c:42:83:5f:be:d9:5d:74:19:21:ca:c8:82:37:2b:
f1:d0:c5:40:50:55:a6:27:b7:fc:10:57:ae:13:01:
6c:a4:cd:13:17:e3:4b:a2:63:34:20:ff:c3:38:01:
dd:17:c5:ed:53:45:ab:c9:c3:20:84:2d:e1:f2:cc:
80:48:4a:5c:43:83:1d:cd:b1:0a:eb:d9:1e:9b:89:
aa:b8:7e:54:de:b5:22:3f:eb:68:7e:3d:e5:a5:3f:
cb:60:9a:ea:7d:eb:cf:d8:15:f4:17:dd:bc:4b:24:
4e:e8:47:d8:4f:0c:09:43:b8:91:1b:ce:a2:d2:89:
ec:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C3:08:48:7C:EF:F9:10:79:8C:0B:2F:55:CE:83:B6:01:BF:85:B5
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IcMISHzv-RB5jAsvVc6DtgG_hbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.36.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.106.0/24
163.5.110.0-163.5.113.255
163.5.120.0/23
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/24
163.5.167.0/24
163.5.170.0/24
163.5.178.0/23
163.5.181.0-163.5.182.255
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:8e:79:9d:8f:11:2b:fe:db:d0:43:b4:6c:9a:b7:1d:1b:5a:
6e:b2:61:fb:8c:cd:39:0b:9e:a9:3e:36:3d:32:57:81:d6:da:
24:70:92:14:b6:f5:1c:3d:1b:52:db:67:09:e3:2b:9d:db:b7:
78:d6:a6:3a:78:d1:0e:fb:c5:a0:db:f8:f4:e6:f0:3d:e7:27:
41:18:4a:8c:39:cc:22:e7:33:04:63:9a:52:4c:66:c0:2b:df:
fa:7c:ba:1b:8d:ae:46:2e:1e:c0:73:af:79:de:f5:6f:f7:22:
29:52:74:d3:30:56:cf:88:f9:eb:be:6c:69:ca:c8:2e:74:35:
99:bc:4c:84:11:0c:49:d5:6b:9e:3a:bc:eb:01:43:63:2f:36:
c9:5b:77:11:c2:56:93:a9:4b:71:cf:fa:0a:0b:1c:56:81:72:
d2:77:6f:4c:fc:54:4e:bc:4b:7a:a1:38:6b:6d:21:96:43:5b:
22:bf:d9:a9:77:f1:cd:58:1d:20:1a:98:8e:82:7e:3f:2b:10:
7b:fb:87:c3:48:aa:a6:e1:ea:f8:bf:5c:a1:7d:2e:f1:46:f9:
d7:6e:22:65:97:98:3e:20:3b:d1:be:c9:38:f6:62:aa:77:25:
ac:67:29:10:b8:49:ef:2b:32:f9:44:46:42:15:18:ad:bd:73:
24:50:ec:5b
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYyZ9x6oT0C1GTWwsuGbXU86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjI0MDM1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWMzMDg0ODdjZWZmOTEwNzk4YzBiMmY1NWNlODNiNjAxYmY4NWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjI3qBzsgDAS2y1RnsF5q3HOJXWMr
qgmUlSYbwpiVFHG/ylT2xOI3aG1Z2ZqHZfT2P+tbM+34bnqNy3IyOp2rH1OCttCB
bHvS2vmO0vmisRcAiJSVf+qpriPMeYqDCamQx8jvYnBE3yeEI/tmg/xGN7FoLErw
wh2hla5HrffaaLVfQJW1GAUMQoNfvtlddBkhysiCNyvx0MVAUFWmJ7f8EFeuEwFs
pM0TF+NLomM0IP/DOAHdF8XtU0WrycMghC3h8syASEpcQ4MdzbEK69kem4mquH5U
3rUiP+tofj3lpT/LYJrqfevP2BX0F928SyRO6EfYTwwJQ7iRG86i0onsHQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFCHDCEh87/kQeYwLL1XOg7YBv4W1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSWNNSVNIenYtUkI1akFzdlZjNkR0Z0dfaGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQA
owUeAwQAowUkAwQAowVPAwQAowVTAwQAowVZAwQBowVeAwQAowVqMAwDBAGjBW4D
BAGjBXADBAGjBXgDBACjBX4DBACjBYADBACjBYYDBACjBYsDBACjBY8DBACjBZID
BACjBZQDBAGjBZYDBACjBZwDBACjBaADBACjBacDBACjBaoDBAGjBbIwDAMEAKMF
tQMEAKMFtgMEAaMFvAMEAKMFvwMEAKMFyTAMAwQAowXLAwQBowXMAwQAowXaAwQA
owXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9AwQAowX/MA0GCSqGSIb3DQEBCwUA
A4IBAQB8jnmdjxEr/tvQQ7RsmrcdG1pusmH7jM05C56pPjY9MleB1tokcJIUtvUc
PRtS22cJ4yud27d41qY6eNEO+8Wg2/j05vA95ydBGEqMOcwi5zMEY5pSTGbAK9/6
fLobja5GLh7Ac6953vVv9yIpUnTTMFbPiPnrvmxpysgudDWZvEyEEQxJ1WueOrzr
AUNjLzbJW3cRwlaTqUtxz/oKCxxWgXLSd29M/FROvEt6oThrbSGWQ1siv9mpd/HN
WB0gGpiOgn4/KxB7+4fDSKqm4er4v1yhfS7xRvnXbiJll5g+IDvRvsk49mKqdyWs
ZykQuEnvKzL5REZCFRitvXMkUOxb
-----END CERTIFICATE-----
Generated at Thu Dec 28 00:57:26 2023 by rpki-client on console-ams.rpki-client.org