Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KyhZE-6dde9iIO75Gib_6lNM7a4.roa
File: KyhZE-6dde9iIO75Gib_6lNM7a4.roa (raw, json)
Hash identifier: PvciZbHiledtBkMEcgybIvb6xxOScN2EoaeccP0RIAI=
Subject key identifier: 2B:28:59:13:EE:9D:75:EF:62:20:EE:F9:1A:26:FF:EA:53:4C:ED:AE
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0188A07C79860B915F568E5EFF3119D6BD9E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KyhZE-6dde9iIO75Gib_6lNM7a4.roa
Signing time: Fri 09 Jun 2023 14:08:12 +0000
ROA not before: Fri 09 Jun 2023 14:08:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.230.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.87.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.107.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.61.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.198.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.210.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.222.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:7c:79:86:0b:91:5f:56:8e:5e:ff:31:19:d6:bd:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 9 14:08:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b285913ee9d75ef6220eef91a26ffea534cedae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fc:2b:bd:0d:a7:ec:97:8c:3b:8e:ee:d1:8b:
4f:1f:6f:25:f8:01:c5:dc:b8:87:df:dd:55:fb:96:
46:d4:47:5c:86:e4:6a:3c:5b:58:8f:c1:40:3a:67:
60:2d:a3:be:e6:e8:03:c4:6e:5a:ce:68:b4:20:ed:
46:81:34:29:97:bc:9d:56:a0:a1:ba:2c:2f:88:6c:
bb:33:28:90:03:d3:1a:88:65:e6:16:31:86:5a:c5:
70:e7:3d:d1:01:b4:0a:bd:d3:9e:85:23:fd:4e:3d:
b3:b6:b5:6d:c2:b8:21:12:f7:ac:5b:27:a2:b3:f3:
02:b5:0d:fc:23:47:dc:7f:2d:20:10:c8:1a:33:fb:
48:d3:2a:fb:f3:0d:bb:7c:32:88:5c:a0:e7:09:85:
6f:27:41:01:66:b2:01:33:be:74:48:9e:88:54:40:
56:a6:be:2b:49:e0:57:65:06:d0:55:72:72:35:a3:
e0:63:48:67:05:db:d6:90:13:58:0d:6f:6b:3e:a1:
91:dc:89:6b:e1:26:0e:66:39:d0:d8:5c:0c:cb:17:
79:79:d6:49:c4:96:e3:e9:14:0b:ec:22:36:e5:01:
ea:55:46:30:d1:7d:c6:05:d1:72:2d:b0:a6:0b:76:
f4:a7:a3:26:17:3d:aa:07:78:3c:46:d6:52:4d:4c:
ae:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:28:59:13:EE:9D:75:EF:62:20:EE:F9:1A:26:FF:EA:53:4C:ED:AE
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KyhZE-6dde9iIO75Gib_6lNM7a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.61.0-163.5.62.255
163.5.86.0/23
163.5.99.0/24
163.5.107.0/24
163.5.117.0/24
163.5.127.0/24
163.5.130.0/24
163.5.132.0/23
163.5.136.0/24
163.5.138.0/24
163.5.145.0/24
163.5.161.0/24
163.5.198.0/24
163.5.202.0/24
163.5.210.0/23
163.5.216.0/24
163.5.221.0-163.5.223.255
163.5.226.0/24
163.5.230.0/24
163.5.248.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:1d:08:da:ef:8a:9a:65:13:84:f9:8c:f5:10:23:7f:9d:5a:
12:a8:96:75:f9:6c:a2:19:ca:cb:44:69:e4:21:b9:07:04:6d:
0a:66:a4:e7:f8:8c:f2:92:90:75:8d:96:03:da:8b:ea:4f:72:
aa:db:78:cb:45:d4:b0:d1:e9:3f:7d:e5:02:cc:9d:ac:76:7f:
d7:a5:18:07:ca:11:48:33:d1:d8:f2:6a:56:8e:cb:e3:54:aa:
d6:3a:27:d3:0c:54:e8:50:84:39:ad:7a:b4:92:e9:a2:b4:10:
55:8c:c5:ce:e6:bb:01:8a:a7:5e:d9:43:f5:ce:24:c2:4e:33:
14:9d:b4:51:d0:b1:2f:6a:65:1b:cc:c3:7f:67:1b:e1:34:31:
11:b3:24:de:da:24:04:c9:c4:0d:f9:ba:ae:85:4f:b3:02:b3:
f7:1f:3c:39:bd:54:b9:95:8e:94:6c:1e:d2:56:32:ae:98:f0:
1f:bd:11:e6:d1:ef:02:a2:17:80:f2:5d:f9:1c:43:7d:ed:35:
f7:3a:01:d2:29:18:45:d2:ad:26:50:37:a9:b0:2b:50:ff:ba:
53:92:6e:1f:36:66:3d:7e:d6:15:79:9b:5e:70:2b:49:c8:10:
ca:40:e2:6c:38:95:ac:f3:f9:ee:82:9e:c5:cb:11:8c:d3:98:
39:b0:b5:f4
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYigfHmGC5FfVo5e/zEZ1r2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjA5MTQwODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjI4NTkxM2VlOWQ3NWVmNjIyMGVlZjkxYTI2ZmZlYTUzNGNlZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/wrvQ2n7JeMO47u0YtPH28l+AHF
3LiH391V+5ZG1EdchuRqPFtYj8FAOmdgLaO+5ugDxG5azmi0IO1GgTQpl7ydVqCh
uiwviGy7MyiQA9MaiGXmFjGGWsVw5z3RAbQKvdOehSP9Tj2ztrVtwrghEvesWyei
s/MCtQ38I0fcfy0gEMgaM/tI0yr78w27fDKIXKDnCYVvJ0EBZrIBM750SJ6IVEBW
pr4rSeBXZQbQVXJyNaPgY0hnBdvWkBNYDW9rPqGR3Ilr4SYOZjnQ2FwMyxd5edZJ
xJbj6RQL7CI25QHqVUYw0X3GBdFyLbCmC3b0p6MmFz2qB3g8RtZSTUyu7QIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFCsoWRPunXXvYiDu+Rom/+pTTO2uMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvS3loWkUtNmRkZTlpSU83NUdpYl82bE5NN2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBACj
BR8DBACjBSMwDAMEAKMFPQMEAKMFPgMEAaMFVgMEAKMFYwMEAKMFawMEAKMFdQME
AKMFfwMEAKMFggMEAaMFhAMEAKMFiAMEAKMFigMEAKMFkQMEAKMFoQMEAKMFxgME
AKMFygMEAaMF0gMEAKMF2DAMAwQAowXdAwQFowXAAwQAowXiAwQAowXmAwQAowX4
AwQAowX+MA0GCSqGSIb3DQEBCwUAA4IBAQBqHQja74qaZROE+Yz1ECN/nVoSqJZ1
+WyiGcrLRGnkIbkHBG0KZqTn+IzykpB1jZYD2ovqT3Kq23jLRdSw0ek/feUCzJ2s
dn/XpRgHyhFIM9HY8mpWjsvjVKrWOifTDFToUIQ5rXq0kumitBBVjMXO5rsBiqde
2UP1ziTCTjMUnbRR0LEvamUbzMN/ZxvhNDERsyTe2iQEycQN+bquhU+zArP3Hzw5
vVS5lY6UbB7SVjKumPAfvRHm0e8CoheA8l35HEN97TX3OgHSKRhF0q0mUDepsCtQ
/7pTkm4fNmY9ftYVeZtecCtJyBDKQOJsOJWs8/nugp7FyxGM05g5sLX0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:20 2023 by rpki-client on console-fra.rpki-client.org