Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TKJ7quVVaIrAkqtkbidyEsepNzI.roa
File: TKJ7quVVaIrAkqtkbidyEsepNzI.roa (raw, json)
Hash identifier: Yn6fzbt0+ZgbrvW1dqetq98LIEfsNj0W4r/DKwJ31mk=
Subject key identifier: 4C:A2:7B:AA:E5:55:68:8A:C0:92:AB:64:6E:27:72:12:C7:A9:37:32
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01881BCE41C374B471E67FB30C61AE24A3D2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TKJ7quVVaIrAkqtkbidyEsepNzI.roa
Signing time: Sun 14 May 2023 19:48:02 +0000
ROA not before: Sun 14 May 2023 19:48:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198883
IP address blocks: 163.5.84.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1b:ce:41:c3:74:b4:71:e6:7f:b3:0c:61:ae:24:a3:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 14 19:48:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ca27baae555688ac092ab646e277212c7a93732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:25:ea:6f:02:90:c7:3c:70:d6:ce:2b:4b:a6:
82:78:3d:6b:9a:0d:c7:a8:9d:16:ee:42:e6:6f:26:
08:e1:fa:9a:6f:9d:d3:d0:9b:fb:52:20:50:d6:2f:
f9:70:b7:6e:28:49:94:91:13:b9:35:64:be:25:70:
11:8a:00:63:64:11:75:37:21:d9:56:bb:b6:e3:d7:
bc:df:95:9b:42:77:a6:4b:6d:90:04:67:2d:bd:a5:
e8:55:6a:a4:2d:c2:1d:3e:67:8f:0e:5d:4a:d7:79:
54:39:36:66:2e:2c:e4:8d:76:c5:94:82:a9:fc:a1:
24:d6:f0:af:5a:8d:89:c7:39:00:28:3d:75:3b:ff:
51:a2:73:b4:6c:dc:70:61:cd:49:1b:83:20:85:de:
c3:7d:14:8e:77:76:d3:c6:dd:66:95:15:5e:27:9e:
d9:7b:c8:9c:29:01:fd:c8:24:f8:98:bb:9a:fe:33:
8f:24:17:51:cc:c9:90:4c:c7:7b:26:4c:a4:ac:c1:
47:9e:38:b9:83:01:a9:4c:b2:2f:bc:de:09:2f:8d:
12:fb:e2:1c:3e:f0:5f:b7:92:0a:20:ba:24:b0:23:
b5:7a:63:d8:36:f1:4e:9d:f4:2a:45:21:20:e9:29:
a4:72:88:7c:ae:13:32:0d:c2:fe:ef:05:5d:50:44:
0a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A2:7B:AA:E5:55:68:8A:C0:92:AB:64:6E:27:72:12:C7:A9:37:32
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TKJ7quVVaIrAkqtkbidyEsepNzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.84.0/24
163.5.144.0/24
163.5.154.0/24
163.5.192.0/23
163.5.214.0/24
163.5.233.0/24
163.5.244.0/24
Signature Algorithm: sha256WithRSAEncryption
90:13:d4:45:a7:f3:02:15:1c:2e:c7:71:52:cb:32:7a:fe:b2:
43:6a:5b:e8:fe:0d:fb:6a:22:c7:48:49:a8:e2:61:31:de:c4:
67:6d:2c:5d:07:7a:16:3f:db:ae:d1:63:3c:0d:05:3d:cc:b7:
1a:a4:61:05:58:9c:d8:71:12:53:d5:14:de:dd:63:50:9b:43:
17:eb:1d:0a:08:92:4a:c8:4d:52:7b:0c:89:52:c6:2f:be:fc:
47:05:f7:46:63:27:0f:a2:16:0e:e2:50:ad:ae:7a:15:1e:af:
f5:44:1a:65:cb:84:45:b3:22:3b:46:57:10:16:30:ec:ce:51:
73:bf:ab:b1:bd:0a:43:21:b3:9c:84:c0:02:35:29:04:21:67:
74:33:97:06:03:c8:35:bb:50:08:e6:e4:9b:43:1e:ea:7e:01:
88:4e:e3:1e:59:d2:e8:0d:e8:54:f8:f6:93:31:6b:6d:9a:4c:
a4:bd:a7:8e:18:de:5c:b4:8a:33:76:22:24:d6:69:5d:70:b2:
c0:0f:6e:d1:72:45:6f:a4:a6:1c:53:3c:d4:3c:64:0e:2c:52:
5f:d9:83:1d:13:e2:e1:6b:37:99:c3:c3:13:73:83:61:6a:cc:
e0:bf:83:91:b0:27:3c:14:e2:5d:b2:9a:27:b0:f8:34:86:e7:
68:b8:bf:7c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYgbzkHDdLRx5n+zDGGuJKPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTE0MTk0ODAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2EyN2JhYWU1NTU2ODhhYzA5MmFiNjQ2ZTI3NzIxMmM3YTkzNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCXqbwKQxzxw1s4rS6aCeD1rmg3H
qJ0W7kLmbyYI4fqab53T0Jv7UiBQ1i/5cLduKEmUkRO5NWS+JXARigBjZBF1NyHZ
Vru249e835WbQnemS22QBGctvaXoVWqkLcIdPmePDl1K13lUOTZmLizkjXbFlIKp
/KEk1vCvWo2JxzkAKD11O/9RonO0bNxwYc1JG4Mghd7DfRSOd3bTxt1mlRVeJ57Z
e8icKQH9yCT4mLua/jOPJBdRzMmQTMd7JkykrMFHnji5gwGpTLIvvN4JL40S++Ic
PvBft5IKILoksCO1emPYNvFOnfQqRSEg6Smkcoh8rhMyDcL+7wVdUEQKRwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEyie6rlVWiKwJKrZG4nchLHqTcyMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVEtKN3F1VlZhSXJBa3F0a2JpZHlFc2VwTnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowVUAwQA
owWQAwQAowWaAwQBowXAAwQAowXWAwQAowXpAwQAowX0MA0GCSqGSIb3DQEBCwUA
A4IBAQCQE9RFp/MCFRwux3FSyzJ6/rJDalvo/g37aiLHSEmo4mEx3sRnbSxdB3oW
P9uu0WM8DQU9zLcapGEFWJzYcRJT1RTe3WNQm0MX6x0KCJJKyE1SewyJUsYvvvxH
BfdGYycPohYO4lCtrnoVHq/1RBply4RFsyI7RlcQFjDszlFzv6uxvQpDIbOchMAC
NSkEIWd0M5cGA8g1u1AI5uSbQx7qfgGITuMeWdLoDehU+PaTMWttmkykvaeOGN5c
tIozdiIk1mldcLLAD27RckVvpKYcUzzUPGQOLFJf2YMdE+LhazeZw8MTc4Nhaszg
v4ORsCc8FOJdsponsPg0hudouL98
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:10 2023 by rpki-client on console-ams.rpki-client.org