Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TpLqOQGFEddwTNH3c-S33fq1zjM.roa
File: TpLqOQGFEddwTNH3c-S33fq1zjM.roa (raw, json)
Hash identifier: OxI6rIAbQ5eYXICvVXFUe5lSSHzoce7ZJ24DHJ42Qd0=
Subject key identifier: 4E:92:EA:39:01:85:11:D7:70:4C:D1:F7:73:E4:B7:DD:FA:B5:CE:33
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0189AD19F7FE9D154E5C12FC30067DEE35E2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TpLqOQGFEddwTNH3c-S33fq1zjM.roa
Signing time: Mon 31 Jul 2023 17:58:27 +0000
ROA not before: Mon 31 Jul 2023 17:58:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.202.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ad:19:f7:fe:9d:15:4e:5c:12:fc:30:06:7d:ee:35:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 31 17:58:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e92ea39018511d7704cd1f773e4b7ddfab5ce33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a9:91:3f:13:92:8a:03:92:b5:ac:48:74:68:
02:26:aa:d6:91:f7:33:30:5d:c5:e9:e9:98:85:97:
f4:4d:6e:e7:f2:ee:4a:59:06:22:94:5a:4f:87:c4:
c6:d0:3e:da:3b:2e:e2:e5:09:9c:09:b6:e8:4d:b4:
e6:e8:f6:86:36:04:08:d7:78:d9:55:d9:b9:dc:b0:
32:85:7e:55:17:56:b5:d5:40:43:9d:79:04:e7:4d:
5f:77:9e:f9:c7:64:88:9a:2a:21:81:5d:eb:5b:5b:
fc:c2:87:21:f4:f7:dc:8b:fe:3b:a3:ce:05:e6:16:
1e:2f:a5:67:63:96:2a:10:1c:e6:d0:ad:d4:3c:86:
cf:f9:c2:a9:bf:16:76:f0:a3:2e:7f:b4:37:7f:f4:
1a:de:4a:15:a0:8a:58:22:ca:c0:78:91:a6:9f:fe:
de:00:5f:b2:1f:df:10:e6:ae:c0:53:69:b4:f4:b1:
eb:b4:5c:b0:83:20:4c:cd:11:c6:6b:7a:f8:c1:1a:
ce:ac:b7:d7:75:1c:10:2b:a8:ef:5e:8d:32:3c:9b:
3f:ea:c5:f3:e3:2c:9a:ed:cc:5c:a9:ba:80:14:f3:
e4:43:9f:0c:21:68:99:3f:39:b4:cb:7f:57:5a:b9:
72:37:95:0a:bc:48:8e:e9:ea:48:73:a4:b4:ff:86:
70:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:92:EA:39:01:85:11:D7:70:4C:D1:F7:73:E4:B7:DD:FA:B5:CE:33
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TpLqOQGFEddwTNH3c-S33fq1zjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.62.0/24
163.5.99.0/24
163.5.136.0/24
163.5.138.0/24
163.5.161.0/24
163.5.202.0/24
163.5.211.0/24
163.5.216.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
63:f3:fc:73:c1:1b:84:5f:f6:cc:a1:51:53:3c:a1:5c:6e:be:
67:60:77:82:f8:bf:b7:ca:bb:b5:c4:0c:37:85:89:d0:c7:aa:
cc:4f:0f:5c:77:38:0f:e1:ea:8e:98:c4:16:d4:4d:fa:25:70:
de:56:10:14:5e:cb:1b:7e:3e:58:c7:0c:15:c2:6d:0f:bd:ec:
8c:62:98:35:bd:ef:7a:59:df:e4:6d:32:8e:21:fd:61:fd:57:
d6:d6:e3:7c:09:4f:a7:11:2b:23:d2:cd:6c:81:be:dd:04:91:
ff:49:05:39:a3:ee:c9:73:f5:f1:12:db:97:ac:b9:67:40:c6:
21:61:c2:8c:c3:47:48:d7:28:76:83:d4:ff:67:e1:96:87:41:
08:26:d3:2f:5c:a6:ae:48:b4:75:01:37:32:58:c9:a8:df:e8:
f7:de:a9:a3:ce:4a:46:c1:f6:30:94:08:99:e6:50:e6:fd:ff:
45:88:3e:57:77:3d:59:bf:41:fe:a8:38:3f:5d:1f:e0:e4:76:
c6:0c:28:08:e2:6d:8f:17:9e:4d:d1:03:14:6d:19:19:52:93:
08:ad:86:88:4d:8e:56:99:1b:95:4b:a5:38:26:33:a0:78:54:
c5:f3:0d:5e:9d:53:32:4e:ec:82:52:82:9a:47:da:0d:4a:8c:
24:48:86:8a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYmtGff+nRVOXBL8MAZ97jXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzMxMTc1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTkyZWEzOTAxODUxMWQ3NzA0Y2QxZjc3M2U0YjdkZGZhYjVjZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6mRPxOSigOStaxIdGgCJqrWkfcz
MF3F6emYhZf0TW7n8u5KWQYilFpPh8TG0D7aOy7i5QmcCbboTbTm6PaGNgQI13jZ
Vdm53LAyhX5VF1a11UBDnXkE501fd575x2SImiohgV3rW1v8woch9Pfci/47o84F
5hYeL6VnY5YqEBzm0K3UPIbP+cKpvxZ28KMuf7Q3f/Qa3koVoIpYIsrAeJGmn/7e
AF+yH98Q5q7AU2m09LHrtFywgyBMzRHGa3r4wRrOrLfXdRwQK6jvXo0yPJs/6sXz
4yya7cxcqbqAFPPkQ58MIWiZPzm0y39XWrlyN5UKvEiO6epIc6S0/4ZwGwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFE6S6jkBhRHXcEzR93Pkt936tc4zMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVHBMcU9RR0ZFZGR3VE5IM2MtUzMzZnExempNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAowUfAwQA
owUjAwQAowU+AwQAowVjAwQAowWIAwQAowWKAwQAowWhAwQAowXKAwQAowXTAwQA
owXYAwQAowXdMA0GCSqGSIb3DQEBCwUAA4IBAQBj8/xzwRuEX/bMoVFTPKFcbr5n
YHeC+L+3yru1xAw3hYnQx6rMTw9cdzgP4eqOmMQW1E36JXDeVhAUXssbfj5YxwwV
wm0PveyMYpg1ve96Wd/kbTKOIf1h/VfW1uN8CU+nESsj0s1sgb7dBJH/SQU5o+7J
c/XxEtuXrLlnQMYhYcKMw0dI1yh2g9T/Z+GWh0EIJtMvXKauSLR1ATcyWMmo3+j3
3qmjzkpGwfYwlAiZ5lDm/f9FiD5Xdz1Zv0H+qDg/XR/g5HbGDCgI4m2PF55N0QMU
bRkZUpMIrYaITY5WmRuVS6U4JjOgeFTF8w1enVMyTuyCUoKaR9oNSowkSIaK
-----END CERTIFICATE-----
Generated at Thu Aug 3 11:34:50 2023 by rpki-client on console-ams.rpki-client.org