Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ZbcF8cqIuo2J4Nw4x6Rs9wYDQjU.roa
File: ZbcF8cqIuo2J4Nw4x6Rs9wYDQjU.roa (raw, json)
Hash identifier: h+zrNSSTpsZxK3oy1rBhKAfAPY1bR6X8S1u4JvrAOLw=
Subject key identifier: 65:B7:05:F1:CA:88:BA:8D:89:E0:DC:38:C7:A4:6C:F7:06:03:42:35
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01873C67E5FB3D433118CC59C60261FD00D4
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ZbcF8cqIuo2J4Nw4x6Rs9wYDQjU.roa
Signing time: Sat 01 Apr 2023 10:40:54 +0000
ROA not before: Sat 01 Apr 2023 10:40:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.233.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.239.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.87.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.107.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.61.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.198.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.210.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.222.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3c:67:e5:fb:3d:43:31:18:cc:59:c6:02:61:fd:00:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 1 10:40:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65b705f1ca88ba8d89e0dc38c7a46cf706034235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7d:f8:03:b4:d4:cf:da:fc:1e:e7:0e:03:f9:
f1:d6:d0:74:fa:60:dc:04:22:4d:6f:3a:46:e9:31:
21:55:11:f0:64:57:1b:5c:a5:fd:e1:4d:23:e4:cb:
62:a1:4d:e1:3a:bf:19:e4:66:70:83:97:cd:7f:2a:
0f:1e:de:0d:8d:2c:ce:8a:b9:29:10:d0:0e:82:d3:
19:ba:a1:1f:1f:7a:9c:8d:d1:5e:f1:20:77:c2:12:
fe:d8:96:4c:6d:5d:aa:1c:3e:23:c7:26:37:6b:68:
39:a7:13:37:98:c1:13:2b:67:12:af:57:b5:07:f4:
b4:0b:91:c0:22:3b:5e:1a:44:78:37:06:31:bd:ba:
77:86:29:71:a9:78:6e:91:ae:34:e4:49:66:d1:39:
8d:35:d6:7b:ce:5d:55:d0:61:a8:fa:5a:ac:3e:d4:
76:7b:01:be:60:06:80:1d:b4:17:6d:80:e3:91:51:
0e:5f:43:f5:5b:e7:d2:26:ce:90:42:10:ca:5f:71:
3f:69:9d:92:1a:bf:59:68:7d:f6:7b:9e:44:da:39:
6e:e1:ea:00:c6:31:04:6b:f6:a2:fe:55:43:6b:72:
db:f1:2b:c7:42:5d:62:87:40:12:15:74:57:db:8c:
ae:5e:91:02:b4:c4:33:4d:bf:1b:4d:02:a4:15:8e:
e6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B7:05:F1:CA:88:BA:8D:89:E0:DC:38:C7:A4:6C:F7:06:03:42:35
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ZbcF8cqIuo2J4Nw4x6Rs9wYDQjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.61.0-163.5.62.255
163.5.86.0/23
163.5.99.0-163.5.100.255
163.5.107.0/24
163.5.109.0/24
163.5.117.0/24
163.5.127.0/24
163.5.130.0/24
163.5.132.0/23
163.5.136.0/24
163.5.138.0/24
163.5.142.0/24
163.5.145.0/24
163.5.149.0/24
163.5.158.0/24
163.5.161.0/24
163.5.166.0/24
163.5.198.0/24
163.5.202.0/24
163.5.210.0/23
163.5.216.0/24
163.5.221.0-163.5.223.255
163.5.226.0/23
163.5.230.0/24
163.5.233.0/24
163.5.239.0-163.5.241.255
163.5.244.0/24
163.5.246.0/24
163.5.248.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:8f:56:90:b7:bb:fd:5c:ed:3d:2c:ec:81:a0:da:27:38:16:
1b:8a:28:0a:c7:1c:c6:bb:a8:d5:bf:a0:c4:f6:f4:51:9f:73:
ce:7a:df:c2:26:81:4f:b6:48:92:d8:5c:fa:eb:76:15:f0:10:
05:6c:cd:29:f6:b3:e4:2b:69:91:f3:42:6c:bc:05:b3:49:94:
b2:c5:eb:a2:f0:1b:3e:22:fa:33:41:b4:2d:50:10:b6:6a:56:
24:28:3f:91:12:06:4b:e1:31:cf:cf:6a:dd:4b:2d:00:b5:ef:
a3:d6:ad:6e:c2:ec:a2:dc:49:f3:a3:5a:95:c5:52:26:a4:b1:
43:19:19:80:d6:d2:23:ad:5a:f0:dd:fb:c6:57:5c:0e:a6:17:
37:38:52:46:c8:04:0a:36:0e:61:18:d7:f8:90:8b:e5:b0:b9:
3f:78:a5:4c:ba:17:e4:3a:0e:4a:e2:d5:bb:07:a7:1c:3c:a6:
53:f9:f2:ad:9d:63:b1:ad:98:1d:9b:4d:d9:35:44:6c:88:73:
05:fd:0d:cd:7d:b3:fd:2a:dc:15:67:e9:57:57:7c:54:d6:f3:
10:2e:3e:59:4e:44:ce:54:4a:09:03:e4:5d:a4:9e:56:b1:83:
b7:7d:a9:51:57:bf:3f:83:33:db:a3:c4:25:b3:06:94:5c:83:
f3:7f:b1:cf
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYc8Z+X7PUMxGMxZxgJh/QDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDAxMTA0MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWI3MDVmMWNhODhiYThkODllMGRjMzhjN2E0NmNmNzA2MDM0MjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX34A7TUz9r8HucOA/nx1tB0+mDc
BCJNbzpG6TEhVRHwZFcbXKX94U0j5MtioU3hOr8Z5GZwg5fNfyoPHt4NjSzOirkp
ENAOgtMZuqEfH3qcjdFe8SB3whL+2JZMbV2qHD4jxyY3a2g5pxM3mMETK2cSr1e1
B/S0C5HAIjteGkR4NwYxvbp3hilxqXhuka405Elm0TmNNdZ7zl1V0GGo+lqsPtR2
ewG+YAaAHbQXbYDjkVEOX0P1W+fSJs6QQhDKX3E/aZ2SGr9ZaH32e55E2jlu4eoA
xjEEa/ai/lVDa3Lb8SvHQl1ih0ASFXRX24yuXpECtMQzTb8bTQKkFY7m8wIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFGW3BfHKiLqNieDcOMekbPcGA0I1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWmJjRjhjcUl1bzJKNE53NHg2UnM5d1lEUWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBACj
BR8DBACjBSMwDAMEAKMFPQMEAKMFPgMEAaMFVjAMAwQAowVjAwQAowVkAwQAowVr
AwQAowVtAwQAowV1AwQAowV/AwQAowWCAwQBowWEAwQAowWIAwQAowWKAwQAowWO
AwQAowWRAwQAowWVAwQAowWeAwQAowWhAwQAowWmAwQAowXGAwQAowXKAwQBowXS
AwQAowXYMAwDBACjBd0DBAWjBcADBAGjBeIDBACjBeYDBACjBekwDAMEAKMF7wME
AaMF8AMEAKMF9AMEAKMF9gMEAKMF+AMEAKMF/jANBgkqhkiG9w0BAQsFAAOCAQEA
jY9WkLe7/VztPSzsgaDaJzgWG4ooCsccxruo1b+gxPb0UZ9zznrfwiaBT7ZIkthc
+ut2FfAQBWzNKfaz5CtpkfNCbLwFs0mUssXrovAbPiL6M0G0LVAQtmpWJCg/kRIG
S+Exz89q3UstALXvo9atbsLsotxJ86NalcVSJqSxQxkZgNbSI61a8N37xldcDqYX
NzhSRsgECjYOYRjX+JCL5bC5P3ilTLoX5DoOSuLVuwenHDymU/nyrZ1jsa2YHZtN
2TVEbIhzBf0NzX2z/SrcFWfpV1d8VNbzEC4+WU5EzlRKCQPkXaSeVrGDt32pUVe/
P4Mz26PEJbMGlFyD83+xzw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org