Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/g5pyFlOrVotbnz-g_ECtY-6Rho8.roa
File: g5pyFlOrVotbnz-g_ECtY-6Rho8.roa (raw, json)
Hash identifier: SmJDUHL+SfVOB5Hx7il4Ldo5/VCKKmctw+n0tIai0Mw=
Subject key identifier: 83:9A:72:16:53:AB:56:8B:5B:9F:3F:A0:FC:40:AD:63:EE:91:86:8F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0187B1690185E5E13C567E7056A8679ACAE9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/g5pyFlOrVotbnz-g_ECtY-6Rho8.roa
Signing time: Mon 24 Apr 2023 03:57:41 +0000
ROA not before: Mon 24 Apr 2023 03:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.71.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 30 Apr 2023 09:18:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b1:69:01:85:e5:e1:3c:56:7e:70:56:a8:67:9a:ca:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 24 03:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=839a721653ab568b5b9f3fa0fc40ad63ee91868f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ef:50:15:21:3f:b3:eb:e6:27:c6:92:82:00:
4c:11:0f:cc:bc:c2:67:ee:03:4f:0d:80:16:6b:9d:
e5:dd:7d:aa:35:98:5f:a6:4b:ff:ab:e5:27:2b:d6:
a2:55:a2:98:99:0b:23:e0:3d:b6:e1:23:83:d2:61:
1c:ca:b7:84:fe:b3:c6:c5:1d:1b:df:aa:12:58:b9:
aa:54:b8:ae:66:90:03:ca:19:8b:c2:5b:dc:d0:9c:
ad:d3:44:99:d7:6f:aa:36:60:00:9b:48:ab:3d:b2:
37:fa:31:eb:88:6f:ce:ef:7e:52:f2:a9:35:03:d9:
98:9b:61:55:ac:49:95:9c:69:22:18:de:05:2c:3e:
2f:41:74:f8:a9:80:6b:ba:8f:2d:e0:1e:54:af:e2:
6d:03:03:b1:21:03:bf:50:e2:82:47:72:87:f1:39:
27:ab:df:67:41:31:20:9f:73:b8:be:b9:2b:9a:a8:
4c:65:3b:f3:4f:ce:52:91:a8:a8:27:79:33:f9:5f:
7f:e8:73:58:c8:da:9c:c2:70:ed:13:4e:b4:3f:53:
55:01:e9:6d:a0:e1:17:a3:2c:1a:e7:43:7d:93:6f:
c2:42:08:3c:be:51:e7:c7:0a:05:3b:76:d7:a9:3a:
de:d4:50:ab:61:76:3c:3c:93:71:76:d6:1f:22:85:
50:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:9A:72:16:53:AB:56:8B:5B:9F:3F:A0:FC:40:AD:63:EE:91:86:8F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/g5pyFlOrVotbnz-g_ECtY-6Rho8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.60.0/24
163.5.71.0/24
163.5.101.0/24
163.5.108.0/24
163.5.116.0/24
163.5.134.0/24
163.5.189.0/24
163.5.192.0/24
163.5.228.0/24
163.5.238.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:ed:19:9b:1a:6a:15:d7:cb:04:46:07:1d:b8:f9:bc:80:44:
64:a2:cd:21:be:04:21:e4:64:32:9b:61:ee:e6:b9:4e:fb:55:
f6:16:ab:49:d8:3e:3b:d1:b3:65:c8:51:db:7f:e0:6f:5f:8f:
2b:02:42:79:41:5f:e9:a7:cc:03:36:a9:68:60:40:72:e2:41:
8f:7a:b9:92:a5:6f:54:83:14:9e:b9:19:e6:e9:77:98:7c:f5:
e4:55:81:52:29:81:46:26:2c:be:42:ee:bc:e2:4d:15:97:05:
63:79:47:52:69:2b:28:dc:81:26:95:d4:0d:17:01:f6:a6:3e:
ef:0a:b8:de:db:e2:b8:48:ea:e3:77:06:a6:48:04:71:ef:d4:
81:8d:92:61:32:e5:46:b9:b6:e3:47:58:1d:55:80:1a:c4:dd:
35:9e:12:c7:c7:55:87:b3:1b:00:2e:65:1d:a3:63:19:bd:20:
b1:15:df:fa:50:68:e3:24:37:d6:1e:f9:d6:47:b1:79:ef:b8:
00:aa:b3:ad:d9:23:4c:2a:b2:ec:27:c2:7f:5a:41:26:e8:ee:
21:5a:0f:53:59:66:17:21:00:aa:94:73:a1:f6:36:b9:49:4f:
f5:0b:56:82:4d:10:9d:d8:08:20:26:ec:1a:3c:43:96:94:6c:
5f:61:d4:03
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYexaQGF5eE8Vn5wVqhnmsrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDI0MDM1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzlhNzIxNjUzYWI1NjhiNWI5ZjNmYTBmYzQwYWQ2M2VlOTE4NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu9QFSE/s+vmJ8aSggBMEQ/MvMJn
7gNPDYAWa53l3X2qNZhfpkv/q+UnK9aiVaKYmQsj4D224SOD0mEcyreE/rPGxR0b
36oSWLmqVLiuZpADyhmLwlvc0Jyt00SZ12+qNmAAm0irPbI3+jHriG/O735S8qk1
A9mYm2FVrEmVnGkiGN4FLD4vQXT4qYBruo8t4B5Ur+JtAwOxIQO/UOKCR3KH8Tkn
q99nQTEgn3O4vrkrmqhMZTvzT85SkaioJ3kz+V9/6HNYyNqcwnDtE060P1NVAelt
oOEXoywa50N9k2/CQgg8vlHnxwoFO3bXqTre1FCrYXY8PJNxdtYfIoVQ2QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIOachZTq1aLW58/oPxArWPukYaPMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZzVweUZsT3JWb3RibnotZ19FQ3RZLTZSaG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAowU8AwQA
owVHAwQAowVlAwQAowVsAwQAowV0AwQAowWGAwQAowW9AwQAowXAAwQAowXkAwQA
owXuMA0GCSqGSIb3DQEBCwUAA4IBAQCK7RmbGmoV18sERgcduPm8gERkos0hvgQh
5GQym2Hu5rlO+1X2FqtJ2D470bNlyFHbf+BvX48rAkJ5QV/pp8wDNqloYEBy4kGP
ermSpW9UgxSeuRnm6XeYfPXkVYFSKYFGJiy+Qu684k0VlwVjeUdSaSso3IEmldQN
FwH2pj7vCrje2+K4SOrjdwamSARx79SBjZJhMuVGubbjR1gdVYAaxN01nhLHx1WH
sxsALmUdo2MZvSCxFd/6UGjjJDfWHvnWR7F577gAqrOt2SNMKrLsJ8J/WkEm6O4h
Wg9TWWYXIQCqlHOh9ja5SU/1C1aCTRCd2AggJuwaPEOWlGxfYdQD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org