Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jzpqwUfHdfNPxmOrWCyk9hyfaiE.roa
File: jzpqwUfHdfNPxmOrWCyk9hyfaiE.roa (raw, json)
Hash identifier: TKqnTGfG/GpMiFLo64NuwjI59ZfF2fLcOYKezyk164U=
Subject key identifier: 8F:3A:6A:C1:47:C7:75:F3:4F:C6:63:AB:58:2C:A4:F6:1C:9F:6A:21
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C78920B869595EE3926F0D16ACA56D8B7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jzpqwUfHdfNPxmOrWCyk9hyfaiE.roa
Signing time: Sun 17 Dec 2023 16:18:06 +0000
ROA not before: Sun 17 Dec 2023 16:18:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.230.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.102.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.38.0/23 maxlen: 23
163.5.63.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:78:92:0b:86:95:95:ee:39:26:f0:d1:6a:ca:56:d8:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 17 16:18:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f3a6ac147c775f34fc663ab582ca4f61c9f6a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2f:ce:40:5d:5f:48:ae:c9:b9:d1:62:06:fe:
26:cf:ed:81:c2:e3:21:a3:f1:e8:e4:4f:c2:df:ca:
ba:a6:16:d9:b3:5d:5d:6e:71:1d:62:6f:3c:01:d5:
55:b2:c8:97:31:98:3a:f3:bf:af:d9:16:a5:0f:0a:
37:cf:30:d9:fe:3d:e8:83:e4:b8:7f:8f:80:5e:a4:
b0:e2:a8:5f:75:97:23:3f:6d:35:e7:9d:96:f3:d9:
29:3d:ca:61:60:7b:c4:71:a0:9c:25:e5:af:32:dd:
b7:ae:60:0d:9f:07:90:a8:b5:e7:79:a7:ee:55:bf:
5f:12:1b:dc:ad:60:1b:1f:4c:12:98:d0:a7:47:08:
7c:eb:49:02:2e:e8:da:ed:45:c7:26:9a:67:21:6a:
f4:1f:a0:b5:f6:e8:02:9a:dd:bf:71:f1:b1:d6:40:
47:03:13:0d:f9:1f:a1:49:9d:ca:6e:ef:01:99:87:
18:74:8d:b5:1c:ac:3b:51:16:12:c4:3e:77:fb:ab:
db:fb:9a:ee:7e:53:9c:9d:76:a6:c4:7a:93:21:20:
32:0f:46:9e:4b:fe:16:ed:ee:40:53:bf:99:a4:3e:
ec:2f:23:8b:8a:45:59:c4:ca:d8:bf:a9:f8:c4:9c:
a1:1d:1f:33:5b:4a:31:85:c8:55:e7:03:61:e7:96:
2e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:3A:6A:C1:47:C7:75:F3:4F:C6:63:AB:58:2C:A4:F6:1C:9F:6A:21
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jzpqwUfHdfNPxmOrWCyk9hyfaiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.38.0/23
163.5.60.0/24
163.5.63.0/24
163.5.88.0/24
163.5.90.0/24
163.5.93.0/24
163.5.100.0-163.5.102.255
163.5.108.0/23
163.5.114.0/24
163.5.116.0/22
163.5.130.0/23
163.5.133.0-163.5.134.255
163.5.147.0/24
163.5.161.0/24
163.5.171.0/24
163.5.174.0/24
163.5.179.0/24
163.5.189.0/24
163.5.192.0/24
163.5.225.0-163.5.230.255
163.5.238.0/24
163.5.240.0/24
163.5.243.0/24
163.5.245.0-163.5.246.255
Signature Algorithm: sha256WithRSAEncryption
71:73:a8:b1:fe:fd:02:a3:a7:9a:dc:5c:dc:52:2d:c2:6a:7e:
ca:2c:74:b9:17:43:4c:e0:85:cc:30:eb:71:45:1a:96:96:b3:
8a:02:ea:da:54:02:ec:84:14:13:ca:90:53:0e:36:19:06:90:
32:2e:fa:c8:f1:ac:31:2b:de:1e:b0:5c:8f:82:d2:9a:84:66:
98:a5:ec:b9:1c:ea:c1:05:0f:0a:b9:28:14:cc:18:af:57:77:
58:7e:9f:fa:53:a4:83:de:7c:6a:05:56:54:73:fa:d1:ce:42:
65:e8:6e:e8:d1:85:c2:ed:65:1b:8d:69:5b:9a:b4:61:ce:67:
d5:67:38:89:8b:ba:eb:57:5f:03:5e:32:a1:f6:d5:2b:3c:67:
fc:be:ea:49:d4:23:f8:00:dd:66:df:08:a9:d9:f5:31:7a:11:
f4:b1:9d:9b:86:a5:d2:33:c3:03:b6:ce:67:80:34:a1:c3:d7:
31:2f:9d:d6:98:7e:0c:46:d7:71:88:4e:e8:b3:97:2d:5b:3b:
a7:a1:df:fd:ec:45:cb:96:f3:53:d3:74:39:47:f0:18:ba:f4:
e4:a2:8d:01:63:ea:52:3f:d3:4f:e9:ff:a7:41:52:af:3b:29:
a1:fc:58:fc:91:5d:a5:7f:de:a9:ba:c0:c2:c9:e6:80:2e:87:
49:52:26:ca
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYx4kguGlZXuOSbw0WrKVti3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjE3MTYxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjNhNmFjMTQ3Yzc3NWYzNGZjNjYzYWI1ODJjYTRmNjFjOWY2YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC/OQF1fSK7JudFiBv4mz+2BwuMh
o/Ho5E/C38q6phbZs11dbnEdYm88AdVVssiXMZg687+v2RalDwo3zzDZ/j3og+S4
f4+AXqSw4qhfdZcjP201552W89kpPcphYHvEcaCcJeWvMt23rmANnweQqLXneafu
Vb9fEhvcrWAbH0wSmNCnRwh860kCLuja7UXHJppnIWr0H6C19ugCmt2/cfGx1kBH
AxMN+R+hSZ3Kbu8BmYcYdI21HKw7URYSxD53+6vb+5ruflOcnXamxHqTISAyD0ae
S/4W7e5AU7+ZpD7sLyOLikVZxMrYv6n4xJyhHR8zW0oxhchV5wNh55YuFwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFI86asFHx3XzT8Zjq1gspPYcn2ohMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvanpwcXdVZkhkZk5QeG1PcldDeWs5aHlmYWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAGj
BSYDBACjBTwDBACjBT8DBACjBVgDBACjBVoDBACjBV0wDAMEAqMFZAMEAKMFZgME
AaMFbAMEAKMFcgMEAqMFdAMEAaMFgjAMAwQAowWFAwQAowWGAwQAowWTAwQAowWh
AwQAowWrAwQAowWuAwQAowWzAwQAowW9AwQAowXAMAwDBACjBeEDBACjBeYDBACj
Be4DBACjBfADBACjBfMwDAMEAKMF9QMEAKMF9jANBgkqhkiG9w0BAQsFAAOCAQEA
cXOosf79AqOnmtxc3FItwmp+yix0uRdDTOCFzDDrcUUalpazigLq2lQC7IQUE8qQ
Uw42GQaQMi76yPGsMSveHrBcj4LSmoRmmKXsuRzqwQUPCrkoFMwYr1d3WH6f+lOk
g958agVWVHP60c5CZehu6NGFwu1lG41pW5q0Yc5n1Wc4iYu661dfA14yofbVKzxn
/L7qSdQj+ADdZt8Iqdn1MXoR9LGdm4al0jPDA7bOZ4A0ocPXMS+d1ph+DEbXcYhO
6LOXLVs7p6Hf/exFy5bzU9N0OUfwGLr05KKNAWPqUj/TT+n/p0FSrzspofxY/JFd
pX/eqbrAwsnmgC6HSVImyg==
-----END CERTIFICATE-----
Generated at Fri Dec 22 12:06:53 2023 by rpki-client on console-ams.rpki-client.org