Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tiUN-K7yq3To8KBoeqD765YD6hc.roa
File: tiUN-K7yq3To8KBoeqD765YD6hc.roa (raw, json)
Hash identifier: YeB/SZi17zpBd4N904rg157Qtdmwa2XntrmVdziD2HQ=
Subject key identifier: B6:25:0D:F8:AE:F2:AB:74:E8:F0:A0:68:7A:A0:FB:EB:96:03:EA:17
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01894442BB1436322E7EEB52207F0C4D5F5C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tiUN-K7yq3To8KBoeqD765YD6hc.roa
Signing time: Tue 11 Jul 2023 09:22:51 +0000
ROA not before: Tue 11 Jul 2023 09:22:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56913
IP address blocks: 163.5.70.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.77.0/24 maxlen: 24
163.5.72.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:42:bb:14:36:32:2e:7e:eb:52:20:7f:0c:4d:5f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 11 09:22:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6250df8aef2ab74e8f0a0687aa0fbeb9603ea17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:64:bd:8e:66:9d:50:1c:26:86:e9:c1:16:77:
df:57:e1:c4:f2:43:02:64:3c:12:47:19:b1:aa:e2:
d1:4d:22:6b:25:b0:52:7b:2f:c6:b0:60:6f:fc:df:
36:eb:d7:d7:c6:d9:69:b6:4f:10:7b:02:57:9d:10:
2f:fb:44:6f:a5:73:59:ae:cb:cd:5d:20:1b:ef:07:
be:34:f5:0b:95:59:f4:f5:05:17:b3:18:1a:98:63:
ca:7a:82:91:e3:ef:04:06:a7:7c:e3:5c:48:77:a5:
48:ce:75:eb:39:fc:49:a6:fc:63:79:0b:65:f9:8a:
a2:c8:4e:f1:2f:29:e2:64:3d:13:d3:93:51:9a:c9:
e4:12:6b:53:5b:e3:5f:ff:4e:a8:aa:1f:1d:ab:c7:
6f:22:72:22:26:39:2b:af:06:cd:ee:74:ce:0f:8c:
44:ab:b2:9a:13:8d:65:18:bd:22:e6:e3:87:1e:b0:
56:a5:7b:4f:bc:59:dd:0a:b7:e9:d9:3f:5d:d9:67:
1d:a4:c6:e8:de:4c:be:78:15:00:b8:43:18:9f:d2:
43:12:b8:2e:99:65:62:93:60:20:7e:7c:17:a1:8c:
be:62:58:96:33:42:5e:5c:89:d7:67:87:d5:9a:d2:
a1:99:bf:77:b6:a4:06:73:7f:f0:b8:a5:36:39:02:
b3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:25:0D:F8:AE:F2:AB:74:E8:F0:A0:68:7A:A0:FB:EB:96:03:EA:17
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tiUN-K7yq3To8KBoeqD765YD6hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.70.0/24
163.5.72.0/24
163.5.76.0/23
163.5.89.0/24
Signature Algorithm: sha256WithRSAEncryption
85:ca:63:6d:00:f3:f8:3b:a4:58:e3:2c:ab:e7:d3:74:25:5a:
79:e8:91:5b:be:1d:51:61:e5:4d:b2:83:34:93:98:9a:7b:4f:
4b:c1:92:28:f8:10:86:9d:44:fd:19:a5:84:de:49:7f:4e:9c:
10:d8:bf:aa:30:42:51:ae:4c:9a:34:aa:75:a9:32:9a:45:f6:
6d:73:a2:b1:89:4e:e5:8c:4a:02:90:e3:a7:8e:3c:d3:b0:2b:
86:81:6c:13:ae:5c:c3:aa:00:50:fc:08:c6:b7:62:a1:be:05:
fe:ac:bc:e5:f6:a1:fa:25:38:8c:a0:26:d6:a3:ed:49:c5:e8:
10:be:ef:39:4d:64:67:a8:d3:10:66:8a:d6:c2:1d:93:39:5d:
47:86:c5:5e:c3:8c:54:3a:ae:4e:f4:5f:6b:42:55:8d:9b:7c:
62:e1:63:a5:1b:d0:13:d1:60:d0:46:ae:7a:57:1c:d7:e7:69:
10:ef:26:90:1e:8a:41:8a:8a:c8:9c:29:1e:b6:76:b4:69:d7:
c0:e4:76:94:25:47:6d:94:35:14:98:65:12:dd:af:5f:e1:0f:
e9:c3:f3:dd:d4:2d:e5:14:ef:e6:60:91:aa:48:ff:8c:57:d5:
e1:7d:22:dd:ec:df:eb:9e:49:00:62:c9:78:15:9d:01:96:08:
af:35:c1:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlEQrsUNjIufutSIH8MTV9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzExMDkyMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjI1MGRmOGFlZjJhYjc0ZThmMGEwNjg3YWEwZmJlYjk2MDNlYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmS9jmadUBwmhunBFnffV+HE8kMC
ZDwSRxmxquLRTSJrJbBSey/GsGBv/N8269fXxtlptk8QewJXnRAv+0RvpXNZrsvN
XSAb7we+NPULlVn09QUXsxgamGPKeoKR4+8EBqd841xId6VIznXrOfxJpvxjeQtl
+YqiyE7xLyniZD0T05NRmsnkEmtTW+Nf/06oqh8dq8dvInIiJjkrrwbN7nTOD4xE
q7KaE41lGL0i5uOHHrBWpXtPvFndCrfp2T9d2WcdpMbo3ky+eBUAuEMYn9JDErgu
mWVik2AgfnwXoYy+YliWM0JeXInXZ4fVmtKhmb93tqQGc3/wuKU2OQKzIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLYlDfiu8qt06PCgaHqg++uWA+oXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdGlVTi1LN3lxM1RvOEtCb2VxRDc2NVlENmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVGAwQA
owVIAwQBowVMAwQAowVZMA0GCSqGSIb3DQEBCwUAA4IBAQCFymNtAPP4O6RY4yyr
59N0JVp56JFbvh1RYeVNsoM0k5iae09LwZIo+BCGnUT9GaWE3kl/TpwQ2L+qMEJR
rkyaNKp1qTKaRfZtc6KxiU7ljEoCkOOnjjzTsCuGgWwTrlzDqgBQ/AjGt2KhvgX+
rLzl9qH6JTiMoCbWo+1JxegQvu85TWRnqNMQZorWwh2TOV1HhsVew4xUOq5O9F9r
QlWNm3xi4WOlG9AT0WDQRq56VxzX52kQ7yaQHopBiorInCketna0adfA5HaUJUdt
lDUUmGUS3a9f4Q/pw/Pd1C3lFO/mYJGqSP+MV9XhfSLd7N/rnkkAYsl4FZ0Blgiv
NcEA
-----END CERTIFICATE-----
Generated at Sat Aug 12 22:00:11 2023 by rpki-client on console-ams.rpki-client.org