Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yLTOczCzFzicTirXi66d1igaYUM.roa
File: yLTOczCzFzicTirXi66d1igaYUM.roa (raw, json)
Hash identifier: aZAlwUsXk1pxiCCK4YjgC2iRY8xJ8d9VrBo2RvqKI44=
Subject key identifier: C8:B4:CE:73:30:B3:17:38:9C:4E:2A:D7:8B:AE:9D:D6:28:1A:61:43
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0185817FA0EEADE9A892940E8BE77CAB974F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yLTOczCzFzicTirXi66d1igaYUM.roa
Signing time: Thu 05 Jan 2023 10:35:03 +0000
ROA not before: Thu 05 Jan 2023 10:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 163.5.106.0/24 maxlen: 24
163.5.115.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.159.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:81:7f:a0:ee:ad:e9:a8:92:94:0e:8b:e7:7c:ab:97:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 5 10:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8b4ce7330b317389c4e2ad78bae9dd6281a6143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:37:83:b1:4d:df:72:3f:43:b6:8e:d4:ff:42:
27:b7:3a:ee:46:3e:04:90:10:49:22:71:30:93:14:
f6:a3:aa:e2:3b:cc:f5:20:a9:4a:d4:cb:12:5e:4d:
d2:cb:a9:85:44:e8:96:26:f0:bd:6e:86:05:9f:32:
5c:2d:91:0e:59:2b:ed:17:33:ac:5a:74:ec:5a:4c:
d9:6d:db:ce:2f:68:70:f8:88:91:76:b8:bc:54:b9:
65:94:78:b4:d7:52:da:8f:49:77:f1:a7:14:02:c5:
86:84:0d:e2:2c:ca:df:e9:ac:2f:46:d6:13:9f:62:
ba:3a:f5:a7:d9:d2:bf:63:f4:83:85:d5:38:fd:ea:
cc:f9:1e:66:05:c2:ca:5d:d1:01:3b:2a:00:ea:d0:
5a:db:d2:1d:11:fa:ff:fc:d8:2d:71:39:fb:2a:0d:
69:52:db:0e:0f:ea:58:2e:66:ba:3c:37:c5:52:3a:
2f:90:f0:c3:9c:c9:ea:39:58:ad:4a:72:f0:e4:66:
85:76:f9:ee:cc:91:e7:0c:9b:e1:47:d9:ea:74:0d:
04:98:8c:72:c9:53:8d:69:e6:d6:9a:6c:0d:c4:bb:
67:d6:f6:d5:55:d9:ac:c8:45:f9:ba:13:7d:67:2d:
63:ad:08:b0:6e:e0:6b:a4:18:45:be:3d:d4:28:1c:
ce:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B4:CE:73:30:B3:17:38:9C:4E:2A:D7:8B:AE:9D:D6:28:1A:61:43
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yLTOczCzFzicTirXi66d1igaYUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.106.0/24
163.5.115.0/24
163.5.118.0/23
163.5.121.0/24
163.5.153.0/24
163.5.159.0/24
163.5.168.0/24
163.5.212.0/24
163.5.215.0/24
163.5.220.0/24
163.5.225.0/24
163.5.229.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:4a:d9:0b:45:97:29:61:59:5e:76:62:6a:d7:1e:ae:4f:50:
37:f1:e8:79:7f:a1:74:ce:4f:15:b6:80:a0:91:f4:ee:9f:2e:
b5:2c:78:3b:24:78:c8:d9:20:14:2b:f6:35:d6:37:8a:0d:24:
18:91:f5:cf:5d:1b:c2:a9:de:8b:e5:ce:59:a7:07:2d:ec:2f:
b7:04:c3:f5:74:78:18:8b:f9:e0:92:0c:71:6d:f2:d2:cc:c9:
61:99:2a:2a:9f:ae:9e:71:0b:aa:d5:e6:b9:99:a5:b9:bd:d0:
d0:b6:ed:f8:44:20:3b:28:f4:18:49:16:b8:2a:29:26:05:39:
3e:57:0c:11:9e:6e:40:51:b5:f1:1d:8c:d9:a1:fa:09:4d:b7:
ed:ed:f0:34:7e:ee:27:4e:44:a0:20:35:8b:60:e3:0e:0c:44:
50:6c:9a:c6:9b:09:ba:a9:a6:a5:99:d9:36:ad:ce:72:a3:a6:
7a:71:ac:3a:e1:b4:45:ab:9b:5e:c8:53:72:17:cb:4d:db:91:
d6:3b:8e:3f:50:32:23:34:70:88:75:cd:3b:d3:0c:87:eb:bc:
0f:fa:7a:f5:d7:0e:03:0d:d7:c1:7f:ed:ad:8b:32:ae:d9:f3:
d8:b9:d7:2a:74:17:e0:ea:b8:08:13:fd:ab:f7:60:fa:79:22:
ee:58:ef:29
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYWBf6DuremokpQOi+d8q5dPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTA1MTAzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGI0Y2U3MzMwYjMxNzM4OWM0ZTJhZDc4YmFlOWRkNjI4MWE2MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzeDsU3fcj9Dto7U/0IntzruRj4E
kBBJInEwkxT2o6riO8z1IKlK1MsSXk3Sy6mFROiWJvC9boYFnzJcLZEOWSvtFzOs
WnTsWkzZbdvOL2hw+IiRdri8VLlllHi011Laj0l38acUAsWGhA3iLMrf6awvRtYT
n2K6OvWn2dK/Y/SDhdU4/erM+R5mBcLKXdEBOyoA6tBa29IdEfr//NgtcTn7Kg1p
UtsOD+pYLma6PDfFUjovkPDDnMnqOVitSnLw5GaFdvnuzJHnDJvhR9nqdA0EmIxy
yVONaebWmmwNxLtn1vbVVdmsyEX5uhN9Zy1jrQiwbuBrpBhFvj3UKBzO9QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMi0znMwsxc4nE4q14uundYoGmFDMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveUxUT2N6Q3pGemljVGlyWGk2NmQxaWdhWVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAowVqAwQA
owVzAwQBowV2AwQAowV5AwQAowWZAwQAowWfAwQAowWoAwQAowXUAwQAowXXAwQA
owXcAwQAowXhAwQAowXlMA0GCSqGSIb3DQEBCwUAA4IBAQCMStkLRZcpYVledmJq
1x6uT1A38eh5f6F0zk8VtoCgkfTuny61LHg7JHjI2SAUK/Y11jeKDSQYkfXPXRvC
qd6L5c5Zpwct7C+3BMP1dHgYi/ngkgxxbfLSzMlhmSoqn66ecQuq1ea5maW5vdDQ
tu34RCA7KPQYSRa4KikmBTk+VwwRnm5AUbXxHYzZofoJTbft7fA0fu4nTkSgIDWL
YOMODERQbJrGmwm6qaalmdk2rc5yo6Z6caw64bRFq5teyFNyF8tN25HWO44/UDIj
NHCIdc070wyH67wP+nr11w4DDdfBf+2tizKu2fPYudcqdBfg6rgIE/2r92D6eSLu
WO8p
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:23 2023 by rpki-client on console-fra.rpki-client.org