Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IU1lcU2juEuNczqHGaokLEbHl2A.roa
File: IU1lcU2juEuNczqHGaokLEbHl2A.roa (raw, json)
Hash identifier: M95bvSjRhs1q6Bk/8EKbtUp+xhwovF0pVkw2B3KebSA=
Subject key identifier: 21:4D:65:71:4D:A3:B8:4B:8D:73:3A:87:19:AA:24:2C:46:C7:97:60
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018F3FFA4319A463B3342F940666A6B4FC3E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IU1lcU2juEuNczqHGaokLEbHl2A.roa
Signing time: Fri 03 May 2024 19:41:56 +0000
ROA not before: Fri 03 May 2024 19:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.65.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 14:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3f:fa:43:19:a4:63:b3:34:2f:94:06:66:a6:b4:fc:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 3 19:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=214d65714da3b84b8d733a8719aa242c46c79760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2f:d2:5e:2e:78:a4:a3:c8:6c:ba:54:60:7d:
61:9d:c4:73:d4:08:93:0e:02:01:a6:db:93:17:48:
70:ea:f5:28:40:93:e5:d4:9e:c5:e2:dc:ff:84:1c:
db:75:de:69:29:af:d7:68:24:5e:0d:5b:72:9f:f4:
81:e5:2f:ea:94:5e:34:8d:aa:0e:8d:bf:df:23:31:
37:4c:96:3e:55:f0:f8:e3:62:74:d0:38:83:7d:39:
40:53:da:68:1f:de:93:8a:5d:44:7d:d5:e4:68:da:
ba:c7:e8:34:0e:9b:83:fe:91:f5:cb:0a:fc:6c:ce:
04:90:5d:49:91:48:58:1a:85:fd:28:19:06:de:8b:
90:b5:ac:a7:1b:c7:ff:37:b5:d8:06:4c:df:72:64:
6c:4f:2c:12:7a:c8:94:91:2b:08:b1:c1:70:d4:bd:
33:97:4e:1a:b5:78:6a:15:c6:82:98:04:4a:76:ca:
d6:cd:67:66:ad:d9:6a:73:a2:a5:a5:48:ec:6d:51:
19:68:7f:f2:8c:30:b1:aa:87:ab:8f:b8:a0:06:1b:
f6:d5:54:ab:17:9c:90:a2:a3:ab:73:ef:73:ae:75:
5a:35:fa:a3:80:5c:c0:25:5a:e0:69:89:72:0b:c9:
87:7c:b9:72:17:e3:cb:1d:57:d7:73:06:7e:1d:9b:
09:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4D:65:71:4D:A3:B8:4B:8D:73:3A:87:19:AA:24:2C:46:C7:97:60
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IU1lcU2juEuNczqHGaokLEbHl2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.53.0/24
163.5.65.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.134.0/24
163.5.136.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.163.0/24
163.5.167.0/24
163.5.171.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:47:0c:ba:35:63:d8:9f:6b:52:34:42:2f:ca:6b:c3:52:1c:
c0:a4:4f:f0:b3:14:a0:4f:b6:86:9f:e3:e4:72:41:8a:44:51:
dc:bb:ef:24:68:fc:e4:dc:c4:cc:70:f5:0e:21:62:fe:fa:1c:
f7:d5:12:53:d0:82:0e:cb:23:7f:24:4c:d5:1d:4d:f2:cf:44:
83:38:75:e5:6b:44:8e:6a:ff:f0:52:08:41:d3:04:5a:b3:7e:
c6:04:8e:08:09:b4:5f:22:ca:de:05:b6:44:11:40:82:df:2c:
ea:b9:90:c6:7e:5c:60:0f:cb:61:65:28:34:4e:b0:55:30:5b:
89:f1:53:24:37:d6:47:d8:dd:d7:5a:e2:b1:7e:ee:59:6e:b6:
57:eb:31:9b:3a:60:d4:a9:1a:d2:23:a4:9d:2e:b8:17:ed:ab:
eb:eb:53:76:fc:ed:e8:93:a9:ec:9a:70:b4:a8:f6:8f:94:8a:
9d:78:9c:6c:78:65:10:35:cc:16:25:d0:c7:13:8f:f0:89:54:
25:be:c0:3e:a8:9a:98:43:15:a7:6f:70:bb:e4:28:88:37:8d:
b5:86:5d:01:d6:85:41:88:7c:7c:bf:81:bc:c6:c6:2c:d2:2c:
38:f1:69:a5:aa:4e:69:7a:e6:29:48:53:d2:7e:cf:d7:e5:3e:
71:cc:ce:f1
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAY8/+kMZpGOzNC+UBmamtPw+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTAzMTk0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRkNjU3MTRkYTNiODRiOGQ3MzNhODcxOWFhMjQyYzQ2Yzc5NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS/SXi54pKPIbLpUYH1hncRz1AiT
DgIBptuTF0hw6vUoQJPl1J7F4tz/hBzbdd5pKa/XaCReDVtyn/SB5S/qlF40jaoO
jb/fIzE3TJY+VfD442J00DiDfTlAU9poH96Til1EfdXkaNq6x+g0DpuD/pH1ywr8
bM4EkF1JkUhYGoX9KBkG3ouQtaynG8f/N7XYBkzfcmRsTywSesiUkSsIscFw1L0z
l04atXhqFcaCmARKdsrWzWdmrdlqc6KlpUjsbVEZaH/yjDCxqoerj7igBhv21VSr
F5yQoqOrc+9zrnVaNfqjgFzAJVrgaYlyC8mHfLlyF+PLHVfXcwZ+HZsJRwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFCFNZXFNo7hLjXM6hxmqJCxGx5dgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSVUxbGNVMmp1RXVOY3pxSEdhb2tMRWJIbDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBACj
BR4DBACjBTUDBACjBUEDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQCowV8
AwQAowV+AwQBowWAAwQAowWGAwQAowWIAwQAowWLAwQAowWPAwQAowWSAwQAowWX
AwQAowWgAwQAowWjAwQAowWnAwQAowWrAwQAowWyAwQAowW2AwQBowW8AwQAowW/
AwQAowXHAwQAowXJMAwDBACjBcsDBAGjBcwDBACjBdoDBACjBeADBACjBeQDBACj
BfEDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBABxHDLo1Y9ifa1I0Qi/K
a8NSHMCkT/CzFKBPtoaf4+RyQYpEUdy77yRo/OTcxMxw9Q4hYv76HPfVElPQgg7L
I38kTNUdTfLPRIM4deVrRI5q//BSCEHTBFqzfsYEjggJtF8iyt4FtkQRQILfLOq5
kMZ+XGAPy2FlKDROsFUwW4nxUyQ31kfY3dda4rF+7llutlfrMZs6YNSpGtIjpJ0u
uBftq+vrU3b87eiTqeyacLSo9o+Uip14nGx4ZRA1zBYl0McTj/CJVCW+wD6omphD
FadvcLvkKIg3jbWGXQHWhUGIfHy/gbzGxizSLDjxaaWqTml65ilIU9J+z9flPnHM
zvE=
-----END CERTIFICATE-----
Generated at Fri May 10 18:20:40 2024 by rpki-client on console-ams.rpki-client.org