Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-hPdnpW9PZmSglppA33VRiodpbo.roa
File: 1-hPdnpW9PZmSglppA33VRiodpbo.roa (raw, json)
Hash identifier: Z2+18/6gahUgaqWQTrV+sQ7Adzkb7keloZRfJMmnqyo=
Subject key identifier: FA:13:DD:9E:95:BD:3D:99:92:82:5A:69:03:7D:D5:46:2A:1D:A5:BA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018E4D01284A1D7837D51A12C2F45DC653BB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-hPdnpW9PZmSglppA33VRiodpbo.roa
Signing time: Sun 17 Mar 2024 15:21:45 +0000
ROA not before: Sun 17 Mar 2024 15:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Mar 2024 19:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4d:01:28:4a:1d:78:37:d5:1a:12:c2:f4:5d:c6:53:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 17 15:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa13dd9e95bd3d9992825a69037dd5462a1da5ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b2:3c:e7:42:f1:cb:bc:4e:c6:f2:66:b6:9d:
5a:f1:b4:c7:9c:d7:eb:3f:b5:d6:d9:a7:2f:f6:e9:
a4:7f:e0:bc:51:02:b1:a0:15:6a:d1:05:2b:59:15:
9d:57:24:cd:de:80:c3:7f:aa:1f:75:8c:70:ef:6d:
b6:17:e1:fd:36:87:7a:47:52:ef:c5:c6:52:e3:ac:
33:cd:f1:2f:8f:5e:f4:58:e9:ed:e5:47:57:41:51:
7b:1b:63:3e:e8:96:f6:56:74:6c:d8:91:de:9d:ac:
72:8c:50:37:34:85:08:3d:1b:7b:f9:85:bc:0d:3b:
bd:4b:5d:5c:3a:17:15:7c:73:f2:57:9e:04:c1:3c:
1f:a5:87:a7:da:f0:7e:49:35:e2:29:7b:9b:35:09:
b3:25:91:58:48:1e:e8:d3:59:20:23:9d:de:39:2f:
8c:9b:24:d7:9a:0f:04:47:d5:a0:07:8b:12:60:7f:
9d:0d:8d:29:4a:b1:d7:05:ce:a7:b3:44:28:c0:c9:
60:23:ef:9d:c3:2d:e0:12:bf:08:b6:5d:19:a5:21:
ee:2f:94:5e:d4:ca:2f:16:3e:40:e9:dd:d6:fe:5e:
a4:dd:fc:43:65:43:06:f2:07:d7:48:d0:da:f4:f0:
c5:a2:45:da:8f:38:22:38:bd:85:32:05:a2:9b:be:
0f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:13:DD:9E:95:BD:3D:99:92:82:5A:69:03:7D:D5:46:2A:1D:A5:BA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-hPdnpW9PZmSglppA33VRiodpbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.79.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.148.0/24
163.5.151.0/24
163.5.160.0-163.5.162.255
163.5.167.0/24
163.5.176.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:ac:ed:c8:ba:e1:bc:8a:e5:7a:d7:81:07:b9:e1:87:00:be:
2a:69:ea:14:38:b4:70:24:30:05:d0:cd:70:78:d3:28:eb:06:
b1:2c:d2:a3:c8:88:38:9d:cb:0d:35:62:2f:55:09:36:32:bc:
6e:79:c1:d5:69:06:c3:27:b5:68:f9:a0:6e:34:94:0f:92:c4:
1c:7c:08:fa:7d:50:cc:20:34:7d:d1:90:ea:0d:91:8b:79:2a:
95:a4:54:a6:be:85:e0:b9:3c:f2:e0:28:ba:57:51:02:d4:c7:
c2:e1:56:f0:1a:df:98:1b:35:ef:fe:31:00:04:78:cf:17:b4:
bb:29:51:e0:36:4d:98:ae:43:9c:d5:d6:0e:8c:34:2b:74:ff:
3f:ba:42:ea:68:a1:e2:c6:8f:c4:b3:a3:63:1b:30:04:08:ba:
8f:19:e7:7e:40:37:ab:55:8f:fb:bd:cd:6d:86:63:85:75:c7:
27:e7:6c:38:b4:71:01:96:11:fb:a6:a0:a6:f2:45:ae:06:94:
12:af:86:b8:36:a2:e6:d3:d2:7a:77:f6:9e:63:83:82:a4:33:
e4:6b:eb:fe:77:1b:e7:53:b6:d1:06:ec:94:c0:b2:ae:14:e5:
00:ab:46:0a:8e:d3:0c:92:66:85:a5:9e:fa:54:b4:9d:92:cc:
16:9f:48:ef
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAY5NAShKHXg31RoSwvRdxlO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMzE3MTUyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTEzZGQ5ZTk1YmQzZDk5OTI4MjVhNjkwMzdkZDU0NjJhMWRhNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrI850Lxy7xOxvJmtp1a8bTHnNfr
P7XW2acv9umkf+C8UQKxoBVq0QUrWRWdVyTN3oDDf6ofdYxw7222F+H9Nod6R1Lv
xcZS46wzzfEvj170WOnt5UdXQVF7G2M+6Jb2VnRs2JHenaxyjFA3NIUIPRt7+YW8
DTu9S11cOhcVfHPyV54EwTwfpYen2vB+STXiKXubNQmzJZFYSB7o01kgI53eOS+M
myTXmg8ER9WgB4sSYH+dDY0pSrHXBc6ns0QowMlgI++dwy3gEr8Itl0ZpSHuL5Re
1MovFj5A6d3W/l6k3fxDZUMG8gfXSNDa9PDFokXajzgiOL2FMgWim74PGQIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFPoT3Z6VvT2ZkoJaaQN91UYqHaW6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS1oUGRucFc5UFptU2dscHBBMzNWUmlvZHBiby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYw
MS8xL0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB3QYIKwYBBQUHAQcBAf8Egc0wgcowgccEAgABMIHAAwQA
owUeAwQAowVPAwQAowVZMAwDBAGjBW4DBAGjBXADBACjBXkDBACjBX4DBACjBYAD
BACjBYYDBACjBYsDBACjBY8DBACjBZIDBACjBZQDBACjBZcwDAMEBaMFoAMEAKMF
ogMEAKMFpwMEAKMFsAMEAKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAKMFyTAMAwQA
owXLAwQBowXMAwQAowXaAwQAowXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9MA0G
CSqGSIb3DQEBCwUAA4IBAQA9rO3IuuG8iuV614EHueGHAL4qaeoUOLRwJDAF0M1w
eNMo6waxLNKjyIg4ncsNNWIvVQk2MrxuecHVaQbDJ7Vo+aBuNJQPksQcfAj6fVDM
IDR90ZDqDZGLeSqVpFSmvoXguTzy4Ci6V1EC1MfC4VbwGt+YGzXv/jEABHjPF7S7
KVHgNk2YrkOc1dYOjDQrdP8/ukLqaKHixo/Es6NjGzAECLqPGed+QDerVY/7vc1t
hmOFdccn52w4tHEBlhH7pqCm8kWuBpQSr4a4NqLm09J6d/aeY4OCpDPka+v+dxvn
U7bRBuyUwLKuFOUAq0YKjtMMkmaFpZ76VLSdkswWn0jv
-----END CERTIFICATE-----
Generated at Sun Mar 24 20:38:53 2024 by rpki-client on console-ams.rpki-client.org