Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1gQCiFAhErheBKSW5bdgLD6oavA.roa
File: 1gQCiFAhErheBKSW5bdgLD6oavA.roa (raw, json)
Hash identifier: SeeK3KQvIYGaUT1l96GXa4h3Nn4//RSD9G1XEgiVAs4=
Subject key identifier: D6:04:02:88:50:21:12:B8:5E:04:A4:96:E5:B7:60:2C:3E:A8:6A:F0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0190A3C0699BE27E034333DCF116B73A36AE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1gQCiFAhErheBKSW5bdgLD6oavA.roa
Signing time: Thu 11 Jul 2024 21:43:34 +0000
ROA not before: Thu 11 Jul 2024 21:43:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 07:58:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a3:c0:69:9b:e2:7e:03:43:33:dc:f1:16:b7:3a:36:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 11 21:43:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6040288502112b85e04a496e5b7602c3ea86af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b7:42:82:5b:61:78:ee:d3:60:64:c2:c5:95:
26:88:19:95:76:b2:96:42:ab:a0:d0:f8:cd:a8:14:
d8:83:4f:3c:05:c7:59:d7:5b:d1:bc:4d:46:8d:0f:
39:9f:5c:ca:36:b5:4d:66:5b:64:e6:65:a0:3e:1b:
24:c8:1e:a7:27:15:5c:77:32:de:88:62:63:27:46:
a4:34:4b:e0:82:ac:4a:72:64:3d:be:9e:69:5b:d8:
d6:e7:bb:3f:56:6f:53:5e:7f:0c:9f:a7:32:62:a1:
10:f8:b9:5d:c7:47:d0:f0:ba:b8:cc:57:73:03:81:
72:41:76:e5:fe:dd:73:5a:80:ad:9d:d7:ef:d7:54:
2d:39:d0:70:d5:40:11:71:9f:9a:2a:70:93:12:18:
61:ab:3c:11:55:6f:27:4d:33:81:80:a6:ff:f3:73:
1f:01:2f:e7:44:18:e9:3d:1d:dc:84:94:04:97:6a:
e3:e2:01:12:e3:00:51:f4:38:7a:45:5e:c8:f4:e0:
3f:92:41:d3:86:a3:c4:37:b1:bc:e2:21:31:8c:86:
f5:ca:15:58:fb:d5:b2:ff:8c:f6:45:c1:3e:f4:5c:
25:4c:6d:25:5d:d8:6e:1b:d2:9a:69:b8:36:bc:f5:
a7:5e:d7:01:ae:3e:6b:90:71:27:01:9b:c9:b3:e8:
d9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:04:02:88:50:21:12:B8:5E:04:A4:96:E5:B7:60:2C:3E:A8:6A:F0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1gQCiFAhErheBKSW5bdgLD6oavA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.51.0/24
163.5.71.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.138.0/23
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
50:fb:c1:79:dd:9a:5c:9e:c7:46:1a:b6:da:19:b8:ac:91:00:
c5:67:b9:08:19:8f:76:70:ec:6b:69:f2:af:b6:e7:8a:90:e7:
07:11:79:d3:71:34:d7:29:df:24:36:ef:0e:e4:ca:01:07:c9:
f3:7f:4f:3d:63:df:c8:bb:82:d6:76:cc:89:37:0d:bd:77:c3:
0b:87:70:d7:b6:12:03:fa:da:65:99:d6:b2:ca:7c:b4:1a:b8:
1b:44:89:00:14:1f:f0:76:b3:8e:af:57:69:26:14:4e:6b:a3:
d2:ef:81:cc:3d:94:06:10:2f:7a:15:80:6d:0c:59:8c:fe:eb:
64:c6:ce:d5:04:9d:87:89:a4:88:6d:ad:c8:0e:45:f7:59:45:
93:77:d2:6a:fa:a9:16:9c:ee:08:33:ce:ed:e8:2d:da:f6:db:
25:d8:0f:57:ac:bf:3b:a8:11:9d:03:25:56:e2:f4:bd:6c:af:
d2:95:5a:08:81:bb:79:aa:f8:a2:8d:54:f7:c7:00:4a:25:b0:
ea:6b:d4:b4:53:37:39:b0:d8:04:e7:c3:b8:67:d8:f5:22:3f:
a6:59:e5:2a:21:f4:c4:2c:c0:36:be:b0:e3:b3:93:23:77:a7:
d5:1e:86:8e:fa:92:d4:a7:7c:6e:c5:08:7f:cc:86:fe:0b:fd:
63:7f:87:c1
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZCjwGmb4n4DQzPc8Ra3OjauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzExMjE0MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjA0MDI4ODUwMjExMmI4NWUwNGE0OTZlNWI3NjAyYzNlYTg2YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7dCgltheO7TYGTCxZUmiBmVdrKW
Qqug0PjNqBTYg088BcdZ11vRvE1GjQ85n1zKNrVNZltk5mWgPhskyB6nJxVcdzLe
iGJjJ0akNEvggqxKcmQ9vp5pW9jW57s/Vm9TXn8Mn6cyYqEQ+Lldx0fQ8Lq4zFdz
A4FyQXbl/t1zWoCtndfv11QtOdBw1UARcZ+aKnCTEhhhqzwRVW8nTTOBgKb/83Mf
AS/nRBjpPR3chJQEl2rj4gES4wBR9Dh6RV7I9OA/kkHThqPEN7G84iExjIb1yhVY
+9Wy/4z2RcE+9FwlTG0lXdhuG9Kaabg2vPWnXtcBrj5rkHEnAZvJs+jZ7wIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFNYEAohQIRK4XgSkluW3YCw+qGrwMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMWdRQ2lGQWhFcmhlQktTVzViZGdMRDZvYXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBACj
BR4DBACjBTMDBACjBUcDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgME
AaMFgAMEAaMFigMEAKMFjwMEAKMFkgMEAKMFlwMEAKMFoAMEAKMFogMEAKMFpwME
AKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAaMFyDAMAwQAowXLAwQAowXOAwQAowXa
AwQAowXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9MA0GCSqGSIb3DQEBCwUAA4IB
AQBQ+8F53ZpcnsdGGrbaGbiskQDFZ7kIGY92cOxrafKvtueKkOcHEXnTcTTXKd8k
Nu8O5MoBB8nzf089Y9/Iu4LWdsyJNw29d8MLh3DXthID+tplmdayyny0GrgbRIkA
FB/wdrOOr1dpJhROa6PS74HMPZQGEC96FYBtDFmM/utkxs7VBJ2HiaSIba3IDkX3
WUWTd9Jq+qkWnO4IM87t6C3a9tsl2A9XrL87qBGdAyVW4vS9bK/SlVoIgbt5qvii
jVT3xwBKJbDqa9S0Uzc5sNgE58O4Z9j1Ij+mWeUqIfTELMA2vrDjs5Mjd6fVHoaO
+pLUp3xuxQh/zIb+C/1jf4fB
-----END CERTIFICATE-----
Generated at Fri Jul 12 09:55:53 2024 by rpki-client on console-fra.rpki-client.org