Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2VKhpXL-iejztmGraWgvRQQoD1c.roa
File: 2VKhpXL-iejztmGraWgvRQQoD1c.roa (raw, json)
Hash identifier: haxE9V2KW872Wtn8cAik/SHrRxSMxaK6ZNj1k1y+gzY=
Subject key identifier: D9:52:A1:A5:72:FE:89:E8:F3:B6:61:AB:69:68:2F:45:04:28:0F:57
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018BB738D734A3F9AF178CF86D0B94F22DAB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2VKhpXL-iejztmGraWgvRQQoD1c.roa
Signing time: Fri 10 Nov 2023 03:13:57 +0000
ROA not before: Fri 10 Nov 2023 03:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b7:38:d7:34:a3:f9:af:17:8c:f8:6d:0b:94:f2:2d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 10 03:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d952a1a572fe89e8f3b661ab69682f4504280f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:31:3e:01:5a:ff:a5:73:93:a6:1b:28:ab:01:
1b:2d:9f:75:0c:31:ea:03:c7:0d:df:72:af:d5:74:
0b:e3:d3:ad:51:28:64:52:c5:84:59:93:dc:e0:72:
2d:f4:f5:3f:41:b7:e2:ac:29:a1:c5:31:f9:c0:7a:
2f:0c:97:e5:af:19:de:af:9b:d2:7f:af:28:6f:1f:
0f:2f:69:1e:79:ca:52:a4:f1:a7:38:48:97:19:1c:
be:91:8d:e8:42:8a:c0:be:bb:6e:5d:fb:e8:b2:61:
50:69:c9:33:20:1c:82:62:2e:be:ec:ea:37:0e:94:
f0:bc:1a:ce:e0:4d:14:66:fa:d1:25:70:0c:bf:3e:
85:09:21:85:52:cc:5f:a9:ac:c5:d1:91:c4:44:ed:
f0:73:20:f1:4e:87:e3:63:d1:9b:47:dc:b2:9c:81:
a8:27:2f:5d:60:4a:fb:b6:70:41:6f:ea:b2:93:0b:
34:02:16:97:b6:56:aa:13:aa:c1:c0:69:bc:a5:e6:
30:5d:03:a6:76:42:1d:0d:c7:ea:fa:49:d8:c6:70:
08:f9:7a:0c:0c:87:a9:af:63:d6:57:b3:54:86:cd:
c1:45:a5:7b:5e:6d:0f:75:40:39:f7:91:a3:fa:b5:
0b:79:aa:8d:d5:72:5a:01:29:e2:b2:47:45:23:9c:
28:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:52:A1:A5:72:FE:89:E8:F3:B6:61:AB:69:68:2F:45:04:28:0F:57
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2VKhpXL-iejztmGraWgvRQQoD1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.35.0-163.5.36.255
163.5.62.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.97.0/24
163.5.99.0/24
163.5.106.0/24
163.5.110.0-163.5.114.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.138.0/23
163.5.142.0/23
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/23
163.5.167.0/24
163.5.170.0/24
163.5.176.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.252.0/23
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:74:2b:14:01:12:5a:f7:91:c4:90:2d:d0:32:f4:61:2a:65:
51:53:d1:22:04:76:b2:65:2a:85:e0:4b:0d:61:ac:30:5b:89:
97:4f:af:c8:58:c1:51:da:43:7c:e9:3a:6a:9f:c6:5c:a3:0a:
02:9f:db:e0:84:4e:48:86:a1:25:46:17:18:b7:d5:bb:aa:30:
a9:a5:ce:f6:42:ed:ae:ff:d3:1c:c8:11:6e:38:e4:a9:df:a7:
be:c2:5a:50:8f:d2:68:75:9c:00:86:54:5c:5b:2a:da:ba:10:
c4:f2:1c:a0:48:8a:24:89:86:dc:6e:6d:13:54:00:a0:6f:07:
e2:39:90:46:29:3a:0b:f3:47:fb:25:33:dc:9a:51:b2:8b:b4:
14:ba:1a:a0:72:f0:6d:90:01:c7:cd:dd:62:6e:69:45:d7:18:
54:e2:e5:0d:d4:84:9a:1c:c0:1a:63:6a:f9:12:93:cd:e5:1e:
79:8c:6d:17:ae:42:a8:cf:28:5d:2a:0a:92:08:21:3d:d7:a4:
9a:e7:97:94:72:a9:d4:36:6f:7a:dc:80:0d:66:b3:e8:fa:aa:
f5:76:ac:5e:b8:ac:87:a2:04:01:07:f5:73:bb:06:e6:8e:c2:
25:fa:9b:31:71:80:94:b0:2b:4b:5a:29:0f:ab:ce:bb:29:91:
b4:e5:16:35
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAYu3ONc0o/mvF4z4bQuU8i2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTEwMDMxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTUyYTFhNTcyZmU4OWU4ZjNiNjYxYWI2OTY4MmY0NTA0MjgwZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DE+AVr/pXOTphsoqwEbLZ91DDHq
A8cN33Kv1XQL49OtUShkUsWEWZPc4HIt9PU/QbfirCmhxTH5wHovDJflrxner5vS
f68obx8PL2keecpSpPGnOEiXGRy+kY3oQorAvrtuXfvosmFQackzIByCYi6+7Oo3
DpTwvBrO4E0UZvrRJXAMvz6FCSGFUsxfqazF0ZHERO3wcyDxTofjY9GbR9yynIGo
Jy9dYEr7tnBBb+qykws0AhaXtlaqE6rBwGm8peYwXQOmdkIdDcfq+knYxnAI+XoM
DIepr2PWV7NUhs3BRaV7Xm0PdUA595Gj+rULeaqN1XJaASniskdFI5woZQIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFNlSoaVy/ono87Zhq2loL0UEKA9XMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMlZLaHBYTC1pZWp6dG1HcmFXZ3ZSUVFvRDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAKMFHjAMAwQAowUjAwQAowUkAwQAowU+AwQAowVPAwQAowVTAwQAowVZAwQB
owVeAwQAowVhAwQAowVjAwQAowVqMAwDBAGjBW4DBACjBXIDBACjBXkDBACjBX4D
BACjBYADBACjBYYDBAGjBYoDBAGjBY4DBACjBZIDBACjBZQDBAGjBZYDBACjBZwD
BAGjBaADBACjBacDBACjBaoDBACjBbADBACjBbIwDAMEAKMFtQMEAKMFtgMEAKMF
ugMEAaMFvAMEAKMFvwMEAKMFxwMEAKMFyTAMAwQAowXLAwQBowXMAwQAowXaAwQA
owXgAwQAowXkAwQAowXxAwQAowX6AwQBowX8AwQAowX/MA0GCSqGSIb3DQEBCwUA
A4IBAQBddCsUARJa95HEkC3QMvRhKmVRU9EiBHayZSqF4EsNYawwW4mXT6/IWMFR
2kN86Tpqn8ZcowoCn9vghE5IhqElRhcYt9W7qjCppc72Qu2u/9McyBFuOOSp36e+
wlpQj9JodZwAhlRcWyrauhDE8hygSIokiYbcbm0TVACgbwfiOZBGKToL80f7JTPc
mlGyi7QUuhqgcvBtkAHHzd1ibmlF1xhU4uUN1ISaHMAaY2r5EpPN5R55jG0XrkKo
zyhdKgqSCCE916Sa55eUcqnUNm963IANZrPo+qr1dqxeuKyHogQBB/VzuwbmjsIl
+psxcYCUsCtLWikPq867KZG05RY1
-----END CERTIFICATE-----
Generated at Sat Nov 11 10:58:53 2023 by rpki-client on console-ams.rpki-client.org