Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2uIKS33UvRUpPiYAXM54er9KFp8.roa
File: 2uIKS33UvRUpPiYAXM54er9KFp8.roa (raw, json)
Hash identifier: x6pRvkk07aZx+1iKqHEjj91yGGOUB5MpAGrGkhpYER0=
Subject key identifier: DA:E2:0A:4B:7D:D4:BD:15:29:3E:26:00:5C:CE:78:7A:BF:4A:16:9F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01950997436228C96B5F46496BF55FFCEE1A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2uIKS33UvRUpPiYAXM54er9KFp8.roa
Signing time: Sat 15 Feb 2025 12:31:02 +0000
ROA not before: Sat 15 Feb 2025 12:31:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.38.0/23 maxlen: 23
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
163.5.63.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.102.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 12:42:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:09:97:43:62:28:c9:6b:5f:46:49:6b:f5:5f:fc:ee:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 15 12:31:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dae20a4b7dd4bd15293e26005cce787abf4a169f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8a:3d:7b:fd:43:5d:fb:9b:f6:44:07:31:ef:
50:d6:1d:2e:bb:a6:02:f6:45:49:29:1a:c6:c7:c8:
0f:f2:9f:1f:68:f2:69:2f:92:38:c1:41:13:63:66:
70:f2:14:65:65:74:7f:08:36:0f:dc:89:e4:f3:1c:
1c:c3:f4:4f:a4:7d:f5:42:19:cd:31:45:f2:ad:8c:
8a:c2:de:df:55:22:63:87:3b:d0:04:c7:4d:95:ca:
f8:63:70:2e:f1:30:e9:86:45:7e:81:e2:d8:ae:61:
56:4b:92:b4:d0:ce:f7:b2:37:b5:76:1b:1d:25:47:
76:96:ce:2e:f8:b9:78:b5:ae:34:1c:5c:7f:64:67:
c1:5c:da:62:3c:ad:c6:17:15:5d:7e:48:a1:a5:3c:
aa:7f:47:9a:a0:40:98:a1:19:d2:c6:53:40:d4:75:
66:d5:cf:04:e2:49:6f:3e:26:32:97:ac:e4:73:71:
b7:5b:f7:53:43:c3:86:1f:9f:e9:6d:b3:89:76:2a:
88:20:06:07:65:f5:52:b7:ae:3f:d1:c5:d0:f5:4d:
ea:c8:57:24:b5:4f:b7:cd:c1:38:bb:96:bf:b1:44:
1d:1e:ee:45:7b:25:74:97:5e:3b:de:de:71:57:e5:
66:66:7b:43:72:3e:eb:cc:8b:95:ab:23:9a:35:ce:
26:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E2:0A:4B:7D:D4:BD:15:29:3E:26:00:5C:CE:78:7A:BF:4A:16:9F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2uIKS33UvRUpPiYAXM54er9KFp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.38.0/23
163.5.60.0/24
163.5.63.0/24
163.5.88.0/24
163.5.90.0/24
163.5.93.0/24
163.5.100.0-163.5.102.255
163.5.108.0/23
163.5.114.0/24
163.5.116.0/23
163.5.130.0/24
163.5.133.0/24
163.5.147.0/24
163.5.174.0/24
163.5.189.0/24
163.5.192.0/24
163.5.225.0-163.5.229.255
163.5.238.0/24
163.5.240.0/24
163.5.243.0/24
163.5.246.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:ac:4c:e9:2d:45:61:5d:b4:01:ae:68:08:26:57:58:a9:69:
55:55:d1:0d:a6:97:11:12:80:a3:c0:06:78:1d:93:9b:0a:e7:
53:b7:e4:8a:98:45:b4:69:e6:db:28:76:57:03:0f:fb:01:97:
d4:7b:b3:6d:1b:55:10:d7:0b:5c:fc:7e:77:b1:45:81:85:66:
17:2e:4f:3a:f6:77:6a:e8:ac:78:a2:0b:31:c5:39:45:77:5a:
23:12:aa:68:0a:78:75:74:3c:ff:2c:3b:fe:a7:91:21:59:5b:
2e:77:c1:00:8e:30:33:41:e7:3b:c3:62:0e:40:fb:c8:91:6f:
ac:ff:d0:68:74:70:ae:02:35:2f:8a:c3:07:6d:e6:d9:ab:f9:
69:09:a5:23:94:92:20:22:96:58:b1:45:f4:39:54:5b:a0:7e:
34:b8:20:f3:11:de:a4:11:42:88:4d:b2:c9:19:2f:c4:9e:c5:
b8:e9:fb:b2:e4:10:4d:8a:5b:39:ac:01:0f:32:57:3b:82:4d:
0d:a4:f3:7f:20:1a:49:8c:1b:9e:cd:1a:cf:fc:ed:cc:ec:13:
63:86:7c:37:b7:51:1a:59:f8:a1:75:5a:04:f1:9d:e3:fa:00:
5b:4b:d0:0a:83:b5:0a:5c:e4:24:3b:44:1d:d0:55:31:0b:b0:
d7:af:6d:9d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZUJl0NiKMlrX0ZJa/Vf/O4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMjE1MTIzMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWUyMGE0YjdkZDRiZDE1MjkzZTI2MDA1Y2NlNzg3YWJmNGExNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoo9e/1DXfub9kQHMe9Q1h0uu6YC
9kVJKRrGx8gP8p8faPJpL5I4wUETY2Zw8hRlZXR/CDYP3Ink8xwcw/RPpH31QhnN
MUXyrYyKwt7fVSJjhzvQBMdNlcr4Y3Au8TDphkV+geLYrmFWS5K00M73sje1dhsd
JUd2ls4u+Ll4ta40HFx/ZGfBXNpiPK3GFxVdfkihpTyqf0eaoECYoRnSxlNA1HVm
1c8E4klvPiYyl6zkc3G3W/dTQ8OGH5/pbbOJdiqIIAYHZfVSt64/0cXQ9U3qyFck
tU+3zcE4u5a/sUQdHu5FeyV0l1473t5xV+VmZntDcj7rzIuVqyOaNc4m8QIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFNriCkt91L0VKT4mAFzOeHq/ShafMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMnVJS1MzM1V2UlVwUGlZQVhNNTRlcjlLRnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAGj
BSYDBACjBTwDBACjBT8DBACjBVgDBACjBVoDBACjBV0wDAMEAqMFZAMEAKMFZgME
AaMFbAMEAKMFcgMEAaMFdAMEAKMFggMEAKMFhQMEAKMFkwMEAKMFrgMEAKMFvQME
AKMFwDAMAwQAowXhAwQBowXkAwQAowXuAwQAowXwAwQAowXzAwQAowX2MA0GCSqG
SIb3DQEBCwUAA4IBAQALrEzpLUVhXbQBrmgIJldYqWlVVdENppcREoCjwAZ4HZOb
CudTt+SKmEW0aebbKHZXAw/7AZfUe7NtG1UQ1wtc/H53sUWBhWYXLk869ndq6Kx4
ogsxxTlFd1ojEqpoCnh1dDz/LDv+p5EhWVsud8EAjjAzQec7w2IOQPvIkW+s/9Bo
dHCuAjUvisMHbebZq/lpCaUjlJIgIpZYsUX0OVRboH40uCDzEd6kEUKITbLJGS/E
nsW46fuy5BBNils5rAEPMlc7gk0NpPN/IBpJjBuezRrP/O3M7BNjhnw3t1EaWfih
dVoE8Z3j+gBbS9AKg7UKXOQkO0Qd0FUxC7DXr22d
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:37:53 2025 by rpki-client