Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3UjuUg-NbCRD6RD1CcxzAZt6iso.roa
File: 3UjuUg-NbCRD6RD1CcxzAZt6iso.roa (raw, json)
Hash identifier: oOBOrWGQHFegnnFaK+ybfv6QmAeIKKNMlE5DFi/gu6c=
Subject key identifier: DD:48:EE:52:0F:8D:6C:24:43:E9:10:F5:09:CC:73:01:9B:7A:8A:CA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01973727B2E4A41CE38B7B39CC374C479060
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3UjuUg-NbCRD6RD1CcxzAZt6iso.roa
Signing time: Tue 03 Jun 2025 18:57:17 +0000
ROA not before: Tue 03 Jun 2025 18:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Jun 2025 10:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:37:27:b2:e4:a4:1c:e3:8b:7b:39:cc:37:4c:47:90:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 3 18:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd48ee520f8d6c2443e910f509cc73019b7a8aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:20:71:fb:97:18:a8:27:d0:6b:2f:26:02:e5:
9f:48:67:8f:d5:25:3e:4e:21:e6:71:5f:1d:0b:86:
2a:3a:aa:70:b5:c0:b9:bb:d7:8c:63:d5:e1:74:45:
a0:6d:6c:4f:80:23:76:a4:7e:d4:c6:0a:9c:9b:43:
72:09:d9:e0:4e:b0:09:f9:08:e9:9d:15:85:c0:b7:
c2:97:e8:86:9d:32:f4:f5:09:bd:eb:2e:d2:92:93:
20:d7:36:8b:47:e2:89:65:2f:bf:e4:ee:3b:53:18:
69:49:c8:b5:e4:56:7f:e3:d8:87:24:ea:4e:57:13:
f8:67:e9:10:1e:3e:75:d5:92:f5:92:a2:20:1c:bc:
2b:98:07:fe:55:f0:77:3a:c9:dc:29:b2:5f:4c:59:
dd:3a:76:33:76:4a:44:ab:93:cc:eb:1e:86:2a:cc:
49:17:d2:75:c1:13:e9:9f:61:d3:22:6b:47:7e:28:
f8:4e:b9:e8:23:0f:7e:5c:dd:ab:4f:44:82:9b:92:
dd:e2:6b:36:65:08:3c:a6:ad:d0:fc:db:25:69:b2:
15:4c:7f:5a:61:a8:c9:3e:73:95:36:16:d4:9a:d8:
49:97:72:b9:15:dd:99:47:47:19:87:98:72:6c:fe:
e7:e0:26:01:17:60:d2:43:dd:65:23:72:d7:7b:5f:
02:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:48:EE:52:0F:8D:6C:24:43:E9:10:F5:09:CC:73:01:9B:7A:8A:CA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3UjuUg-NbCRD6RD1CcxzAZt6iso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/23
163.5.59.0/24
163.5.109.0/24
163.5.112.0/23
163.5.119.0/24
163.5.121.0/24
163.5.128.0/23
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.201.0/24
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.218.0/24
163.5.221.0/24
163.5.223.0-163.5.224.255
163.5.228.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
08:7e:2b:9a:dc:c9:19:8a:55:ca:90:d6:9e:3f:5b:c6:36:4c:
bc:a1:89:f5:5b:33:92:0d:e6:9e:ee:9a:2c:a8:fe:01:b6:07:
56:f2:f0:09:62:b7:fd:e6:a9:6b:f1:55:80:0a:fe:75:62:8b:
31:16:fd:25:22:d6:04:87:24:b9:27:78:4a:06:da:15:d1:96:
c0:b8:52:23:29:bd:18:4c:c3:14:8f:8f:36:45:37:05:dd:08:
f1:49:93:74:1b:17:cd:58:6a:da:7e:77:48:50:4d:62:ac:81:
a4:05:05:21:16:55:c9:2c:9f:ab:6b:3e:c0:3f:88:c6:8f:d8:
7e:70:8f:9d:e3:b2:fd:71:49:3e:1f:ee:5c:2d:26:70:7a:76:
77:14:51:99:40:11:13:ae:5b:f8:e2:ec:ba:b7:35:77:b8:8e:
00:30:f1:ff:56:c9:81:a8:f1:a8:35:05:8d:f8:ce:fc:4e:0e:
38:c9:6d:bb:8b:21:46:05:fd:50:ae:c4:52:ff:37:81:7b:1e:
f6:73:54:55:5a:7c:29:14:82:2b:85:fe:62:d3:de:e3:e7:a5:
d1:46:49:b6:29:74:6f:b3:ce:c9:75:65:a9:2d:68:4b:fd:8b:
61:95:09:2d:97:1d:1a:a3:ab:81:d7:71:e5:8f:17:21:3f:93:
10:59:f5:dc
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZc3J7LkpBzji3s5zDdMR5BgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNjAzMTg1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ4ZWU1MjBmOGQ2YzI0NDNlOTEwZjUwOWNjNzMwMTliN2E4YWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iBx+5cYqCfQay8mAuWfSGeP1SU+
TiHmcV8dC4YqOqpwtcC5u9eMY9XhdEWgbWxPgCN2pH7Uxgqcm0NyCdngTrAJ+Qjp
nRWFwLfCl+iGnTL09Qm96y7SkpMg1zaLR+KJZS+/5O47UxhpSci15FZ/49iHJOpO
VxP4Z+kQHj511ZL1kqIgHLwrmAf+VfB3OsncKbJfTFndOnYzdkpEq5PM6x6GKsxJ
F9J1wRPpn2HTImtHfij4TrnoIw9+XN2rT0SCm5Ld4ms2ZQg8pq3Q/NslabIVTH9a
YajJPnOVNhbUmthJl3K5Fd2ZR0cZh5hybP7n4CYBF2DSQ91lI3LXe18CqwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFN1I7lIPjWwkQ+kQ9QnMcwGbeorKMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvM1VqdVVnLU5iQ1JENlJEMUNjeHpBWnQ2aXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAGj
BR4DBACjBTsDBACjBW0DBAGjBXADBACjBXcDBACjBXkDBAGjBYADBACjBYsDBACj
BY8DBACjBZIDBACjBZcDBACjBaADBACjBaIDBACjBacDBACjBbIDBACjBbYDBACj
BboDBACjBb0DBACjBckwDAMEAKMFywMEAKMFzgMEAKMF0QMEAKMF2gMEAKMF3TAM
AwQAowXfAwQAowXgAwQAowXkAwQAowXxMA0GCSqGSIb3DQEBCwUAA4IBAQAIfiua
3MkZilXKkNaeP1vGNky8oYn1WzOSDeae7posqP4BtgdW8vAJYrf95qlr8VWACv51
YosxFv0lItYEhyS5J3hKBtoV0ZbAuFIjKb0YTMMUj482RTcF3QjxSZN0GxfNWGra
fndIUE1irIGkBQUhFlXJLJ+raz7AP4jGj9h+cI+d47L9cUk+H+5cLSZwenZ3FFGZ
QBETrlv44uy6tzV3uI4AMPH/VsmBqPGoNQWN+M78Tg44yW27iyFGBf1QrsRS/zeB
ex72c1RVWnwpFIIrhf5i097j56XRRkm2KXRvs87JdWWpLWhL/YthlQktlx0ao6uB
13HljxchP5MQWfXc
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:57:06 2025 by rpki-client