Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3YVEurcdZiiqDRluEIKMWpDVs7g.roa
File: 3YVEurcdZiiqDRluEIKMWpDVs7g.roa (raw, json)
Hash identifier: G+FOaedh+lgOpUCo42ZLYPyTkmRGyZnUB3YxVuDk5AM=
Subject key identifier: DD:85:44:BA:B7:1D:66:28:AA:0D:19:6E:10:82:8C:5A:90:D5:B3:B8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B96C85FE5D418A8A53545C9C09391843E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3YVEurcdZiiqDRluEIKMWpDVs7g.roa
Signing time: Fri 03 Nov 2023 20:03:15 +0000
ROA not before: Fri 03 Nov 2023 20:03:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.235.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.251.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.105.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Nov 2023 20:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:96:c8:5f:e5:d4:18:a8:a5:35:45:c9:c0:93:91:84:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 3 20:03:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd8544bab71d6628aa0d196e10828c5a90d5b3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2d:b4:72:37:ae:43:ff:ba:c0:b0:8c:da:4e:
58:b9:57:da:5f:43:be:2b:d2:e4:5b:8c:ae:98:72:
9a:7e:44:fa:d1:29:d6:7e:a0:ec:f7:f3:c0:de:e4:
7d:be:21:96:38:70:39:39:24:b1:38:52:15:c3:7b:
0c:02:d8:a9:30:02:dd:96:fa:d5:8c:26:20:18:48:
46:55:97:25:8f:7b:9a:c1:c2:6e:e5:36:d2:ba:3c:
b2:89:eb:8a:58:ce:ed:be:c7:9b:9e:e4:b3:9d:00:
b2:a4:e0:57:f3:54:4b:9c:5f:93:e5:84:d6:99:d0:
ea:98:af:47:e9:a2:87:ba:d9:5d:47:ab:be:ab:6d:
49:2c:60:a0:fc:54:27:eb:e1:12:e3:43:25:b8:b7:
1b:3d:f2:b9:57:71:a2:87:7b:8a:a7:e0:1f:47:7f:
49:01:00:63:a2:40:8b:7a:25:7d:42:c8:02:ba:24:
f6:ab:a2:8b:ff:6b:e9:d2:42:c4:45:5d:e5:da:54:
33:80:82:a9:47:75:a9:6b:52:83:1d:43:36:66:7b:
b2:61:2e:f2:e9:4d:5a:d3:5b:f5:b7:34:e6:06:f5:
bb:99:88:48:df:0a:b2:c4:fe:57:30:3a:a6:e1:3a:
dd:36:39:73:ed:87:4d:7f:a7:f3:6a:81:02:02:e5:
f4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:85:44:BA:B7:1D:66:28:AA:0D:19:6E:10:82:8C:5A:90:D5:B3:B8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3YVEurcdZiiqDRluEIKMWpDVs7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.35.0-163.5.36.255
163.5.62.0/24
163.5.76.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.99.0/24
163.5.105.0-163.5.106.255
163.5.110.0-163.5.114.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.138.0/23
163.5.141.0-163.5.143.255
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/23
163.5.165.0/24
163.5.167.0/24
163.5.170.0/24
163.5.176.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.235.0/24
163.5.241.0/24
163.5.250.0-163.5.253.255
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
89:f9:b7:47:99:81:38:50:8d:7b:2e:78:7a:40:f3:e5:75:c7:
89:45:a8:31:a1:86:c8:31:e7:c5:79:9c:76:ce:06:37:4f:43:
ff:2d:36:14:70:03:ac:59:22:36:af:e8:66:9b:d9:1a:01:92:
fa:66:7d:3a:47:fc:d2:ed:63:36:3a:c0:e4:a8:06:85:a1:70:
6e:eb:ca:ef:b4:3c:bf:1b:0b:33:c8:c5:d2:af:43:8c:45:00:
1d:06:4a:6f:1d:44:3f:61:6a:81:43:f9:4d:bd:f2:7c:19:19:
60:ee:70:e4:bc:c7:61:7c:30:b3:6c:14:41:99:15:c4:e7:d7:
de:ef:fa:4b:c0:17:7b:55:9b:77:cc:71:57:c5:81:29:15:37:
63:2c:c8:35:1f:a6:09:45:f0:60:86:6b:3a:c5:6e:cc:f8:fe:
88:95:07:a1:21:8a:f7:f5:91:f9:44:db:fb:93:fe:29:72:28:
87:d0:b5:35:16:81:fa:44:c0:12:95:7d:8f:dd:3d:4a:56:af:
15:4b:da:37:48:e2:c0:70:b3:3e:b9:dc:90:73:ad:53:a1:7a:
83:cb:15:f3:2c:4a:af:86:46:fc:4f:ad:34:05:50:e3:cd:41:
f8:f1:c0:bc:b6:56:5c:59:36:85:e8:2a:90:3e:87:de:2d:4c:
79:7b:c5:06
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgISAYuWyF/l1BiopTVFycCTkYQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTAzMjAwMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDg1NDRiYWI3MWQ2NjI4YWEwZDE5NmUxMDgyOGM1YTkwZDViM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi20cjeuQ/+6wLCM2k5YuVfaX0O+
K9LkW4yumHKafkT60SnWfqDs9/PA3uR9viGWOHA5OSSxOFIVw3sMAtipMALdlvrV
jCYgGEhGVZclj3uawcJu5TbSujyyieuKWM7tvsebnuSznQCypOBX81RLnF+T5YTW
mdDqmK9H6aKHutldR6u+q21JLGCg/FQn6+ES40MluLcbPfK5V3Gih3uKp+AfR39J
AQBjokCLeiV9QsgCuiT2q6KL/2vp0kLERV3l2lQzgIKpR3Wpa1KDHUM2ZnuyYS7y
6U1a01v1tzTmBvW7mYhI3wqyxP5XMDqm4TrdNjlz7YdNf6fzaoECAuX03wIDAQAB
o4IDNTCCAzEwHQYDVR0OBBYEFN2FRLq3HWYoqg0ZbhCCjFqQ1bO4MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvM1lWRXVyY2RaaWlxRFJsdUVJS01XcERWczdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSQYIKwYBBQUHAQcBAf8EggE4MIIBNDCCATAEAgABMIIB
KAMEAKMFHjAMAwQAowUjAwQAowUkAwQAowU+AwQAowVMAwQAowVPAwQAowVTAwQA
owVZAwQBowVeAwQAowVjMAwDBACjBWkDBACjBWowDAMEAaMFbgMEAKMFcgMEAKMF
eQMEAKMFfgMEAKMFgAMEAKMFhgMEAaMFijAMAwQAowWNAwQEowWAAwQAowWSAwQA
owWUAwQBowWWAwQAowWcAwQBowWgAwQAowWlAwQAowWnAwQAowWqAwQAowWwAwQA
owWyMAwDBACjBbUDBACjBbYDBACjBboDBAGjBbwDBACjBb8DBACjBckwDAMEAKMF
ywMEAaMFzAMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF6wMEAKMF8TAMAwQBowX6AwQB
owX8AwQAowX/MA0GCSqGSIb3DQEBCwUAA4IBAQCJ+bdHmYE4UI17Lnh6QPPldceJ
RagxoYbIMefFeZx2zgY3T0P/LTYUcAOsWSI2r+hmm9kaAZL6Zn06R/zS7WM2OsDk
qAaFoXBu68rvtDy/GwszyMXSr0OMRQAdBkpvHUQ/YWqBQ/lNvfJ8GRlg7nDkvMdh
fDCzbBRBmRXE59fe7/pLwBd7VZt3zHFXxYEpFTdjLMg1H6YJRfBghms6xW7M+P6I
lQehIYr39ZH5RNv7k/4pciiH0LU1FoH6RMASlX2P3T1KVq8VS9o3SOLAcLM+udyQ
c61ToXqDyxXzLEqvhkb8T600BVDjzUH48cC8tlZcWTaF6CqQPofeLUx5e8UG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org