Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4WJenqMZIiCE14uHp2_EURtDKBY.roa
File: 4WJenqMZIiCE14uHp2_EURtDKBY.roa (raw, json)
Hash identifier: 4vARL6gohQOyhUosW5O15W9kEzygy0PCmMC+AoAHckI=
Subject key identifier: E1:62:5E:9E:A3:19:22:20:84:D7:8B:87:A7:6F:C4:51:1B:43:28:16
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018BD815FD6728E95409F44F667D1E9702BC
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4WJenqMZIiCE14uHp2_EURtDKBY.roa
Signing time: Thu 16 Nov 2023 12:23:21 +0000
ROA not before: Thu 16 Nov 2023 12:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.74.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:15:fd:67:28:e9:54:09:f4:4f:66:7d:1e:97:02:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 16 12:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1625e9ea319222084d78b87a76fc4511b432816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:65:21:d6:03:2b:fa:8d:1b:43:bb:b1:e5:8c:
c5:f6:59:45:11:53:d6:9d:87:4b:33:87:fa:76:aa:
c2:69:60:56:a7:20:af:63:79:0e:c5:bf:2b:be:ad:
02:ac:23:da:93:cc:1f:06:08:f1:49:6e:7b:ab:28:
ef:66:08:33:bf:bf:6c:4c:b8:5a:e5:06:d0:77:d1:
df:df:26:98:de:b2:db:a6:ce:8a:29:6c:77:3e:83:
67:8f:2b:40:b6:0b:57:68:cd:01:39:54:00:58:a7:
5d:73:bf:8a:cc:9d:4f:25:da:9b:90:2a:14:aa:0f:
28:0d:59:75:f3:da:a1:d4:04:35:43:48:d8:44:ab:
20:da:3f:2f:a6:4c:56:27:63:d6:56:cd:5d:c5:e7:
39:be:d7:47:a0:b5:b9:c8:e8:42:53:9f:3c:e7:75:
d1:53:40:d1:28:e0:14:95:bd:20:a5:90:b8:c3:27:
47:19:d3:9d:1c:e5:cb:bf:c2:e2:1a:81:78:6a:82:
18:cc:c1:e0:9d:fc:1e:af:b9:02:3b:30:3a:8b:1e:
87:7b:2e:f7:d6:55:21:90:b5:ba:a9:ea:8e:40:05:
43:fa:bf:3d:03:55:10:bb:82:95:6d:6e:38:0e:e8:
63:94:ea:e1:2e:b9:71:e7:e0:f6:2e:26:07:15:20:
cf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:62:5E:9E:A3:19:22:20:84:D7:8B:87:A7:6F:C4:51:1B:43:28:16
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4WJenqMZIiCE14uHp2_EURtDKBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.35.0-163.5.36.255
163.5.62.0/24
163.5.74.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.99.0/24
163.5.106.0/24
163.5.110.0-163.5.114.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.138.0/23
163.5.142.0/23
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/24
163.5.167.0/24
163.5.170.0/24
163.5.176.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.252.0/23
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
18:33:75:62:86:4f:a2:28:ba:0a:87:03:4b:12:ef:89:98:cb:
9f:9f:e7:80:d3:10:be:e9:10:92:3a:ae:73:d6:f8:90:d5:65:
0c:9d:98:1e:4c:c0:bd:ef:62:6a:a9:a7:b7:99:22:3a:ff:5e:
47:d0:9e:db:54:e7:2f:0d:6d:3f:77:e9:ff:c2:b0:25:1d:ac:
1a:82:a3:39:89:5e:a3:f3:b4:35:ab:af:45:c4:80:fc:92:d8:
31:49:90:76:79:fc:7a:1f:9d:ff:ac:a6:6f:d9:b8:ed:e2:bc:
c3:ba:b4:8e:91:5f:49:a5:03:e6:ad:69:da:2d:f7:fc:2e:8e:
e5:13:44:2a:d2:f6:99:fc:d9:9f:83:dc:bf:49:4f:66:cd:84:
b7:9c:12:d4:99:dc:80:b8:11:fc:94:b2:cf:8a:3c:ad:f0:23:
fa:00:57:28:c1:8c:fc:c6:fb:cb:dc:1b:06:07:be:42:f2:8a:
8c:27:31:c0:8b:aa:09:8b:94:32:bb:49:09:76:44:29:98:8f:
0e:22:57:d7:83:fd:4b:1d:97:45:d7:90:65:77:00:40:d5:68:
7a:03:8a:16:23:c3:47:e3:eb:b0:e9:1b:da:59:b1:b3:72:72:
4e:d8:d5:f5:1b:00:5a:e6:01:9e:5f:44:80:49:1a:da:34:98:
d9:74:23:4a
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAYvYFf1nKOlUCfRPZn0elwK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTE2MTIyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTYyNWU5ZWEzMTkyMjIwODRkNzhiODdhNzZmYzQ1MTFiNDMyODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mUh1gMr+o0bQ7ux5YzF9llFEVPW
nYdLM4f6dqrCaWBWpyCvY3kOxb8rvq0CrCPak8wfBgjxSW57qyjvZggzv79sTLha
5QbQd9Hf3yaY3rLbps6KKWx3PoNnjytAtgtXaM0BOVQAWKddc7+KzJ1PJdqbkCoU
qg8oDVl189qh1AQ1Q0jYRKsg2j8vpkxWJ2PWVs1dxec5vtdHoLW5yOhCU58853XR
U0DRKOAUlb0gpZC4wydHGdOdHOXLv8LiGoF4aoIYzMHgnfwer7kCOzA6ix6Hey73
1lUhkLW6qeqOQAVD+r89A1UQu4KVbW44DuhjlOrhLrlx5+D2LiYHFSDP3QIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFOFiXp6jGSIghNeLh6dvxFEbQygWMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNFdKZW5xTVpJaUNFMTR1SHAyX0VVUnRES0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAKMFHjAMAwQAowUjAwQAowUkAwQAowU+AwQAowVKAwQAowVPAwQAowVTAwQA
owVZAwQBowVeAwQAowVjAwQAowVqMAwDBAGjBW4DBACjBXIDBACjBXkDBACjBX4D
BACjBYADBACjBYYDBAGjBYoDBAGjBY4DBACjBZIDBACjBZQDBAGjBZYDBACjBZwD
BACjBaADBACjBacDBACjBaoDBACjBbADBACjBbIwDAMEAKMFtQMEAKMFtgMEAKMF
ugMEAaMFvAMEAKMFvwMEAKMFxwMEAKMFyTAMAwQAowXLAwQBowXMAwQAowXaAwQA
owXgAwQAowXkAwQAowXxAwQAowX6AwQBowX8AwQAowX/MA0GCSqGSIb3DQEBCwUA
A4IBAQAYM3Vihk+iKLoKhwNLEu+JmMufn+eA0xC+6RCSOq5z1viQ1WUMnZgeTMC9
72Jqqae3mSI6/15H0J7bVOcvDW0/d+n/wrAlHawagqM5iV6j87Q1q69FxID8ktgx
SZB2efx6H53/rKZv2bjt4rzDurSOkV9JpQPmrWnaLff8Lo7lE0Qq0vaZ/Nmfg9y/
SU9mzYS3nBLUmdyAuBH8lLLPijyt8CP6AFcowYz8xvvL3BsGB75C8oqMJzHAi6oJ
i5Qyu0kJdkQpmI8OIlfXg/1LHZdF15BldwBA1Wh6A4oWI8NH4+uw6RvaWbGzcnJO
2NX1GwBa5gGeX0SASRraNJjZdCNK
-----END CERTIFICATE-----
Generated at Fri Nov 17 19:38:55 2023 by rpki-client on console-ams.rpki-client.org