Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6O2pUs8dpdkSl1PKzEBgEhVClCI.roa
File: 6O2pUs8dpdkSl1PKzEBgEhVClCI.roa (raw, json)
Hash identifier: HQZgtWdY6GhU7sIppuhekr4swh+y+uPLnw5QyPI9xdI=
Subject key identifier: E8:ED:A9:52:CF:1D:A5:D9:12:97:53:CA:CC:40:60:12:15:42:94:22
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0196EE72E9EF6D7EE65D7BC1A7D5297D7C39
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6O2pUs8dpdkSl1PKzEBgEhVClCI.roa
Signing time: Tue 20 May 2025 16:07:10 +0000
ROA not before: Tue 20 May 2025 16:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.237.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 13:26:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ee:72:e9:ef:6d:7e:e6:5d:7b:c1:a7:d5:29:7d:7c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 20 16:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8eda952cf1da5d9129753cacc40601215429422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:72:d9:1f:80:51:9e:6d:9a:e8:91:b7:c7:30:
4c:00:70:43:e8:ca:df:fc:17:bb:73:70:6f:12:1f:
a7:79:46:c1:37:2f:c7:2b:e1:3c:57:0e:a8:10:33:
3f:a0:7b:f2:f3:b4:01:ee:7e:4d:1a:de:a6:a0:2e:
b8:4d:8b:bb:2a:db:62:c4:06:05:fa:d8:05:30:42:
05:53:0e:ca:41:20:ce:5b:cb:16:06:a4:2c:a5:d0:
8d:32:a5:ff:d2:06:1d:9d:4f:98:39:6c:9d:bc:ca:
ee:3a:f7:34:b9:6d:53:05:bf:30:14:5a:e6:8a:f7:
d4:df:cf:9c:4a:a7:dd:90:4c:8f:16:8f:f2:e7:e2:
af:74:7d:34:f6:4f:2e:41:c0:1e:09:9f:46:1c:6c:
16:f8:06:8a:86:4a:a5:93:b8:df:6e:55:9f:e5:21:
0f:8e:16:36:1e:48:1e:fc:c4:ba:1c:65:29:9d:59:
01:15:80:7e:44:44:a4:59:d2:24:32:b4:79:11:3d:
16:c0:17:22:5c:0f:44:37:59:35:6a:bf:f4:e5:3f:
be:e5:f5:eb:4e:0d:ce:e9:f6:54:d9:92:88:61:71:
ce:d8:c2:ec:5a:fa:ed:a4:b1:24:b8:33:64:fe:46:
15:3f:f7:a3:92:4f:95:97:a9:cc:4d:af:f9:f0:10:
b2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:ED:A9:52:CF:1D:A5:D9:12:97:53:CA:CC:40:60:12:15:42:94:22
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6O2pUs8dpdkSl1PKzEBgEhVClCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/23
163.5.59.0/24
163.5.66.0/24
163.5.73.0/24
163.5.112.0/23
163.5.119.0/24
163.5.121.0/24
163.5.128.0/23
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.164.0/24
163.5.167.0/24
163.5.173.0/24
163.5.178.0/24
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.216.0/24
163.5.218.0/24
163.5.221.0/24
163.5.223.0-163.5.224.255
163.5.228.0/24
163.5.230.0/24
163.5.233.0/24
163.5.237.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ee:28:e8:14:93:f9:60:7b:40:2d:26:31:b9:98:f4:dc:f5:
65:cb:dc:94:01:23:3b:32:0e:4b:1c:96:27:cb:d9:22:18:61:
10:0a:2e:92:a8:29:ab:d8:bf:7b:3c:6c:76:6d:5e:4c:05:91:
02:74:a8:1f:92:73:06:60:ae:27:ea:be:71:70:2d:1a:78:d9:
c8:05:d4:0d:c2:84:3e:be:9f:ec:a9:6d:54:55:7e:1c:cc:e2:
75:b5:c0:e4:55:8c:7f:c5:78:35:c8:98:ab:50:5a:1f:c6:59:
2b:c9:d5:f7:fb:12:70:a2:0f:95:2b:43:60:05:e8:89:14:7e:
e7:b1:8d:5d:f5:ce:79:95:38:87:bc:06:a4:3a:f7:19:4a:ec:
90:30:01:be:3c:30:bc:e5:7e:67:4a:56:41:c1:e0:1e:03:87:
cf:e7:96:5b:cf:ef:98:b5:ed:e8:7f:83:77:84:e1:ee:8e:a4:
0b:ca:8a:4d:f6:ac:e4:72:da:42:98:ed:0c:c3:9b:56:e5:7c:
ca:4c:b9:db:f8:43:da:2f:d7:64:50:be:26:14:06:e8:8a:9c:
83:77:18:59:cc:f4:b4:a4:1f:a9:e1:b9:ae:dd:23:16:f1:26:
62:58:95:57:db:b3:46:d8:29:91:71:31:0d:67:38:40:73:18:
9e:f3:35:63
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZbucunvbX7mXXvBp9UpfXw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNTIwMTYwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGVkYTk1MmNmMWRhNWQ5MTI5NzUzY2FjYzQwNjAxMjE1NDI5NDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA83LZH4BRnm2a6JG3xzBMAHBD6Mrf
/Be7c3BvEh+neUbBNy/HK+E8Vw6oEDM/oHvy87QB7n5NGt6moC64TYu7KttixAYF
+tgFMEIFUw7KQSDOW8sWBqQspdCNMqX/0gYdnU+YOWydvMruOvc0uW1TBb8wFFrm
ivfU38+cSqfdkEyPFo/y5+KvdH009k8uQcAeCZ9GHGwW+AaKhkqlk7jfblWf5SEP
jhY2Hkge/MS6HGUpnVkBFYB+RESkWdIkMrR5ET0WwBciXA9EN1k1ar/05T++5fXr
Tg3O6fZU2ZKIYXHO2MLsWvrtpLEkuDNk/kYVP/ejkk+Vl6nMTa/58BCyBwIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFOjtqVLPHaXZEpdTysxAYBIVQpQiMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNk8ycFVzOGRwZGtTbDFQS3pFQmdFaFZDbENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAGj
BR4DBACjBTsDBACjBUIDBACjBUkDBAGjBXADBACjBXcDBACjBXkDBAGjBYADBAGj
BYowDAMEAaMFjgMEAKMFkAMEAKMFkgMEAKMFlwMEAKMFoAMEAKMFogMEAKMFpAME
AKMFpwMEAKMFrQMEAKMFsgMEAKMFtgMEAKMFugMEAKMFvQMEAaMFyDAMAwQAowXL
AwQAowXOAwQAowXRAwQAowXYAwQAowXaAwQAowXdMAwDBACjBd8DBACjBeADBACj
BeQDBACjBeYDBACjBekDBACjBe0DBACjBfEwDQYJKoZIhvcNAQELBQADggEBAJnu
KOgUk/lge0AtJjG5mPTc9WXL3JQBIzsyDksclifL2SIYYRAKLpKoKavYv3s8bHZt
XkwFkQJ0qB+ScwZgrifqvnFwLRp42cgF1A3ChD6+n+ypbVRVfhzM4nW1wORVjH/F
eDXImKtQWh/GWSvJ1ff7EnCiD5UrQ2AF6IkUfuexjV31znmVOIe8BqQ69xlK7JAw
Ab48MLzlfmdKVkHB4B4Dh8/nllvP75i17eh/g3eE4e6OpAvKik32rORy2kKY7QzD
m1blfMpMudv4Q9ov12RQviYUBuiKnIN3GFnM9LSkH6nhua7dIxbxJmJYlVfbs0bY
KZFxMQ1nOEBzGJ7zNWM=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:07:01 2025 by rpki-client