Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9CPj6-cHRpfBiYfBuSRR8OZduag.roa
File: 9CPj6-cHRpfBiYfBuSRR8OZduag.roa (raw, json)
Hash identifier: SI4xmxrivBtaEIGRWXJtUd/xQY05LvYBsZyptVVWTvw=
Subject key identifier: F4:23:E3:EB:E7:07:46:97:C1:89:87:C1:B9:24:51:F0:E6:5D:B9:A8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018AE1079C8F61599FFE2B19F0753216D597
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9CPj6-cHRpfBiYfBuSRR8OZduag.roa
Signing time: Fri 29 Sep 2023 13:01:26 +0000
ROA not before: Fri 29 Sep 2023 13:01:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.231.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.235.0/24 maxlen: 24
163.5.242.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.251.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.78.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.87.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.104.0/24 maxlen: 24
163.5.105.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.58.0/24 maxlen: 24
163.5.64.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.198.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.217.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.219.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.122.0/24 maxlen: 24
163.5.123.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.137.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.172.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:07:9c:8f:61:59:9f:fe:2b:19:f0:75:32:16:d5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 29 13:01:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f423e3ebe7074697c18987c1b92451f0e65db9a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5c:e7:d5:9e:90:8f:de:9e:34:20:1c:b9:c3:
2c:8f:16:86:0a:bf:98:e8:59:cf:23:d2:a8:96:a8:
7a:7f:1e:b0:f6:7b:e2:f3:06:93:e7:09:77:21:42:
28:97:0d:24:00:95:7a:bf:06:8a:77:5c:70:fc:a4:
52:d6:24:da:43:78:7f:de:e8:4b:90:14:b9:ea:91:
05:7e:39:68:fa:fc:aa:f6:05:db:8d:0f:4e:86:cf:
11:05:b1:c7:86:23:c7:2b:cb:c8:f0:ea:d3:cc:b4:
7f:88:ac:cb:be:34:53:03:4c:ef:0c:9e:f0:5f:00:
e4:4e:1a:ea:f2:1d:52:ea:00:9c:a1:73:38:61:58:
3b:fc:df:1f:ba:5f:37:34:44:2f:46:c6:b4:b6:23:
99:50:04:10:27:8e:c1:a9:0e:e1:32:70:f4:46:53:
93:f7:cb:1b:3f:17:7d:16:91:ac:c4:0f:6a:cd:d2:
e8:80:75:37:a7:b1:42:a1:87:da:26:52:58:70:8f:
c6:04:ff:31:74:b0:be:5c:6f:1d:bf:d4:6d:17:2c:
b0:e2:c4:7b:c0:28:81:8e:c3:ce:62:06:76:2f:94:
b0:26:47:6a:5a:d3:66:b9:76:a4:0b:87:10:a0:3d:
9c:55:70:c2:01:cf:15:1c:e6:2f:ca:29:51:7e:87:
5d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:23:E3:EB:E7:07:46:97:C1:89:87:C1:B9:24:51:F0:E6:5D:B9:A8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9CPj6-cHRpfBiYfBuSRR8OZduag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.33.0-163.5.36.255
163.5.58.0/24
163.5.62.0/24
163.5.64.0/24
163.5.66.0/24
163.5.71.0/24
163.5.78.0/23
163.5.83.0/24
163.5.86.0/23
163.5.89.0/24
163.5.94.0/23
163.5.97.0/24
163.5.99.0-163.5.100.255
163.5.104.0-163.5.106.255
163.5.110.0-163.5.114.255
163.5.121.0-163.5.123.255
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.137.0/24
163.5.139.0/24
163.5.141.0-163.5.143.255
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/24
163.5.165.0/24
163.5.167.0/24
163.5.170.0-163.5.172.255
163.5.175.0-163.5.176.255
163.5.178.0/23
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.195.0/24
163.5.198.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.212.0/23
163.5.216.0-163.5.220.255
163.5.224.0/24
163.5.228.0/24
163.5.231.0/24
163.5.235.0/24
163.5.241.0-163.5.242.255
163.5.247.0/24
163.5.249.0-163.5.253.255
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
07:5b:e3:6d:7c:c5:37:c3:4d:73:10:64:20:9e:72:75:72:00:
09:56:80:0e:fe:4b:49:bf:a1:5d:be:80:ff:c9:ce:53:c3:5a:
9f:c5:df:94:02:12:c0:22:69:24:12:f0:f7:1f:b0:85:e2:c2:
13:66:86:f6:86:73:5e:49:ce:9c:dd:8b:ef:8b:3d:d9:c6:ae:
21:c8:0e:8e:76:c5:7a:8c:6e:e5:11:27:bd:77:f2:a0:50:9d:
48:a3:46:f4:bd:8f:44:1f:2e:f7:2c:e8:f4:64:36:22:4c:52:
fb:c0:a1:66:5b:66:f1:82:9a:cb:b4:90:9c:c5:4c:bd:4a:c6:
5a:3e:88:b2:68:82:e6:b5:70:23:85:6d:76:15:b2:56:72:2d:
0e:c6:bf:74:f6:a8:dc:c6:28:7c:8f:26:ad:c2:aa:15:97:41:
a9:97:eb:61:4f:56:d4:1a:9d:e1:cf:a5:b3:1f:8e:be:6f:4d:
1d:ef:b8:c9:c1:05:2e:2a:04:da:7f:28:72:7c:cb:36:88:a5:
b3:21:33:9d:45:eb:b5:6e:11:7c:f5:99:90:e1:a9:2a:f1:b6:
a0:65:86:70:62:b6:23:86:6e:91:e6:9f:4f:27:19:2d:a3:78:
ec:50:2c:f1:ff:22:a4:16:57:91:ca:15:c5:4b:a2:4d:fb:54:
f8:e8:6e:35
-----BEGIN CERTIFICATE-----
MIIGmzCCBYOgAwIBAgISAYrhB5yPYVmf/isZ8HUyFtWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTI5MTMwMTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDIzZTNlYmU3MDc0Njk3YzE4OTg3YzFiOTI0NTFmMGU2NWRiOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVzn1Z6Qj96eNCAcucMsjxaGCr+Y
6FnPI9Kolqh6fx6w9nvi8waT5wl3IUIolw0kAJV6vwaKd1xw/KRS1iTaQ3h/3uhL
kBS56pEFfjlo+vyq9gXbjQ9Ohs8RBbHHhiPHK8vI8OrTzLR/iKzLvjRTA0zvDJ7w
XwDkThrq8h1S6gCcoXM4YVg7/N8ful83NEQvRsa0tiOZUAQQJ47BqQ7hMnD0RlOT
98sbPxd9FpGsxA9qzdLogHU3p7FCoYfaJlJYcI/GBP8xdLC+XG8dv9RtFyyw4sR7
wCiBjsPOYgZ2L5SwJkdqWtNmuXakC4cQoD2cVXDCAc8VHOYvyilRfodd9QIDAQAB
o4IDpzCCA6MwHQYDVR0OBBYEFPQj4+vnB0aXwYmHwbkkUfDmXbmoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOUNQajYtY0hScGZCaVlmQnVTUlI4T1pkdWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBuwYIKwYBBQUHAQcBAf8EggGqMIIBpjCCAaIEAgABMIIB
mgMEAKMFHjAMAwQAowUhAwQAowUkAwQAowU6AwQAowU+AwQAowVAAwQAowVCAwQA
owVHAwQBowVOAwQAowVTAwQBowVWAwQAowVZAwQBowVeAwQAowVhMAwDBACjBWMD
BACjBWQwDAMEA6MFaAMEAKMFajAMAwQBowVuAwQAowVyMAwDBACjBXkDBAKjBXgD
BACjBX4DBACjBYADBACjBYYDBACjBYkDBACjBYswDAMEAKMFjQMEBKMFgAMEAKMF
kgMEAKMFlAMEAaMFlgMEAKMFnAMEAKMFoAMEAKMFpQMEAKMFpzAMAwQBowWqAwQA
owWsMAwDBACjBa8DBACjBbADBAGjBbIwDAMEAKMFtQMEAKMFtgMEAKMFugMEAaMF
vAMEAKMFvwMEAKMFwwMEAKMFxgMEAKMFyTAMAwQAowXLAwQBowXMAwQBowXUMAwD
BAOjBdgDBACjBdwDBACjBeADBACjBeQDBACjBecDBACjBeswDAMEAKMF8QMEAKMF
8gMEAKMF9zAMAwQAowX5AwQBowX8AwQAowX/MA0GCSqGSIb3DQEBCwUAA4IBAQAH
W+NtfMU3w01zEGQgnnJ1cgAJVoAO/ktJv6FdvoD/yc5Tw1qfxd+UAhLAImkkEvD3
H7CF4sITZob2hnNeSc6c3Yvviz3Zxq4hyA6OdsV6jG7lESe9d/KgUJ1Io0b0vY9E
Hy73LOj0ZDYiTFL7wKFmW2bxgprLtJCcxUy9SsZaPoiyaILmtXAjhW12FbJWci0O
xr909qjcxih8jyatwqoVl0Gpl+thT1bUGp3hz6WzH46+b00d77jJwQUuKgTafyhy
fMs2iKWzITOdReu1bhF89ZmQ4akq8bagZYZwYrYjhm6R5p9PJxkto3jsUCzx/yKk
FleRyhXFS6JN+1T46G41
-----END CERTIFICATE-----
Generated at Fri Sep 29 13:59:39 2023 by rpki-client on console-fra.rpki-client.org