Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AF1vN0dTCrll0Aj2CSRwmyvKnp0.roa
File: AF1vN0dTCrll0Aj2CSRwmyvKnp0.roa (raw, json)
Hash identifier: w7FFnb7XuBMb5AcQGz2z3k2EAryTMBmIsNs0hScvI6o=
Subject key identifier: 00:5D:6F:37:47:53:0A:B9:65:D0:08:F6:09:24:70:9B:2B:CA:9E:9D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0192FD328D614913F999F9109EF0A5A705CB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AF1vN0dTCrll0Aj2CSRwmyvKnp0.roa
Signing time: Tue 05 Nov 2024 16:40:01 +0000
ROA not before: Tue 05 Nov 2024 16:40:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.17.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:32:8d:61:49:13:f9:99:f9:10:9e:f0:a5:a7:05:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 5 16:40:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=005d6f3747530ab965d008f60924709b2bca9e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a5:44:aa:2b:5e:0e:44:df:13:14:c4:86:56:
18:f1:43:99:f4:af:9b:66:7f:3e:55:95:55:d4:35:
37:2e:72:f4:db:fd:0d:6b:df:e9:b1:e5:a7:20:d7:
a6:78:0f:18:27:b8:2b:08:2c:25:fd:15:7b:a5:99:
57:b8:cb:26:93:ad:cc:b6:78:13:4d:ec:38:2e:d2:
68:f9:40:a5:60:aa:d3:17:c8:ba:49:09:97:86:e9:
30:c7:68:9f:e9:eb:d9:2a:75:39:d1:73:35:1b:2d:
98:78:08:9f:24:59:4b:14:09:46:16:0a:33:c4:36:
88:b1:4f:83:84:cb:21:64:ab:1c:09:58:33:2d:52:
1e:a3:d1:dc:44:73:7a:02:c4:3a:1a:a0:08:c4:43:
bf:66:0b:da:37:47:b3:a3:7d:23:5d:fb:97:bf:8f:
af:40:be:1b:f8:68:dd:01:6c:bb:bd:75:50:f2:59:
10:a4:15:69:db:9b:29:07:3d:25:3b:90:63:08:64:
c1:74:d8:43:45:c1:73:39:83:61:58:32:d0:ca:c2:
d4:95:d0:ad:ab:16:ab:b5:0e:a4:2c:81:5f:6d:76:
80:33:04:65:1e:fe:8d:99:0c:89:2f:e0:cf:7c:58:
7a:6c:80:01:f7:d5:c4:cd:74:4e:3a:a0:54:b5:2a:
77:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5D:6F:37:47:53:0A:B9:65:D0:08:F6:09:24:70:9B:2B:CA:9E:9D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AF1vN0dTCrll0Aj2CSRwmyvKnp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.17.0/24
163.5.30.0/24
163.5.59.0/24
163.5.73.0/24
163.5.89.0/24
163.5.92.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
20:3c:cd:83:68:b3:1e:a2:5d:ca:cb:4f:19:67:b2:a4:21:eb:
03:79:2d:62:cd:dc:70:aa:53:36:8a:f2:40:ef:9a:25:11:98:
b5:33:6a:d8:cc:c8:4d:31:66:7d:e6:07:d8:bb:1c:71:75:e1:
e9:5b:c2:26:08:09:c1:47:f8:e4:e6:b1:15:86:fe:b8:78:ab:
28:cb:a4:0a:b2:67:5b:e1:6a:a6:55:6b:cd:33:c9:02:ff:33:
7b:02:63:fe:9a:6b:63:8c:96:7d:eb:3c:6d:5c:54:7a:4b:03:
6f:81:76:33:2e:20:c1:8d:14:c3:35:9f:19:d4:28:9a:3d:45:
50:76:20:fd:a9:74:69:51:1b:8b:4c:b5:a8:85:e2:11:c4:04:
ff:3f:7d:c8:5b:73:be:b3:c3:02:cf:07:4f:8e:08:9a:82:7c:
a9:af:28:08:e8:80:c2:4b:f4:2b:fe:4f:e3:5a:ca:fa:2b:b9:
38:f1:d6:7a:3a:b5:ee:80:6d:73:97:cf:cf:ac:53:26:b8:25:
74:36:49:b0:ea:31:72:5f:c6:02:ef:35:97:b6:ec:af:63:29:
0e:df:87:35:fa:3c:74:dc:a4:75:a9:21:7d:c9:8e:93:61:29:
76:90:14:c7:fb:ce:a1:ab:1b:e1:c1:6e:bf:02:71:e7:97:2c:
73:ff:b7:a2
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZL9Mo1hSRP5mfkQnvClpwXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTA1MTY0MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDVkNmYzNzQ3NTMwYWI5NjVkMDA4ZjYwOTI0NzA5YjJiY2E5ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36VEqiteDkTfExTEhlYY8UOZ9K+b
Zn8+VZVV1DU3LnL02/0Na9/pseWnINemeA8YJ7grCCwl/RV7pZlXuMsmk63MtngT
Tew4LtJo+UClYKrTF8i6SQmXhukwx2if6evZKnU50XM1Gy2YeAifJFlLFAlGFgoz
xDaIsU+DhMshZKscCVgzLVIeo9HcRHN6AsQ6GqAIxEO/ZgvaN0ezo30jXfuXv4+v
QL4b+GjdAWy7vXVQ8lkQpBVp25spBz0lO5BjCGTBdNhDRcFzOYNhWDLQysLUldCt
qxartQ6kLIFfbXaAMwRlHv6NmQyJL+DPfFh6bIAB99XEzXROOqBUtSp3xQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFABdbzdHUwq5ZdAI9gkkcJsryp6dMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQUYxdk4wZFRDcmxsMEFqMkNTUndteXZLbnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBACj
BREDBACjBR4DBACjBTsDBACjBUkDBACjBVkDBACjBVwwDAMEAaMFbgMEAaMFcAME
AKMFeQMEAKMFfgMEAaMFgAMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlwMEAKMFoAME
AKMFpwMEAKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAaMFyDAMAwQAowXLAwQAowXO
AwQAowXaAwQAowXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9MA0GCSqGSIb3DQEB
CwUAA4IBAQAgPM2DaLMeol3Ky08ZZ7KkIesDeS1izdxwqlM2ivJA75olEZi1M2rY
zMhNMWZ95gfYuxxxdeHpW8ImCAnBR/jk5rEVhv64eKsoy6QKsmdb4WqmVWvNM8kC
/zN7AmP+mmtjjJZ96zxtXFR6SwNvgXYzLiDBjRTDNZ8Z1CiaPUVQdiD9qXRpURuL
TLWoheIRxAT/P33IW3O+s8MCzwdPjgiagnyprygI6IDCS/Qr/k/jWsr6K7k48dZ6
OrXugG1zl8/PrFMmuCV0Nkmw6jFyX8YC7zWXtuyvYykO34c1+jx03KR1qSF9yY6T
YSl2kBTH+86hqxvhwW6/AnHnlyxz/7ei
-----END CERTIFICATE-----
Generated at Thu Nov 7 23:22:10 2024 by rpki-client on console-ams.rpki-client.org