Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CHHhFenbB8HNrZa8RZOJ62QAjmU.roa
File: CHHhFenbB8HNrZa8RZOJ62QAjmU.roa (raw, json)
Hash identifier: 5sf6b0a4exb+1hs/lkI6MK14KNOLBhM5MnkjONVBzEo=
Subject key identifier: 08:71:E1:15:E9:DB:07:C1:CD:AD:96:BC:45:93:89:EB:64:00:8E:65
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C01ECBE2F89976277EBECC2136F1BC401
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CHHhFenbB8HNrZa8RZOJ62QAjmU.roa
Signing time: Fri 24 Nov 2023 15:22:21 +0000
ROA not before: Fri 24 Nov 2023 15:22:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:01:ec:be:2f:89:97:62:77:eb:ec:c2:13:6f:1b:c4:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 24 15:22:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0871e115e9db07c1cdad96bc459389eb64008e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7f:36:85:d8:7b:d6:0b:a3:21:08:61:ef:cd:
40:1f:17:44:b4:ae:21:42:4f:cf:d4:d7:1a:52:14:
99:c7:af:60:c1:22:14:51:c3:a8:e5:57:91:10:db:
c5:30:70:81:40:af:51:ef:b4:3a:62:be:1a:5e:d1:
f2:96:ce:24:86:48:e9:6e:a6:62:b2:d7:d1:3c:e0:
1c:10:45:27:6d:91:e9:f3:d0:86:ba:f7:d4:6e:c0:
6b:c5:b1:64:b1:84:40:4c:49:09:24:9c:a1:33:d9:
54:6e:8c:7a:77:88:be:f8:cd:ac:db:c8:93:0e:27:
7a:e9:55:53:d2:02:0c:cf:94:86:ea:5f:e7:8e:4b:
16:12:fd:4e:cb:82:3b:67:05:22:69:7e:97:74:2d:
92:fd:42:b1:bd:25:76:8b:45:ce:20:81:2f:0a:e7:
fd:02:9f:57:0e:e9:5a:49:b0:a1:d1:93:2e:7e:57:
ea:18:d1:a9:91:94:83:4d:b0:78:cf:37:4e:00:8b:
50:bd:46:ad:6f:f8:85:12:a6:a6:cf:09:80:97:1d:
b8:c3:ff:5a:00:a1:17:31:0b:7a:5d:03:57:24:7d:
df:4f:42:28:92:88:bb:fb:65:03:de:c4:b5:c7:ef:
40:84:82:6a:94:7c:d8:0d:24:92:58:1d:c9:f4:90:
73:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:71:E1:15:E9:DB:07:C1:CD:AD:96:BC:45:93:89:EB:64:00:8E:65
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CHHhFenbB8HNrZa8RZOJ62QAjmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.35.0-163.5.36.255
163.5.62.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.99.0/24
163.5.106.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.138.0/23
163.5.142.0/23
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/24
163.5.167.0/24
163.5.170.0/24
163.5.176.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
18:d2:1e:22:f9:db:cf:f1:37:50:41:3c:d3:e7:6a:57:7a:5e:
67:46:70:41:f8:30:eb:2b:01:90:45:b3:c8:fa:a4:42:80:73:
e4:c8:e3:c7:41:54:8e:c7:16:64:c1:1e:74:f6:2b:dd:42:0f:
7e:61:f7:fe:ab:9a:b7:80:2e:6e:45:67:80:60:ce:db:5c:05:
78:cb:3e:ce:f6:de:77:29:e7:7c:a5:40:69:8d:cf:df:4a:86:
27:2b:e0:02:23:08:14:26:0e:1f:35:13:b4:67:b9:dd:ed:94:
b8:dc:53:5c:a3:b1:f8:21:78:5e:02:03:d2:4c:16:92:5b:85:
e7:25:68:5a:f7:2c:c4:18:1e:ba:d6:b3:c0:88:c5:e0:54:dd:
10:46:eb:96:c3:00:14:ef:4f:a0:e0:36:89:79:f8:09:4b:73:
fd:ad:b9:98:03:f4:32:31:e7:a7:8b:bc:f0:54:3f:7e:89:b4:
44:ed:07:e7:01:b1:9b:2e:d4:d0:71:4d:08:b8:be:ea:5d:60:
25:23:ca:21:fc:b4:6e:15:aa:b3:a4:3e:97:44:50:46:ab:07:
28:1c:7e:62:73:ff:02:b9:17:4b:e9:65:29:62:05:47:e9:d5:
cd:18:9e:a9:cf:40:a5:e2:15:6b:f4:e7:f7:41:96:51:52:1b:
54:c2:ea:48
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAYwB7L4viZdid+vswhNvG8QBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTI0MTUyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODcxZTExNWU5ZGIwN2MxY2RhZDk2YmM0NTkzODllYjY0MDA4ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX82hdh71gujIQhh781AHxdEtK4h
Qk/P1NcaUhSZx69gwSIUUcOo5VeRENvFMHCBQK9R77Q6Yr4aXtHyls4khkjpbqZi
stfRPOAcEEUnbZHp89CGuvfUbsBrxbFksYRATEkJJJyhM9lUbox6d4i++M2s28iT
Did66VVT0gIMz5SG6l/njksWEv1Oy4I7ZwUiaX6XdC2S/UKxvSV2i0XOIIEvCuf9
Ap9XDulaSbCh0ZMuflfqGNGpkZSDTbB4zzdOAItQvUatb/iFEqamzwmAlx24w/9a
AKEXMQt6XQNXJH3fT0Iokoi7+2UD3sS1x+9AhIJqlHzYDSSSWB3J9JBzLQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFAhx4RXp2wfBza2WvEWTietkAI5lMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQ0hIaEZlbmJCOEhOclphOFJaT0o2MlFBam1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAKMFHjAMAwQAowUjAwQAowUkAwQAowU+AwQAowVPAwQAowVTAwQAowVZAwQB
owVeAwQAowVjAwQAowVqMAwDBAGjBW4DBAGjBXADBACjBXkDBACjBX4DBACjBYAD
BACjBYYDBAGjBYoDBAGjBY4DBACjBZIDBACjBZQDBAGjBZYDBACjBZwDBACjBaAD
BACjBacDBACjBaoDBACjBbADBACjBbIwDAMEAKMFtQMEAKMFtgMEAKMFugMEAaMF
vAMEAKMFvwMEAKMFxwMEAKMFyTAMAwQAowXLAwQBowXMAwQAowXaAwQAowXgAwQA
owXkAwQAowXxAwQAowX6AwQAowX9AwQAowX/MA0GCSqGSIb3DQEBCwUAA4IBAQAY
0h4i+dvP8TdQQTzT52pXel5nRnBB+DDrKwGQRbPI+qRCgHPkyOPHQVSOxxZkwR50
9ivdQg9+Yff+q5q3gC5uRWeAYM7bXAV4yz7O9t53Ked8pUBpjc/fSoYnK+ACIwgU
Jg4fNRO0Z7nd7ZS43FNco7H4IXheAgPSTBaSW4XnJWha9yzEGB661rPAiMXgVN0Q
RuuWwwAU70+g4DaJefgJS3P9rbmYA/QyMeeni7zwVD9+ibRE7QfnAbGbLtTQcU0I
uL7qXWAlI8oh/LRuFaqzpD6XRFBGqwcoHH5ic/8CuRdL6WUpYgVH6dXNGJ6pz0Cl
4hVr9Of3QZZRUhtUwupI
-----END CERTIFICATE-----
Generated at Mon Nov 27 10:13:52 2023 by rpki-client on console-fra.rpki-client.org