Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CLAyWqBTitL2vR4W5CZGYb4NQYg.roa
File: CLAyWqBTitL2vR4W5CZGYb4NQYg.roa (raw, json)
Hash identifier: TbtABMrJqvudhKkE+vOKvDFAiEzmhrhbMhq4cZUV7Sc=
Subject key identifier: 08:B0:32:5A:A0:53:8A:D2:F6:BD:1E:16:E4:26:46:61:BE:0D:41:88
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01916C489923B48CE1AE1FD5BD12A30E7594
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CLAyWqBTitL2vR4W5CZGYb4NQYg.roa
Signing time: Mon 19 Aug 2024 20:16:22 +0000
ROA not before: Mon 19 Aug 2024 20:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.232.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 04:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6c:48:99:23:b4:8c:e1:ae:1f:d5:bd:12:a3:0e:75:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 19 20:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08b0325aa0538ad2f6bd1e16e4264661be0d4188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b7:65:d3:ec:a5:30:3e:01:b3:17:e6:d5:64:
25:78:41:89:0e:9b:dc:be:41:13:73:19:dc:a7:d3:
b0:a2:18:12:79:17:92:b6:0e:0b:2f:9a:d5:1f:da:
ed:f6:96:42:c9:94:84:66:3b:83:8b:24:9c:db:e4:
8c:dc:24:ad:ab:53:e5:e1:51:8f:a6:66:84:71:2a:
7c:da:9e:f9:c7:dd:e3:50:8f:89:0c:2b:ec:cb:a1:
2a:5f:80:5f:54:14:67:d2:d1:45:bf:69:a1:15:4c:
71:76:40:17:ec:9c:7e:80:30:90:93:c5:5d:18:c6:
45:13:83:9e:8c:a8:a6:09:fe:a8:7d:8c:68:17:7f:
cc:31:9a:85:13:70:d9:2b:3f:b8:23:97:2d:6d:cf:
f2:f4:36:dc:70:e7:e4:63:f7:ce:0f:f0:72:f2:15:
15:5c:57:23:a0:e6:5f:a0:d4:6f:35:27:57:76:23:
0e:95:f0:df:48:ab:ac:ac:34:dc:d5:29:0e:28:ea:
1c:81:5e:ce:29:28:ab:75:08:05:e2:42:70:1e:3b:
bc:51:b3:96:86:a3:a2:17:10:1e:91:34:86:d1:d5:
ff:a7:21:7c:aa:fb:e8:02:de:72:cb:14:9f:3e:28:
90:00:9a:b7:37:70:a1:fa:ab:ca:62:34:67:c7:b2:
49:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B0:32:5A:A0:53:8A:D2:F6:BD:1E:16:E4:26:46:61:BE:0D:41:88
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CLAyWqBTitL2vR4W5CZGYb4NQYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.51.0/24
163.5.59.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.166.0-163.5.168.255
163.5.173.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.232.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
10:e8:ff:11:7b:27:f6:a8:00:c1:9a:ec:6b:6d:d3:a9:05:83:
b0:12:02:ea:b3:4e:6b:fa:2e:fd:07:e4:da:cb:7c:a5:38:89:
ba:ce:ac:10:29:ad:0c:77:48:6c:21:d8:29:40:cb:17:07:47:
f0:15:fd:be:01:60:0b:09:1e:6a:22:06:94:b8:fd:39:33:25:
6d:64:c3:60:70:2b:90:ba:ab:49:21:1d:86:55:9d:3b:f5:71:
1c:e1:b2:e6:1c:aa:ae:25:72:60:41:23:93:91:b4:b6:11:47:
df:e7:a5:ef:7a:af:59:13:3f:5c:43:3f:9b:3b:e4:f8:36:f1:
4f:5c:b4:61:d7:8d:d5:42:2d:c0:2b:d4:90:b3:8d:28:74:07:
be:d9:c3:e1:1d:b3:93:cb:83:0b:11:c0:dd:6f:0e:d6:a7:aa:
40:6f:c2:0f:4f:2c:40:e8:58:f8:91:a5:e8:79:2a:68:7f:32:
87:ba:7d:01:77:ad:e5:33:36:d6:58:94:10:f7:aa:70:fb:ea:
b2:c1:c7:d7:f1:7b:f4:7f:41:bc:1e:8a:26:ab:87:05:a5:d1:
c9:51:f6:d6:63:84:50:e9:81:87:26:a8:96:cc:84:f9:a2:65:
ea:bc:c9:d9:be:6d:2c:24:bd:e1:9d:ab:ad:25:71:ee:87:09:
bf:7a:db:87
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZFsSJkjtIzhrh/VvRKjDnWUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwODE5MjAxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGIwMzI1YWEwNTM4YWQyZjZiZDFlMTZlNDI2NDY2MWJlMGQ0MTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47dl0+ylMD4Bsxfm1WQleEGJDpvc
vkETcxncp9OwohgSeReStg4LL5rVH9rt9pZCyZSEZjuDiySc2+SM3CStq1Pl4VGP
pmaEcSp82p75x93jUI+JDCvsy6EqX4BfVBRn0tFFv2mhFUxxdkAX7Jx+gDCQk8Vd
GMZFE4OejKimCf6ofYxoF3/MMZqFE3DZKz+4I5ctbc/y9DbccOfkY/fOD/By8hUV
XFcjoOZfoNRvNSdXdiMOlfDfSKusrDTc1SkOKOocgV7OKSirdQgF4kJwHju8UbOW
hqOiFxAekTSG0dX/pyF8qvvoAt5yyxSfPiiQAJq3N3Ch+qvKYjRnx7JJLQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFAiwMlqgU4rS9r0eFuQmRmG+DUGIMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQ0xBeVdxQlRpdEwydlI0VzVDWkdZYjROUVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBACj
BR4DBACjBTMDBACjBTsDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQCowV8
AwQAowV+AwQBowWAAwQAowWLAwQAowWPAwQAowWSAwQAowWXAwQAowWgMAwDBAGj
BaYDBACjBagDBACjBa0DBACjBbIDBACjBbYDBAGjBbwDBACjBb8DBAGjBcgwDAME
AKMFywMEAKMFzgMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF6AMEAKMF8QMEAKMF+gME
AKMF/TANBgkqhkiG9w0BAQsFAAOCAQEAEOj/EXsn9qgAwZrsa23TqQWDsBIC6rNO
a/ou/Qfk2st8pTiJus6sECmtDHdIbCHYKUDLFwdH8BX9vgFgCwkeaiIGlLj9OTMl
bWTDYHArkLqrSSEdhlWdO/VxHOGy5hyqriVyYEEjk5G0thFH3+el73qvWRM/XEM/
mzvk+DbxT1y0YdeN1UItwCvUkLONKHQHvtnD4R2zk8uDCxHA3W8O1qeqQG/CD08s
QOhY+JGl6HkqaH8yh7p9AXet5TM21liUEPeqcPvqssHH1/F79H9BvB6KJquHBaXR
yVH21mOEUOmBhyaolsyE+aJl6rzJ2b5tLCS94Z2rrSVx7ocJv3rbhw==
-----END CERTIFICATE-----
Generated at Wed Aug 21 05:41:59 2024 by rpki-client on console-ams.rpki-client.org