Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DB64sh5tPHGZ6xPFygm58tqTbAA.roa
File: DB64sh5tPHGZ6xPFygm58tqTbAA.roa (raw, json)
Hash identifier: gUBl2PiLQmHPS18oU0RgrTdYVhTmCHXNp4j7OYoJ5Yo=
Subject key identifier: 0C:1E:B8:B2:1E:6D:3C:71:99:EB:13:C5:CA:09:B9:F2:DA:93:6C:00
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C45666E09BE8BC19C3279E9A4C160C82E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DB64sh5tPHGZ6xPFygm58tqTbAA.roa
Signing time: Thu 07 Dec 2023 17:49:49 +0000
ROA not before: Thu 07 Dec 2023 17:49:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.219.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:45:66:6e:09:be:8b:c1:9c:32:79:e9:a4:c1:60:c8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 7 17:49:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c1eb8b21e6d3c7199eb13c5ca09b9f2da936c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:16:9f:a1:40:ae:13:b5:69:45:99:c2:81:61:
cd:cf:96:8f:c0:23:4a:ce:4e:81:0e:78:e0:9b:b2:
af:03:91:de:b5:dc:fd:f2:3b:7f:63:e4:18:da:bc:
6f:0b:17:13:bf:92:ca:a4:02:fc:91:63:75:43:1a:
85:90:f3:1e:50:75:11:2b:b1:bd:5f:8e:55:4c:e9:
10:2f:5b:89:71:3a:4e:5d:2a:9b:72:e6:f1:2a:d8:
7c:8e:8b:0f:40:0f:98:dd:9a:1a:bc:1d:ed:5f:fc:
36:50:2a:a8:d4:25:6e:d1:02:59:cf:3d:88:71:bf:
a2:45:8b:eb:c3:45:4d:70:c5:15:0e:02:3b:72:77:
80:2e:ce:21:c7:4b:bf:1a:4a:c7:1b:74:05:6d:61:
24:d5:a9:bd:9f:ef:5b:46:82:1e:7d:20:b0:0c:e0:
e1:e5:00:20:ce:19:1c:2a:e3:68:de:a6:77:28:e8:
27:f0:19:57:2b:1c:4e:14:e0:87:b0:30:80:8b:a7:
af:fa:c5:51:b0:a2:15:f8:fa:a0:99:21:9a:1e:fa:
6c:77:04:5d:b1:fc:14:69:c4:c7:e0:6e:4c:ca:0d:
33:9e:ce:cd:2a:d2:10:ce:fc:50:ae:84:8b:4c:bc:
b6:66:d5:5e:8a:97:2b:43:5d:02:0e:6e:88:bb:0f:
95:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1E:B8:B2:1E:6D:3C:71:99:EB:13:C5:CA:09:B9:F2:DA:93:6C:00
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DB64sh5tPHGZ6xPFygm58tqTbAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.36.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.106.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.139.0/24
163.5.142.0/23
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/24
163.5.167.0/24
163.5.170.0/24
163.5.176.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.212.0/24
163.5.218.0/23
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.248.0/24
163.5.250.0/24
163.5.253.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:7b:e1:db:ab:d0:40:65:77:c3:21:b1:57:89:e3:af:67:f6:
cb:07:8a:f8:89:7a:dc:04:33:4b:aa:1a:dd:06:15:df:c3:e2:
62:31:63:2b:f0:95:74:a1:2b:26:26:9d:24:43:13:79:8d:94:
e7:09:a2:42:92:e4:c5:c7:56:c5:5c:64:df:ff:ba:07:2d:7d:
33:4f:6f:d1:77:bf:bb:aa:2b:e4:7f:4b:83:8f:36:11:88:a2:
98:f3:32:72:c1:e1:73:62:09:7b:38:96:55:a8:ed:bd:e5:87:
be:cb:76:c7:25:f7:ed:96:19:53:f6:a7:f1:df:83:08:99:e9:
05:92:b4:76:c3:93:41:3f:02:0c:5f:a7:fa:6a:0b:79:a8:e0:
d5:30:f6:c0:65:9d:d4:f6:b1:17:f4:f0:38:6a:46:42:ef:43:
70:7f:df:55:33:70:1b:b8:4f:22:6e:23:db:18:b8:41:f9:e2:
b7:57:39:fa:7c:4e:55:41:a2:05:33:61:09:f7:0b:60:77:92:
f3:9a:a7:87:2c:31:3b:02:69:cc:1c:30:3f:75:38:3e:b9:1a:
2b:d2:f6:70:86:09:2f:71:da:c8:be:e1:cd:2d:86:ab:cf:60:
b3:40:f0:18:81:c3:f1:ea:9a:1f:d6:e4:be:ff:5f:93:86:e0:
38:83:e7:1a
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAYxFZm4JvovBnDJ56aTBYMguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjA3MTc0OTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzFlYjhiMjFlNmQzYzcxOTllYjEzYzVjYTA5YjlmMmRhOTM2YzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphafoUCuE7VpRZnCgWHNz5aPwCNK
zk6BDnjgm7KvA5Hetdz98jt/Y+QY2rxvCxcTv5LKpAL8kWN1QxqFkPMeUHURK7G9
X45VTOkQL1uJcTpOXSqbcubxKth8josPQA+Y3ZoavB3tX/w2UCqo1CVu0QJZzz2I
cb+iRYvrw0VNcMUVDgI7cneALs4hx0u/GkrHG3QFbWEk1am9n+9bRoIefSCwDODh
5QAgzhkcKuNo3qZ3KOgn8BlXKxxOFOCHsDCAi6ev+sVRsKIV+PqgmSGaHvpsdwRd
sfwUacTH4G5Myg0zns7NKtIQzvxQroSLTLy2ZtVeipcrQ10CDm6Iuw+V3wIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFAweuLIebTxxmesTxcoJufLak2wAMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvREI2NHNoNXRQSEdaNnhQRnlnbTU4dHFUYkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAKMFHgMEAKMFJAMEAKMFTwMEAKMFUwMEAKMFWQMEAaMFXgMEAKMFajAMAwQB
owVuAwQBowVwAwQAowV5AwQAowV+AwQAowWAAwQAowWGAwQAowWLAwQBowWOAwQA
owWSAwQAowWUAwQBowWWAwQAowWcAwQAowWgAwQAowWnAwQAowWqAwQAowWwAwQA
owWyMAwDBACjBbUDBACjBbYDBACjBboDBAGjBbwDBACjBb8DBACjBccDBACjBckw
DAMEAKMFywMEAaMFzAMEAKMF1AMEAaMF2gMEAKMF4AMEAKMF5AMEAKMF8QMEAKMF
+AMEAKMF+gMEAKMF/QMEAKMF/zANBgkqhkiG9w0BAQsFAAOCAQEAqHvh26vQQGV3
wyGxV4njr2f2yweK+Il63AQzS6oa3QYV38PiYjFjK/CVdKErJiadJEMTeY2U5wmi
QpLkxcdWxVxk3/+6By19M09v0Xe/u6or5H9Lg482EYiimPMycsHhc2IJeziWVajt
veWHvst2xyX37ZYZU/an8d+DCJnpBZK0dsOTQT8CDF+n+moLeajg1TD2wGWd1Pax
F/TwOGpGQu9DcH/fVTNwG7hPIm4j2xi4Qfnit1c5+nxOVUGiBTNhCfcLYHeS85qn
hywxOwJpzBwwP3U4PrkaK9L2cIYJL3HayL7hzS2Gq89gs0DwGIHD8eqaH9bkvv9f
k4bgOIPnGg==
-----END CERTIFICATE-----
Generated at Sun Dec 10 18:15:06 2023 by rpki-client on console-ams.rpki-client.org