Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GvkGabpkxljIcZVa3xKymYZ6-bI.roa
File: GvkGabpkxljIcZVa3xKymYZ6-bI.roa (raw, json)
Hash identifier: Ht7Mgp/rv3cg5WfkbmfU9V+XHWlS5IIbDPy6PlItzK4=
Subject key identifier: 1A:F9:06:69:BA:64:C6:58:C8:71:95:5A:DF:12:B2:99:86:7A:F9:B2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018BDEB0F785A241915415074A2168FCE24B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GvkGabpkxljIcZVa3xKymYZ6-bI.roa
Signing time: Fri 17 Nov 2023 19:10:21 +0000
ROA not before: Fri 17 Nov 2023 19:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.74.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Nov 2023 12:46:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:de:b0:f7:85:a2:41:91:54:15:07:4a:21:68:fc:e2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 17 19:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1af90669ba64c658c871955adf12b299867af9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a3:e6:b7:a9:f0:7f:8d:e8:71:07:68:ee:9e:
b8:4d:01:4d:85:69:67:f2:e0:3b:34:ef:21:c9:b9:
d8:bb:57:51:e3:d5:9e:41:2b:2a:e1:8b:30:72:36:
2f:10:4d:b1:7c:fd:03:93:b0:99:10:59:f7:7b:35:
2c:34:3c:a6:cb:e5:ae:7a:0e:f7:db:48:a8:cb:cc:
bb:ed:3a:66:a1:25:90:2a:61:a6:67:b3:a5:1c:53:
27:63:f6:2e:ba:65:fc:20:9c:b5:fd:6b:ec:82:9a:
1e:cf:63:81:cc:62:96:f3:7f:3d:c6:1a:95:84:91:
ce:a9:19:17:5b:4f:fb:12:aa:da:e5:e4:6f:0c:c3:
df:36:c8:40:01:a7:51:9c:82:98:59:51:41:2e:bf:
02:b3:fe:0e:95:4d:a7:b3:e2:fb:28:f1:11:68:3e:
f3:4d:ca:80:0e:5b:38:73:f9:f2:e2:a4:0e:2a:90:
dd:28:10:45:fb:e9:98:28:bf:f0:93:19:5f:c5:23:
a5:f6:93:42:af:be:9b:70:69:0b:7b:32:ea:31:64:
22:cd:fe:22:35:2a:e4:ed:c5:a2:71:f7:95:f1:2d:
cf:a0:64:cf:50:c5:c0:91:fd:ee:29:ed:5e:77:05:
64:92:81:86:37:9e:af:31:09:77:11:75:b7:9c:b6:
32:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F9:06:69:BA:64:C6:58:C8:71:95:5A:DF:12:B2:99:86:7A:F9:B2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GvkGabpkxljIcZVa3xKymYZ6-bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.35.0-163.5.36.255
163.5.62.0/24
163.5.74.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.99.0/24
163.5.106.0/24
163.5.110.0-163.5.114.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.138.0/23
163.5.142.0/23
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/24
163.5.167.0/24
163.5.170.0/24
163.5.176.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.248.0/24
163.5.250.0/24
163.5.252.0/22
Signature Algorithm: sha256WithRSAEncryption
18:ec:c0:8a:30:9c:f0:e4:72:c3:7b:78:be:2a:48:c6:2d:c3:
d9:52:93:25:27:46:59:38:90:1c:06:d5:0d:bb:b0:4c:cb:74:
61:b3:9f:da:67:14:c0:49:05:bf:c7:93:fb:5c:07:74:91:81:
18:12:40:c1:bd:16:7f:7b:28:a3:09:c8:a6:ef:0c:0c:2f:a4:
ff:d9:10:3c:0d:ca:c5:ec:e0:19:b6:b2:51:09:49:aa:b2:5d:
10:15:15:6a:39:f6:20:dc:28:19:35:2b:5d:dc:e6:e5:c8:38:
af:b5:ea:e9:51:ec:3f:74:db:c0:f5:74:3b:bf:f6:3d:a5:9e:
53:8d:2a:cd:8a:3d:70:61:0e:84:0c:e6:a2:45:bc:a2:11:85:
e9:38:aa:15:a2:a6:86:7d:a8:aa:c7:88:6b:aa:f0:54:8a:ee:
97:83:91:6f:16:74:1d:10:e6:3d:83:a8:1a:6f:fd:20:72:81:
12:07:91:83:97:62:74:83:da:c6:80:74:eb:7f:a7:7e:0a:04:
06:6d:55:17:33:95:45:f4:e7:fa:51:78:bf:ce:cc:10:5f:6c:
22:30:05:eb:99:7b:ea:ce:e4:0a:a2:da:2d:c9:3d:05:c9:00:
9f:3e:fd:bf:3e:97:c0:41:3d:87:59:a1:b6:1a:2c:c2:41:74:
e2:db:10:d6
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAYvesPeFokGRVBUHSiFo/OJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTE3MTkxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY5MDY2OWJhNjRjNjU4Yzg3MTk1NWFkZjEyYjI5OTg2N2FmOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKPmt6nwf43ocQdo7p64TQFNhWln
8uA7NO8hybnYu1dR49WeQSsq4YswcjYvEE2xfP0Dk7CZEFn3ezUsNDymy+Wueg73
20ioy8y77TpmoSWQKmGmZ7OlHFMnY/YuumX8IJy1/Wvsgpoez2OBzGKW8389xhqV
hJHOqRkXW0/7Eqra5eRvDMPfNshAAadRnIKYWVFBLr8Cs/4OlU2ns+L7KPERaD7z
TcqADls4c/ny4qQOKpDdKBBF++mYKL/wkxlfxSOl9pNCr76bcGkLezLqMWQizf4i
NSrk7cWicfeV8S3PoGTPUMXAkf3uKe1edwVkkoGGN56vMQl3EXW3nLYywQIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFBr5Bmm6ZMZYyHGVWt8SspmGevmyMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvR3ZrR2FicGt4bGpJY1pWYTN4S3ltWVo2LWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAKMFHjAMAwQAowUjAwQAowUkAwQAowU+AwQAowVKAwQAowVPAwQAowVTAwQA
owVZAwQBowVeAwQAowVjAwQAowVqMAwDBAGjBW4DBACjBXIDBACjBXkDBACjBX4D
BACjBYADBACjBYYDBAGjBYoDBAGjBY4DBACjBZIDBACjBZQDBAGjBZYDBACjBZwD
BACjBaADBACjBacDBACjBaoDBACjBbADBACjBbIwDAMEAKMFtQMEAKMFtgMEAKMF
ugMEAaMFvAMEAKMFvwMEAKMFxwMEAKMFyTAMAwQAowXLAwQBowXMAwQAowXaAwQA
owXgAwQAowXkAwQAowXxAwQAowX4AwQAowX6AwQCowX8MA0GCSqGSIb3DQEBCwUA
A4IBAQAY7MCKMJzw5HLDe3i+KkjGLcPZUpMlJ0ZZOJAcBtUNu7BMy3Rhs5/aZxTA
SQW/x5P7XAd0kYEYEkDBvRZ/eyijCcim7wwML6T/2RA8DcrF7OAZtrJRCUmqsl0Q
FRVqOfYg3CgZNStd3OblyDivterpUew/dNvA9XQ7v/Y9pZ5TjSrNij1wYQ6EDOai
RbyiEYXpOKoVoqaGfaiqx4hrqvBUiu6Xg5FvFnQdEOY9g6gab/0gcoESB5GDl2J0
g9rGgHTrf6d+CgQGbVUXM5VF9Of6UXi/zswQX2wiMAXrmXvqzuQKototyT0FyQCf
Pv2/PpfAQT2HWaG2GizCQXTi2xDW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:30 2024 by rpki-client on console-ams.rpki-client.org