Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HbHo_E0IyhYGh0Ptc1Y58_okcWA.roa
File: HbHo_E0IyhYGh0Ptc1Y58_okcWA.roa (raw, json)
Hash identifier: dk5B5L8XUndu0yoYDJK1j6Z1Jlk/KAx37I829PqM6ok=
Subject key identifier: 1D:B1:E8:FC:4D:08:CA:16:06:87:43:ED:73:56:39:F3:FA:24:71:60
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0193677C8D187F6ECD05705168EF3247A867
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HbHo_E0IyhYGh0Ptc1Y58_okcWA.roa
Signing time: Tue 26 Nov 2024 08:00:36 +0000
ROA not before: Tue 26 Nov 2024 08:00:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.7.0/24 maxlen: 24
163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.12.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 07:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:67:7c:8d:18:7f:6e:cd:05:70:51:68:ef:32:47:a8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 26 08:00:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1db1e8fc4d08ca16068743ed735639f3fa247160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ff:cf:56:1b:20:f3:49:cf:1b:89:19:2a:f1:
a7:63:77:f5:29:14:21:57:87:d9:92:29:cf:e5:79:
70:09:67:4f:9f:42:08:00:3d:b8:f4:f4:12:6b:95:
6a:22:38:57:b3:52:eb:1b:11:69:ff:39:75:35:2d:
9c:92:e4:46:cd:7b:a6:d5:fc:e7:7f:79:ec:08:41:
54:1b:6a:fc:75:a2:9e:c4:ff:00:88:f0:d5:4e:4a:
6f:ce:8d:1a:0c:c4:b1:7e:2d:c5:80:ce:83:69:5d:
a0:c8:82:43:73:e2:6c:01:40:30:f6:30:08:37:5d:
22:03:a2:7d:b9:fb:ae:56:f6:2a:16:92:e0:d1:97:
3a:38:51:6d:7a:a9:53:e5:8e:f1:5b:79:cf:0e:70:
48:fc:85:11:56:ac:43:ff:0d:46:23:58:28:5c:5c:
38:53:78:ed:75:40:a6:3c:32:53:96:5e:bc:29:88:
a9:d0:7a:d2:d9:a0:c0:96:17:a6:ba:94:96:f5:92:
f3:ea:8a:b0:8f:64:2c:fe:00:e4:c1:b5:c2:1f:0e:
c4:2d:ff:36:84:14:bb:26:6e:81:d2:07:bc:e2:67:
e8:2d:5c:b6:4f:5a:66:e1:44:56:23:fd:85:ff:ae:
45:ec:b0:10:b8:d2:57:dc:eb:db:af:82:e2:f9:41:
c0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B1:E8:FC:4D:08:CA:16:06:87:43:ED:73:56:39:F3:FA:24:71:60
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HbHo_E0IyhYGh0Ptc1Y58_okcWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.7.0-163.5.9.255
163.5.12.0/23
163.5.30.0/24
163.5.59.0/24
163.5.73.0/24
163.5.89.0/24
163.5.92.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.138.0/23
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.157.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:aa:ce:92:5f:0e:2d:27:04:2a:15:b0:7c:2c:21:5c:c7:ed:
5a:5f:07:f2:04:b0:4a:f8:2a:e7:12:6d:5e:0a:7e:07:fe:80:
b0:32:ba:69:73:48:ef:9b:9c:90:48:7d:e1:e6:f0:c3:80:86:
24:af:c5:32:8a:d3:1e:96:04:b5:48:5a:23:80:09:f8:33:52:
4b:c7:40:7e:42:dd:0b:eb:59:04:58:8c:ae:04:b7:93:b4:4f:
d0:f5:6a:c9:9a:21:cc:53:35:99:af:10:89:4c:06:d0:94:e4:
64:2d:84:81:dd:c4:34:91:5e:ed:de:2f:a6:70:8b:52:ea:28:
7c:39:22:65:47:f8:16:2a:2b:90:f8:95:59:71:9c:58:f9:d3:
5c:43:20:50:dc:f1:b1:3e:55:bf:e5:df:62:28:55:c4:52:f1:
ee:de:3a:61:03:80:ed:e6:f7:52:55:83:a7:5a:60:6d:b7:27:
25:2b:ea:d9:b1:74:af:47:24:6d:dd:c8:a3:ea:de:47:bf:b8:
3c:ea:1a:5a:c1:96:e3:c7:d4:bf:62:5b:be:13:ce:cc:a9:52:
69:e4:47:14:5a:ab:80:8f:45:7a:e9:c9:51:e0:15:8e:df:f0:
0d:7b:ce:2c:e3:96:8a:fc:36:84:55:c2:6c:a9:20:a0:85:a2:
7f:56:c0:2f
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAZNnfI0Yf27NBXBRaO8yR6hnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTI2MDgwMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIxZThmYzRkMDhjYTE2MDY4NzQzZWQ3MzU2MzlmM2ZhMjQ3MTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf/PVhsg80nPG4kZKvGnY3f1KRQh
V4fZkinP5XlwCWdPn0IIAD249PQSa5VqIjhXs1LrGxFp/zl1NS2ckuRGzXum1fzn
f3nsCEFUG2r8daKexP8AiPDVTkpvzo0aDMSxfi3FgM6DaV2gyIJDc+JsAUAw9jAI
N10iA6J9ufuuVvYqFpLg0Zc6OFFteqlT5Y7xW3nPDnBI/IURVqxD/w1GI1goXFw4
U3jtdUCmPDJTll68KYip0HrS2aDAlhemupSW9ZLz6oqwj2Qs/gDkwbXCHw7ELf82
hBS7Jm6B0ge84mfoLVy2T1pm4URWI/2F/65F7LAQuNJX3Ovbr4Li+UHAKQIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFB2x6PxNCMoWBodD7XNWOfP6JHFgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSGJIb19FMEl5aFlHaDBQdGMxWTU4X29rY1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwwDAME
AKMFBwMEAaMFCAMEAaMFDAMEAKMFHgMEAKMFOwMEAKMFSQMEAKMFWQMEAKMFXDAM
AwQBowVuAwQBowVwAwQAowV5AwQAowV+AwQBowWAAwQBowWKAwQAowWPAwQAowWS
AwQAowWXAwQAowWdAwQAowWgAwQAowWnAwQAowWyAwQAowW2AwQBowW8AwQAowW/
AwQBowXIMAwDBACjBcsDBACjBc4DBACjBdoDBACjBeADBACjBeQDBACjBfEDBACj
BfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBAEuqzpJfDi0nBCoVsHwsIVzH7Vpf
B/IEsEr4KucSbV4Kfgf+gLAyumlzSO+bnJBIfeHm8MOAhiSvxTKK0x6WBLVIWiOA
CfgzUkvHQH5C3QvrWQRYjK4Et5O0T9D1asmaIcxTNZmvEIlMBtCU5GQthIHdxDSR
Xu3eL6Zwi1LqKHw5ImVH+BYqK5D4lVlxnFj501xDIFDc8bE+Vb/l32IoVcRS8e7e
OmEDgO3m91JVg6daYG23JyUr6tmxdK9HJG3dyKPq3ke/uDzqGlrBluPH1L9iW74T
zsypUmnkRxRaq4CPRXrpyVHgFY7f8A17zizjlor8NoRVwmypIKCFon9WwC8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:52:44 2025 by rpki-client