Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KYCbCtfT6_iIX4sCXVGG4kGJVlI.roa
File: KYCbCtfT6_iIX4sCXVGG4kGJVlI.roa (raw, json)
Hash identifier: JmUYRCHjaPnwM8bPuePTczVYKarPRagMOibBLiGIDaA=
Subject key identifier: 29:80:9B:0A:D7:D3:EB:F8:88:5F:8B:02:5D:51:86:E2:41:89:56:52
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0192D812B2B5FFFF88394AA52BBC1561740B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KYCbCtfT6_iIX4sCXVGG4kGJVlI.roa
Signing time: Tue 29 Oct 2024 11:39:16 +0000
ROA not before: Tue 29 Oct 2024 11:39:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.44.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 16:57:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:12:b2:b5:ff:ff:88:39:4a:a5:2b:bc:15:61:74:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 29 11:39:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29809b0ad7d3ebf8885f8b025d5186e241895652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4d:84:c4:ba:b9:d4:5d:41:bd:0d:b8:ca:59:
2a:d7:05:2f:40:c7:a9:6d:c7:b7:27:4e:01:3c:c4:
c4:2c:88:52:69:90:25:97:40:98:df:db:f5:ad:d0:
5d:87:29:33:8e:af:c0:73:0b:51:72:25:ff:62:ff:
17:d7:48:0e:9b:26:0a:02:21:85:88:be:1d:8e:17:
b8:82:b5:97:03:80:34:7a:0a:a9:df:17:b3:56:50:
f8:ed:58:94:ec:cd:28:6c:0c:a9:13:45:e5:3f:b0:
da:0d:c7:54:cc:eb:37:19:60:6f:0a:b4:5e:01:25:
ee:ef:2d:63:f8:74:35:d9:e6:9b:26:10:d5:88:43:
2b:42:97:c8:e7:f8:e6:3a:9c:f8:20:ef:5d:63:8c:
f7:b0:a4:6d:7b:0d:5d:e8:30:f1:54:d1:47:55:5a:
dc:20:80:7f:36:42:44:da:e3:3d:78:31:c5:78:88:
6e:c8:19:d5:53:0b:93:c0:42:d5:2f:5d:ea:48:a4:
ab:27:a6:aa:df:84:68:32:df:0e:ed:14:ff:69:80:
88:12:a9:62:c8:34:4a:93:1b:cb:b0:96:cd:a4:21:
a2:94:fe:df:12:0d:bd:82:bf:20:b6:8a:7c:0d:34:
87:72:19:89:f5:2e:92:44:2f:af:4b:84:ba:d2:6e:
69:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:80:9B:0A:D7:D3:EB:F8:88:5F:8B:02:5D:51:86:E2:41:89:56:52
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KYCbCtfT6_iIX4sCXVGG4kGJVlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.44.0/24
163.5.59.0/24
163.5.73.0/24
163.5.89.0/24
163.5.92.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.175.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.215.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
42:f4:59:4a:6b:c9:0f:f0:10:1e:20:3e:9b:a4:ea:1f:d9:ba:
1a:48:4b:4b:b3:6e:4f:88:f2:2a:f6:a0:83:cd:f5:54:05:d3:
97:a2:c9:d9:73:49:4f:08:02:59:56:c0:cb:1c:cc:29:e4:01:
16:42:36:60:5c:3e:a5:8d:67:55:29:b0:af:d8:ee:43:86:a1:
69:aa:0b:af:ab:0d:ed:fc:12:df:b5:a5:7b:59:dd:8b:f8:f7:
3e:e3:6d:1e:3a:40:01:2a:e3:6a:47:57:02:c8:8f:09:e8:2c:
6f:bb:bd:90:90:8b:e8:26:b9:35:60:9c:6d:ce:d9:94:f8:8c:
8b:ce:8c:4c:3a:a3:f7:e8:75:42:34:fe:22:0c:ad:da:ee:eb:
92:bb:12:a8:e4:81:c7:f7:db:aa:d0:b0:05:2c:70:58:32:f5:
fe:a1:57:8b:51:cc:85:eb:98:d4:97:e3:f1:61:64:2f:fa:81:
ab:0c:c8:21:e0:71:d1:4c:35:58:e5:b5:6e:86:95:f0:f5:47:
44:33:76:ca:82:cf:2d:28:cf:24:f8:99:dc:4e:5a:11:96:b9:
25:29:af:5a:43:a3:86:20:04:d3:e6:45:49:a7:8e:75:96:a5:
fe:4d:e4:ba:d7:78:8a:c1:95:39:be:b5:3a:a2:d3:32:23:df:
6d:3b:40:fa
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZLYErK1//+IOUqlK7wVYXQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMDI5MTEzOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTgwOWIwYWQ3ZDNlYmY4ODg1ZjhiMDI1ZDUxODZlMjQxODk1NjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok2ExLq51F1BvQ24ylkq1wUvQMep
bce3J04BPMTELIhSaZAll0CY39v1rdBdhykzjq/AcwtRciX/Yv8X10gOmyYKAiGF
iL4djhe4grWXA4A0egqp3xezVlD47ViU7M0obAypE0XlP7DaDcdUzOs3GWBvCrRe
ASXu7y1j+HQ12eabJhDViEMrQpfI5/jmOpz4IO9dY4z3sKRtew1d6DDxVNFHVVrc
IIB/NkJE2uM9eDHFeIhuyBnVUwuTwELVL13qSKSrJ6aq34RoMt8O7RT/aYCIEqli
yDRKkxvLsJbNpCGilP7fEg29gr8gtop8DTSHchmJ9S6SRC+vS4S60m5pfwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFCmAmwrX0+v4iF+LAl1RhuJBiVZSMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvS1lDYkN0ZlQ2X2lJWDRzQ1hWR0c0a0dKVmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBACj
BR4DBACjBSwDBACjBTsDBACjBUkDBACjBVkDBACjBVwwDAMEAaMFbgMEAaMFcAME
AKMFeQMEAKMFfgMEAaMFgAMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlwMEAKMFoAME
AKMFpwMEAKMFrwMEAKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAaMFyDAMAwQAowXL
AwQAowXOAwQAowXXAwQAowXaAwQAowXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9
MA0GCSqGSIb3DQEBCwUAA4IBAQBC9FlKa8kP8BAeID6bpOof2boaSEtLs25PiPIq
9qCDzfVUBdOXosnZc0lPCAJZVsDLHMwp5AEWQjZgXD6ljWdVKbCv2O5DhqFpqguv
qw3t/BLftaV7Wd2L+Pc+420eOkABKuNqR1cCyI8J6Cxvu72QkIvoJrk1YJxtztmU
+IyLzoxMOqP36HVCNP4iDK3a7uuSuxKo5IHH99uq0LAFLHBYMvX+oVeLUcyF65jU
l+PxYWQv+oGrDMgh4HHRTDVY5bVuhpXw9UdEM3bKgs8tKM8k+JncTloRlrklKa9a
Q6OGIATT5kVJp451lqX+TeS613iKwZU5vrU6otMyI99tO0D6
-----END CERTIFICATE-----
Generated at Wed Oct 30 19:19:40 2024 by rpki-client on console-ams.rpki-client.org