Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Liyz9n04GXbtoJVydYJPvRDkBgk.roa
File: Liyz9n04GXbtoJVydYJPvRDkBgk.roa (raw, json)
Hash identifier: e1k6G1sHkFuJSqJBBN/7VgZdvPKFgkXnDwCKN1V4y/A=
Subject key identifier: 2E:2C:B3:F6:7D:38:19:76:ED:A0:95:72:75:82:4F:BD:10:E4:06:09
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01900366EA0442FB89ACFE6FDDF6F3B85634
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Liyz9n04GXbtoJVydYJPvRDkBgk.roa
Signing time: Mon 10 Jun 2024 18:26:34 +0000
ROA not before: Mon 10 Jun 2024 18:26:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jun 2024 18:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:03:66:ea:04:42:fb:89:ac:fe:6f:dd:f6:f3:b8:56:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 10 18:26:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e2cb3f67d381976eda0957275824fbd10e40609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a6:ce:61:3e:72:31:f0:d3:db:12:06:75:e1:
4e:cd:65:4f:52:19:7f:2b:9a:9b:96:95:3d:16:02:
6d:82:44:8d:a0:61:bd:f4:48:a5:54:f2:be:59:33:
9d:c9:dd:ac:33:07:f9:ca:3b:7e:b7:2f:06:79:00:
02:1d:67:5b:ce:bb:0c:60:ea:14:5b:b9:d6:a7:05:
57:5b:de:ed:b1:50:bc:2f:cd:73:16:94:e1:17:a6:
63:86:6f:1e:a4:5c:b1:ba:2c:f0:f1:f5:d5:cc:dd:
63:f0:ca:88:63:52:50:0d:cf:e5:ec:04:e5:b7:d8:
7b:b9:fb:c2:99:9e:d8:da:85:b9:81:d0:53:68:60:
85:69:ad:ee:a4:6b:1d:8e:fa:6e:da:c6:b6:ab:b9:
60:fd:86:51:9c:37:f0:70:ba:ae:ac:58:ab:14:7f:
e1:6e:7d:37:fe:01:60:eb:e2:33:a6:e9:63:59:e3:
83:3a:fd:37:fb:39:67:80:6b:d9:a5:4c:82:1b:2f:
a2:e1:80:b4:ef:20:c3:fa:0a:50:32:e7:75:5b:d9:
0a:75:3a:f7:57:56:75:a2:25:f1:bd:09:72:a2:2e:
8a:68:3e:78:d0:70:29:71:97:7e:fa:04:88:56:ef:
29:86:f3:80:fc:5c:93:ce:82:a3:33:f4:80:4f:07:
af:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:2C:B3:F6:7D:38:19:76:ED:A0:95:72:75:82:4F:BD:10:E4:06:09
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Liyz9n04GXbtoJVydYJPvRDkBgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.53.0/24
163.5.71.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.138.0/23
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.166.0/23
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0-163.5.201.255
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.244.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
93:99:e1:c2:8f:ef:5f:6d:5a:b7:6c:55:c1:02:d8:04:78:1a:
4c:3d:dd:93:31:55:e7:53:a4:3a:eb:34:c4:69:36:12:98:08:
62:86:26:ec:95:0c:a6:22:5b:4f:c3:cc:d1:cc:36:5f:1f:aa:
80:ba:00:0b:a9:a7:bc:c4:9d:1c:9f:10:ec:cd:8a:bd:1c:a2:
57:c6:aa:3f:ac:96:21:38:eb:f2:69:39:83:32:84:17:c1:df:
6d:85:69:c2:01:e8:84:7e:8d:e9:48:ab:d9:06:a0:9f:67:e3:
77:78:4c:ef:f8:f8:e6:ec:39:52:91:ba:b9:43:0b:89:58:dd:
c6:7f:ee:86:4b:68:3d:69:d7:48:d3:c3:e5:cb:96:f2:78:50:
ae:4a:2a:71:4e:b7:0c:b5:b9:b0:f4:37:ad:61:17:a6:06:ad:
25:57:35:96:02:ff:66:95:ca:1f:8f:ea:70:e2:80:3e:a4:a1:
4c:fa:16:69:85:26:c9:d3:df:5f:8f:1e:12:7a:ad:09:2b:74:
54:51:36:20:9d:28:a6:61:7b:55:5c:03:b6:26:bf:50:cc:1b:
29:96:5a:d2:0b:5a:c4:4b:6d:f1:24:f1:19:1e:7f:57:93:f1:
90:0b:df:f9:75:f8:3b:7c:3d:f3:83:8f:06:15:c0:04:51:e9:
66:a5:e9:1b
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZADZuoEQvuJrP5v3fbzuFY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNjEwMTgyNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTJjYjNmNjdkMzgxOTc2ZWRhMDk1NzI3NTgyNGZiZDEwZTQwNjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzabOYT5yMfDT2xIGdeFOzWVPUhl/
K5qblpU9FgJtgkSNoGG99EilVPK+WTOdyd2sMwf5yjt+ty8GeQACHWdbzrsMYOoU
W7nWpwVXW97tsVC8L81zFpThF6Zjhm8epFyxuizw8fXVzN1j8MqIY1JQDc/l7ATl
t9h7ufvCmZ7Y2oW5gdBTaGCFaa3upGsdjvpu2sa2q7lg/YZRnDfwcLqurFirFH/h
bn03/gFg6+IzpuljWeODOv03+zlngGvZpUyCGy+i4YC07yDD+gpQMud1W9kKdTr3
V1Z1oiXxvQlyoi6KaD540HApcZd++gSIVu8phvOA/FyTzoKjM/SATwevQQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFC4ss/Z9OBl27aCVcnWCT70Q5AYJMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTGl5ejluMDRHWGJ0b0pWeWRZSlB2UkRrQmdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBACj
BR4DBACjBTUDBACjBUcDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQCowV8
AwQAowV+AwQBowWAAwQBowWKAwQAowWPAwQAowWSAwQAowWXAwQAowWgAwQAowWi
AwQBowWmAwQAowWyAwQAowW2AwQBowW8AwQAowW/MAwDBACjBccDBAGjBcgwDAME
AKMFywMEAKMFzgMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF8QMEAKMF9AMEAKMF+gME
AKMF/TANBgkqhkiG9w0BAQsFAAOCAQEAk5nhwo/vX21at2xVwQLYBHgaTD3dkzFV
51OkOus0xGk2EpgIYoYm7JUMpiJbT8PM0cw2Xx+qgLoAC6mnvMSdHJ8Q7M2KvRyi
V8aqP6yWITjr8mk5gzKEF8HfbYVpwgHohH6N6Uir2Qagn2fjd3hM7/j45uw5UpG6
uUMLiVjdxn/uhktoPWnXSNPD5cuW8nhQrkoqcU63DLW5sPQ3rWEXpgatJVc1lgL/
ZpXKH4/qcOKAPqShTPoWaYUmydPfX48eEnqtCSt0VFE2IJ0opmF7VVwDtia/UMwb
KZZa0gtaxEtt8STxGR5/V5PxkAvf+XX4O3w984OPBhXABFHpZqXpGw==
-----END CERTIFICATE-----
Generated at Wed Jun 12 19:06:58 2024 by rpki-client on console-fra.rpki-client.org