Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/M4jmJCdb7jH2AML_QJfLiMV1fks.roa
File: M4jmJCdb7jH2AML_QJfLiMV1fks.roa (raw, json)
Hash identifier: Cc02L9mB4WH59kWEzwCGV1drafYKmW/JdNejYF1iXU4=
Subject key identifier: 33:88:E6:24:27:5B:EE:31:F6:00:C2:FF:40:97:CB:88:C5:75:7E:4B
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B621B93BC84D01E9945108D2B41499F91
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/M4jmJCdb7jH2AML_QJfLiMV1fks.roa
Signing time: Tue 24 Oct 2023 14:34:16 +0000
ROA not before: Tue 24 Oct 2023 14:34:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.235.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.251.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.67.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.98.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.104.0/24 maxlen: 24
163.5.105.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.37.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.64.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.198.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.207.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.217.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.222.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.122.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.172.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:1b:93:bc:84:d0:1e:99:45:10:8d:2b:41:49:9f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 24 14:34:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3388e624275bee31f600c2ff4097cb88c5757e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bb:02:14:f9:15:ec:9d:93:29:83:3f:43:fc:
df:88:fe:d9:6f:56:8a:2b:8d:96:91:73:2e:14:ce:
e7:05:84:9b:d9:b3:b7:f9:b2:21:29:1c:f1:02:76:
56:b0:ab:6a:d9:79:52:38:d6:26:44:04:38:a9:34:
1d:b7:97:b0:22:25:2c:c7:a3:42:43:4b:ea:ac:00:
c2:3d:d7:fd:2d:60:10:9f:c2:ea:2f:97:40:8c:56:
3d:c2:5a:11:76:a4:1d:41:46:71:39:e3:72:17:fb:
4f:3b:a7:0b:fe:e9:d3:a7:7c:c9:4e:b9:a9:e6:9f:
41:a1:e0:19:68:4f:96:c2:75:42:7b:f5:27:13:19:
98:2a:32:0b:88:58:85:99:f1:dc:08:64:c7:a6:cd:
00:59:5c:9f:61:43:51:53:6d:d2:7b:0a:cf:a1:0f:
4e:66:37:65:36:12:b4:1a:0c:07:fb:d6:95:db:4d:
a4:f7:0c:be:c5:0d:a6:ca:50:33:9c:7b:83:aa:32:
91:f1:1d:a7:1b:b9:c9:b3:0b:eb:54:8a:5e:f8:52:
91:1b:ee:ca:e8:17:ec:3d:fc:0f:13:ff:f3:20:f9:
c4:a4:b4:66:96:d1:71:73:79:1b:5b:80:4e:5e:43:
79:cc:b3:c8:87:5e:e2:b1:0a:ed:ad:a1:8c:d3:a5:
c3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:88:E6:24:27:5B:EE:31:F6:00:C2:FF:40:97:CB:88:C5:75:7E:4B
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/M4jmJCdb7jH2AML_QJfLiMV1fks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.33.0/24
163.5.35.0-163.5.37.255
163.5.62.0/24
163.5.64.0/24
163.5.66.0/23
163.5.71.0/24
163.5.76.0/24
163.5.79.0/24
163.5.83.0/24
163.5.86.0/24
163.5.89.0/24
163.5.94.0/23
163.5.98.0/23
163.5.104.0-163.5.106.255
163.5.110.0-163.5.114.255
163.5.120.0-163.5.122.255
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.138.0/23
163.5.141.0-163.5.143.255
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0-163.5.162.255
163.5.165.0/24
163.5.167.0/24
163.5.170.0/24
163.5.172.0/24
163.5.176.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.198.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.207.0/24
163.5.212.0/24
163.5.217.0-163.5.218.255
163.5.222.0/24
163.5.224.0/24
163.5.228.0/24
163.5.235.0/24
163.5.241.0/24
163.5.247.0/24
163.5.249.0-163.5.253.255
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
88:05:78:1b:15:0a:32:a2:d6:da:6e:2a:e7:e7:3f:96:08:2f:
76:31:19:a7:79:ae:27:15:82:1b:e8:c3:69:81:39:95:3e:53:
6d:8f:51:40:ea:28:ec:88:f4:45:82:9e:ff:02:90:7a:7e:df:
17:1e:be:0e:53:87:5e:1a:3a:89:52:2e:84:d8:d8:29:2c:ed:
cf:bb:f9:d5:c2:b5:47:a9:ed:4c:be:4c:65:8d:b0:c9:43:15:
ce:ff:af:e6:9e:a1:9e:10:8c:2c:c6:e9:24:9d:df:8f:ce:51:
e8:ce:9c:69:cc:67:a7:fe:69:e8:ce:8a:2a:80:23:e4:94:a3:
86:ab:eb:2f:d8:1c:a2:18:26:4b:90:6a:e3:7a:b4:09:6f:c8:
27:6d:5f:67:85:00:21:8e:7a:d1:f6:ee:a6:be:9f:66:5d:10:
01:87:a5:04:ac:c7:1a:e3:be:ea:6b:76:1a:c7:a3:51:83:2d:
7b:1f:1d:5b:1d:89:4b:68:58:8a:43:4e:04:f4:62:4c:58:22:
2e:22:85:b0:0c:f8:bf:aa:eb:ea:78:19:a3:6f:f5:54:c3:24:
e2:ec:79:e3:3e:02:68:b3:dc:90:33:59:20:8f:95:12:43:03:
31:f9:29:2e:06:33:c6:cd:dc:7e:10:0a:a5:3c:a6:9f:49:28:
8a:93:f5:c8
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgISAYtiG5O8hNAemUUQjStBSZ+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDI0MTQzNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzg4ZTYyNDI3NWJlZTMxZjYwMGMyZmY0MDk3Y2I4OGM1NzU3ZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7sCFPkV7J2TKYM/Q/zfiP7Zb1aK
K42WkXMuFM7nBYSb2bO3+bIhKRzxAnZWsKtq2XlSONYmRAQ4qTQdt5ewIiUsx6NC
Q0vqrADCPdf9LWAQn8LqL5dAjFY9wloRdqQdQUZxOeNyF/tPO6cL/unTp3zJTrmp
5p9BoeAZaE+WwnVCe/UnExmYKjILiFiFmfHcCGTHps0AWVyfYUNRU23SewrPoQ9O
ZjdlNhK0GgwH+9aV202k9wy+xQ2mylAznHuDqjKR8R2nG7nJswvrVIpe+FKRG+7K
6BfsPfwPE//zIPnEpLRmltFxc3kbW4BOXkN5zLPIh17isQrtraGM06XDHQIDAQAB
o4IDjzCCA4swHQYDVR0OBBYEFDOI5iQnW+4x9gDC/0CXy4jFdX5LMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTTRqbUpDZGI3akgyQU1MX1FKZkxpTVYxZmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBowYIKwYBBQUHAQcBAf8EggGSMIIBjjCCAYoEAgABMIIB
ggMEAKMFHgMEAKMFITAMAwQAowUjAwQBowUkAwQAowU+AwQAowVAAwQBowVCAwQA
owVHAwQAowVMAwQAowVPAwQAowVTAwQAowVWAwQAowVZAwQBowVeAwQBowViMAwD
BAOjBWgDBACjBWowDAMEAaMFbgMEAKMFcjAMAwQDowV4AwQAowV6AwQAowV+AwQA
owWAAwQAowWGAwQBowWKMAwDBACjBY0DBASjBYADBACjBZIDBACjBZQDBAGjBZYD
BACjBZwwDAMEBaMFoAMEAKMFogMEAKMFpQMEAKMFpwMEAKMFqgMEAKMFrAMEAKMF
sAMEAKMFsjAMAwQAowW1AwQAowW2AwQAowW6AwQBowW8AwQAowW/AwQAowXGAwQA
owXJMAwDBACjBcsDBAGjBcwDBACjBc8DBACjBdQwDAMEAKMF2QMEAKMF2gMEAKMF
3gMEAKMF4AMEAKMF5AMEAKMF6wMEAKMF8QMEAKMF9zAMAwQAowX5AwQBowX8AwQA
owX/MA0GCSqGSIb3DQEBCwUAA4IBAQCIBXgbFQoyotbabirn5z+WCC92MRmnea4n
FYIb6MNpgTmVPlNtj1FA6ijsiPRFgp7/ApB6ft8XHr4OU4deGjqJUi6E2NgpLO3P
u/nVwrVHqe1MvkxljbDJQxXO/6/mnqGeEIwsxukknd+PzlHozpxpzGen/mnozooq
gCPklKOGq+sv2ByiGCZLkGrjerQJb8gnbV9nhQAhjnrR9u6mvp9mXRABh6UErMca
477qa3Yax6NRgy17Hx1bHYlLaFiKQ04E9GJMWCIuIoWwDPi/quvqeBmjb/VUwyTi
7HnjPgJos9yQM1kgj5USQwMx+SkuBjPGzdx+EAqlPKafSSiKk/XI
-----END CERTIFICATE-----
Generated at Tue Oct 24 15:45:28 2023 by rpki-client on console-fra.rpki-client.org