Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NuF9Z9So2iTIsM142smK-cYUXHc.roa
File: NuF9Z9So2iTIsM142smK-cYUXHc.roa (raw, json)
Hash identifier: c/SLCxHGrkvL9IJrNgc+KwhykZQEv8XYYTk8yIKPbL4=
Subject key identifier: 36:E1:7D:67:D4:A8:DA:24:C8:B0:CD:78:DA:C9:8A:F9:C6:14:5C:77
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018DF5BF41153D69D3F6FAF4340827F84FEA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NuF9Z9So2iTIsM142smK-cYUXHc.roa
Signing time: Thu 29 Feb 2024 16:42:48 +0000
ROA not before: Thu 29 Feb 2024 16:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.232.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 11:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:bf:41:15:3d:69:d3:f6:fa:f4:34:08:27:f8:4f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 29 16:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36e17d67d4a8da24c8b0cd78dac98af9c6145c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:af:66:a0:ba:cc:23:b1:d6:f0:7a:25:3c:2d:
35:43:9f:e1:d8:8e:e8:78:46:94:94:e9:32:51:0d:
45:63:0f:d5:4d:cd:4d:5b:be:bf:bb:0f:8c:f2:7c:
0c:3e:f7:a1:2f:ab:ab:72:97:b6:73:06:36:96:d4:
f0:a9:88:f5:bf:43:c9:2f:ac:e5:2c:93:f8:5f:a9:
df:a0:80:17:88:c6:83:12:12:5e:09:81:e7:f9:08:
c5:06:35:bd:d2:2e:e0:15:ca:47:42:52:43:a7:6a:
0d:8e:b0:31:9c:39:71:eb:63:06:c1:d7:c5:07:d5:
53:84:26:2a:a4:80:e1:49:85:b5:7d:e8:89:17:80:
bd:09:19:3e:99:66:d5:01:f2:62:01:34:e6:eb:41:
0d:b3:9f:55:cf:17:08:fd:14:fa:41:87:63:14:18:
78:9d:8a:7e:90:41:cf:9e:2c:2d:88:cf:ec:32:2c:
47:7a:c9:1f:28:7a:a0:8b:74:c2:29:33:8d:ac:1a:
8a:32:3a:27:38:4b:aa:da:1d:fa:34:33:2a:67:43:
4c:3f:c4:11:07:f7:fa:e6:e7:c5:54:6c:96:64:6c:
4b:17:60:5f:9b:9a:e7:32:3d:13:7b:8d:30:11:a2:
cc:a0:64:d1:26:a6:eb:ec:b9:e7:c1:89:f2:d4:1e:
50:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E1:7D:67:D4:A8:DA:24:C8:B0:CD:78:DA:C9:8A:F9:C6:14:5C:77
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NuF9Z9So2iTIsM142smK-cYUXHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.79.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.148.0/24
163.5.151.0/24
163.5.160.0-163.5.162.255
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.195.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.232.0/24
163.5.241.0/24
163.5.248.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:b7:9b:f4:f1:0e:93:d1:14:5f:a0:60:3e:ba:64:8e:cd:28:
5c:59:aa:b1:ab:62:c0:8b:62:79:40:f6:5a:3a:29:3a:59:fa:
4a:c5:35:5e:9e:9f:f2:87:cd:60:17:f2:e9:13:01:b8:b2:a6:
94:6b:dc:6f:0d:70:46:f1:40:bd:a3:5a:30:21:11:11:23:79:
f8:d5:b6:a9:c8:ff:69:bd:c2:dc:a7:67:d8:4b:e2:65:93:e9:
cf:df:3d:59:5b:8a:dd:b5:1a:c3:46:39:0c:a9:6a:a7:ae:ca:
49:06:47:f4:17:03:5f:37:12:1e:9e:ab:1d:87:34:22:f6:e1:
43:5c:68:18:20:e4:24:0a:45:d1:8c:67:45:1d:af:a8:9d:c2:
16:b1:26:97:14:1d:b1:93:72:f7:00:a7:97:3f:ad:36:ef:b5:
86:d1:e9:cf:c4:1a:50:9d:5e:43:db:bd:31:01:f6:38:7a:42:
19:34:a6:d4:bd:fd:44:33:a5:5e:b7:5b:76:ab:f0:40:01:fa:
f3:7d:ae:a7:ac:7c:ce:d4:db:5c:58:d8:a0:03:26:2d:56:7e:
59:81:06:ea:34:a3:0e:ee:fb:92:23:48:3b:51:52:a9:19:68:
21:f6:6d:fe:db:27:8e:d5:a1:f9:ed:58:c3:84:8d:05:9f:c0:
fb:06:d7:0f
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAY31v0EVPWnT9vr0NAgn+E/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjI5MTY0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmUxN2Q2N2Q0YThkYTI0YzhiMGNkNzhkYWM5OGFmOWM2MTQ1Yzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma9moLrMI7HW8HolPC01Q5/h2I7o
eEaUlOkyUQ1FYw/VTc1NW76/uw+M8nwMPvehL6urcpe2cwY2ltTwqYj1v0PJL6zl
LJP4X6nfoIAXiMaDEhJeCYHn+QjFBjW90i7gFcpHQlJDp2oNjrAxnDlx62MGwdfF
B9VThCYqpIDhSYW1feiJF4C9CRk+mWbVAfJiATTm60ENs59VzxcI/RT6QYdjFBh4
nYp+kEHPniwtiM/sMixHeskfKHqgi3TCKTONrBqKMjonOEuq2h36NDMqZ0NMP8QR
B/f65ufFVGyWZGxLF2Bfm5rnMj0Te40wEaLMoGTRJqbr7LnnwYny1B5QiwIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFDbhfWfUqNokyLDNeNrJivnGFFx3MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTnVGOVo5U28yaVRJc00xNDJzbUstY1lVWEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBACj
BR4DBACjBU8DBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgMEAKMFgAME
AKMFhgMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlAMEAKMFlzAMAwQFowWgAwQAowWi
AwQAowWnAwQAowWyAwQAowW2AwQBowW8AwQAowW/AwQAowXDAwQAowXJMAwDBACj
BcsDBAGjBcwDBACjBdoDBACjBeADBACjBeQDBACjBegDBACjBfEDBACjBfgDBACj
BfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBACq3m/TxDpPRFF+gYD66ZI7NKFxZ
qrGrYsCLYnlA9lo6KTpZ+krFNV6en/KHzWAX8ukTAbiyppRr3G8NcEbxQL2jWjAh
EREjefjVtqnI/2m9wtynZ9hL4mWT6c/fPVlbit21GsNGOQypaqeuykkGR/QXA183
Eh6eqx2HNCL24UNcaBgg5CQKRdGMZ0Udr6idwhaxJpcUHbGTcvcAp5c/rTbvtYbR
6c/EGlCdXkPbvTEB9jh6Qhk0ptS9/UQzpV63W3ar8EAB+vN9rqesfM7U21xY2KAD
Ji1WflmBBuo0ow7u+5IjSDtRUqkZaCH2bf7bJ47VofntWMOEjQWfwPsG1w8=
-----END CERTIFICATE-----
Generated at Mon Mar 11 15:12:34 2024 by rpki-client on console-ams.rpki-client.org