Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OjTByY6MoCg3OwTXYWQT5173B28.roa
File: OjTByY6MoCg3OwTXYWQT5173B28.roa (raw, json)
Hash identifier: 2OgzxZWu7voCBs81j+8/5nSBXE73k8XvdT3E5NSdye8=
Subject key identifier: 3A:34:C1:C9:8E:8C:A0:28:37:3B:04:D7:61:64:13:E7:5E:F7:07:6F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01934861D067B31E164F59399CF2A266B1F1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OjTByY6MoCg3OwTXYWQT5173B28.roa
Signing time: Wed 20 Nov 2024 07:03:10 +0000
ROA not before: Wed 20 Nov 2024 07:03:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.7.0/24 maxlen: 24
163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.12.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.17.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 06:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:48:61:d0:67:b3:1e:16:4f:59:39:9c:f2:a2:66:b1:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 20 07:03:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a34c1c98e8ca028373b04d7616413e75ef7076f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e9:28:d7:2b:ec:20:ef:2f:64:e8:59:54:e8:
2b:16:dd:99:e9:04:b1:cc:af:b7:4b:5a:39:7a:63:
31:8f:05:6b:16:d2:aa:76:c2:61:5e:5d:db:20:95:
97:00:96:c3:46:65:cd:21:76:b3:10:f4:f4:15:2d:
97:92:8a:d3:a2:15:8b:77:66:e8:ac:df:78:17:05:
1e:28:3f:f6:de:e0:9e:20:76:7b:f4:41:4e:68:14:
53:6f:eb:8f:00:bc:9b:f1:a9:b5:6e:f2:eb:61:38:
d7:2c:8c:51:57:29:ac:19:4a:ac:ae:02:1b:3c:60:
85:2f:68:b5:e0:1c:ca:61:49:2c:68:1a:75:16:27:
97:28:63:f1:78:dc:0c:94:98:97:6f:76:c9:11:cb:
aa:dc:6e:4f:28:9a:31:b7:27:2e:7a:ee:61:25:28:
1b:ac:ae:95:7d:99:1c:76:eb:39:86:39:52:ef:e2:
1c:9c:01:3e:3d:f2:d9:df:2a:eb:ae:bf:98:4e:6c:
33:ca:d0:1e:2e:78:61:de:8d:ab:b1:c1:47:1c:ef:
48:b8:53:43:e3:da:d5:12:07:ae:36:b7:7b:39:25:
b4:25:ed:83:e8:1a:e4:3b:a8:ff:90:8e:1a:46:a2:
09:4a:c0:93:54:25:0d:01:e5:7a:d4:fb:4c:08:a1:
58:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:34:C1:C9:8E:8C:A0:28:37:3B:04:D7:61:64:13:E7:5E:F7:07:6F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OjTByY6MoCg3OwTXYWQT5173B28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.7.0-163.5.9.255
163.5.12.0/23
163.5.17.0/24
163.5.30.0/24
163.5.59.0/24
163.5.71.0/24
163.5.73.0/24
163.5.89.0/24
163.5.92.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.138.0/23
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:b7:aa:2a:5f:80:30:43:b5:23:73:c4:69:77:a3:b5:a1:b0:
ab:60:c6:2e:04:4d:02:e7:46:2c:18:72:0d:59:2b:66:70:62:
95:16:6a:4c:7c:9e:d4:a1:ed:23:66:a6:c7:2a:5e:8d:71:ab:
11:0e:c2:1e:fe:08:3c:b2:64:b9:3f:67:42:99:bb:3a:5b:9f:
54:ca:c2:6d:31:14:c5:84:7e:ea:66:a6:a7:68:41:ac:ca:81:
4c:86:51:66:d1:60:fe:de:b1:c3:4b:5a:c3:8f:a0:99:0a:7a:
d5:34:93:c9:1c:71:93:00:bb:c6:d4:79:c9:ab:9b:f4:6e:60:
d7:61:00:60:33:35:16:e9:2d:10:af:ba:9e:e6:be:36:c2:9b:
20:20:e4:e6:46:0d:de:06:96:f0:16:36:ab:e0:5e:14:be:4c:
1a:84:75:f4:9f:b7:c4:f7:ce:ea:73:70:23:e6:b3:02:72:7a:
c2:fe:ce:13:95:a9:bd:78:ff:bf:09:d2:61:53:de:cc:03:a3:
db:e4:70:84:2b:37:89:55:07:fc:03:9b:33:ea:65:30:ff:83:
e5:85:a9:b0:4e:b7:4f:ab:2d:26:5e:75:15:f5:eb:83:5b:7b:
85:51:90:44:85:0f:ec:55:b0:11:9c:9b:11:05:b2:b1:3b:20:
0d:55:d3:1b
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZNIYdBnsx4WT1k5nPKiZrHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTIwMDcwMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM0YzFjOThlOGNhMDI4MzczYjA0ZDc2MTY0MTNlNzVlZjcwNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeko1yvsIO8vZOhZVOgrFt2Z6QSx
zK+3S1o5emMxjwVrFtKqdsJhXl3bIJWXAJbDRmXNIXazEPT0FS2XkorTohWLd2bo
rN94FwUeKD/23uCeIHZ79EFOaBRTb+uPALyb8am1bvLrYTjXLIxRVymsGUqsrgIb
PGCFL2i14BzKYUksaBp1FieXKGPxeNwMlJiXb3bJEcuq3G5PKJoxtycueu5hJSgb
rK6VfZkcdus5hjlS7+IcnAE+PfLZ3yrrrr+YTmwzytAeLnhh3o2rscFHHO9IuFND
49rVEgeuNrd7OSW0Je2D6BrkO6j/kI4aRqIJSsCTVCUNAeV61PtMCKFY3wIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFDo0wcmOjKAoNzsE12FkE+de9wdvMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvT2pUQnlZNk1vQ2czT3dUWFlXUVQ1MTczQjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdowDAME
AKMFBwMEAaMFCAMEAaMFDAMEAKMFEQMEAKMFHgMEAKMFOwMEAKMFRwMEAKMFSQME
AKMFWQMEAKMFXDAMAwQBowVuAwQBowVwAwQAowV5MAwDBAKjBXwDBACjBX4DBAGj
BYADBAGjBYoDBACjBY8DBACjBZIDBACjBZcDBACjBaADBACjBacDBACjBbIDBACj
BbYDBAGjBbwDBACjBb8DBAGjBcgwDAMEAKMFywMEAKMFzgMEAKMF2gMEAKMF4AME
AKMF5AMEAKMF8QMEAKMF+gMEAKMF/TANBgkqhkiG9w0BAQsFAAOCAQEAW7eqKl+A
MEO1I3PEaXejtaGwq2DGLgRNAudGLBhyDVkrZnBilRZqTHye1KHtI2amxypejXGr
EQ7CHv4IPLJkuT9nQpm7OlufVMrCbTEUxYR+6mamp2hBrMqBTIZRZtFg/t6xw0ta
w4+gmQp61TSTyRxxkwC7xtR5yaub9G5g12EAYDM1FuktEK+6nua+NsKbICDk5kYN
3gaW8BY2q+BeFL5MGoR19J+3xPfO6nNwI+azAnJ6wv7OE5WpvXj/vwnSYVPezAOj
2+RwhCs3iVUH/AObM+plMP+D5YWpsE63T6stJl51FfXrg1t7hVGQRIUP7FWwEZyb
EQWysTsgDVXTGw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:50:41 2024 by rpki-client on console-ams.rpki-client.org