Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PYKBgbEaiSKkOm-mSFz--VNK31k.roa
File: PYKBgbEaiSKkOm-mSFz--VNK31k.roa (raw, json)
Hash identifier: V7C9gEz+zYhjxhjyDYr/9KSM+UsvlOiypncLutynM+M=
Subject key identifier: 3D:82:81:81:B1:1A:89:22:A4:3A:6F:A6:48:5C:FE:F9:53:4A:DF:59
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0196AAAAECB48B7CE11643C7AC7B7710BA0B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PYKBgbEaiSKkOm-mSFz--VNK31k.roa
Signing time: Wed 07 May 2025 12:14:10 +0000
ROA not before: Wed 07 May 2025 12:14:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.184.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.237.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 20:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:aa:ec:b4:8b:7c:e1:16:43:c7:ac:7b:77:10:ba:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 7 12:14:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d828181b11a8922a43a6fa6485cfef9534adf59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ac:9a:bf:a8:82:c0:eb:7f:1d:5a:6e:13:31:
c3:b6:2d:3b:dd:67:fb:30:ea:fd:55:9a:74:54:10:
aa:e0:c5:59:ad:44:0e:69:f5:58:37:92:90:87:7b:
09:1d:c9:7d:a2:b5:df:14:08:e2:38:3c:a6:6c:08:
33:e9:58:ef:68:5d:58:f3:cf:11:93:ca:2c:de:3b:
0e:40:9c:79:58:25:4a:2c:21:9b:93:70:a1:5b:fa:
6d:b8:63:cc:96:17:54:98:dd:ba:ba:0f:a3:41:ab:
96:80:4a:37:65:be:c9:f3:4f:72:ff:0d:53:cd:04:
c7:a4:39:0c:83:52:81:8b:96:50:55:16:8e:9e:ee:
c3:d6:72:69:86:a0:ee:f5:65:53:02:72:48:68:25:
12:aa:d9:2f:33:80:f7:62:2a:a5:de:56:64:0a:e9:
71:55:f9:1e:a8:e2:9d:c5:6f:7c:05:9a:13:34:4e:
59:1b:48:3a:44:7a:8c:ff:26:f1:ff:7c:93:38:f7:
28:4c:cd:9d:a7:ad:e3:e9:45:53:56:2d:ea:c4:d6:
87:d9:7f:6b:b2:db:27:e4:7a:a2:34:ea:8c:80:7a:
7a:c2:6b:94:a9:1c:58:15:06:28:ad:c5:da:e6:23:
2d:0b:25:8a:3d:01:17:5d:dc:e9:c7:b3:65:64:f3:
9e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:82:81:81:B1:1A:89:22:A4:3A:6F:A6:48:5C:FE:F9:53:4A:DF:59
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PYKBgbEaiSKkOm-mSFz--VNK31k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.59.0/24
163.5.66.0/24
163.5.73.0/24
163.5.92.0/24
163.5.112.0/23
163.5.119.0/24
163.5.121.0/24
163.5.128.0/23
163.5.133.0/24
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.164.0/24
163.5.167.0/24
163.5.170.0/24
163.5.173.0/24
163.5.178.0/24
163.5.182.0/24
163.5.184.0/24
163.5.186.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.216.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.230.0/24
163.5.233.0/24
163.5.237.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
45:95:37:ee:0a:1c:58:f1:07:e4:ea:2c:e8:73:3d:3f:2c:37:
f9:1f:4f:77:a6:e2:7a:87:de:5b:47:2a:5c:5a:e5:37:ba:8f:
68:89:8f:e2:6b:a1:76:9d:f2:b5:63:fe:3b:9b:de:ed:9b:53:
c3:22:93:25:9b:41:f0:e1:3a:04:24:df:19:17:83:51:ee:ab:
48:3f:92:65:fb:06:f6:7d:0f:26:f3:eb:79:8a:3f:22:ba:10:
d4:1a:31:76:46:ea:17:33:a8:c6:8b:74:b1:50:9a:8f:84:cb:
e6:f0:ad:42:cb:7a:18:c6:25:b9:42:e9:1f:1d:0f:c5:d0:23:
8b:8a:7d:f5:aa:81:0b:c7:b2:c0:a6:d6:02:e3:52:da:15:d7:
13:85:92:be:d1:17:be:7f:ad:39:0e:d4:9e:93:73:17:a1:66:
0e:65:77:fb:17:a5:5c:ff:ae:dc:f5:4a:fd:1c:cb:7e:02:f8:
9a:84:7e:b1:6c:29:e9:ed:78:0e:ab:8e:75:40:01:56:ef:a0:
49:e0:92:8e:8d:33:7a:e0:8f:7e:73:51:45:e6:fe:74:d2:d2:
04:e7:a6:fa:1a:f1:ce:a4:cc:86:99:5d:9a:2f:39:ab:f0:79:
de:b3:d4:ae:20:e1:1a:2d:dd:44:c7:24:85:f3:ec:f8:1f:b5:
66:42:0a:04
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAZaqquy0i3zhFkPHrHt3ELoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNTA3MTIxNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDgyODE4MWIxMWE4OTIyYTQzYTZmYTY0ODVjZmVmOTUzNGFkZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqyav6iCwOt/HVpuEzHDti073Wf7
MOr9VZp0VBCq4MVZrUQOafVYN5KQh3sJHcl9orXfFAjiODymbAgz6VjvaF1Y888R
k8os3jsOQJx5WCVKLCGbk3ChW/ptuGPMlhdUmN26ug+jQauWgEo3Zb7J809y/w1T
zQTHpDkMg1KBi5ZQVRaOnu7D1nJphqDu9WVTAnJIaCUSqtkvM4D3Yiql3lZkCulx
VfkeqOKdxW98BZoTNE5ZG0g6RHqM/ybx/3yTOPcoTM2dp63j6UVTVi3qxNaH2X9r
stsn5HqiNOqMgHp6wmuUqRxYFQYorcXa5iMtCyWKPQEXXdzpx7NlZPOeGQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFD2CgYGxGokipDpvpkhc/vlTSt9ZMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUFlLQmdiRWFpU0trT20tbVNGei0tVk5LMzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
owUeAwQAowU7AwQAowVCAwQAowVJAwQAowVcAwQBowVwAwQAowV3AwQAowV5AwQB
owWAAwQAowWFAwQBowWKMAwDBAGjBY4DBACjBZADBACjBZIDBACjBZcDBACjBaAD
BACjBaIDBACjBaQDBACjBacDBACjBaoDBACjBa0DBACjBbIDBACjBbYDBACjBbgD
BACjBboDBACjBb0DBACjBb8DBAGjBcgwDAMEAKMFywMEAKMFzgMEAKMF0QMEAKMF
2AMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF5gMEAKMF6QMEAKMF7QMEAKMF8TANBgkq
hkiG9w0BAQsFAAOCAQEARZU37gocWPEH5Oos6HM9Pyw3+R9Pd6bieofeW0cqXFrl
N7qPaImP4muhdp3ytWP+O5ve7ZtTwyKTJZtB8OE6BCTfGReDUe6rSD+SZfsG9n0P
JvPreYo/IroQ1BoxdkbqFzOoxot0sVCaj4TL5vCtQst6GMYluULpHx0PxdAji4p9
9aqBC8eywKbWAuNS2hXXE4WSvtEXvn+tOQ7UnpNzF6FmDmV3+xelXP+u3PVK/RzL
fgL4moR+sWwp6e14DquOdUABVu+gSeCSjo0zeuCPfnNRReb+dNLSBOem+hrxzqTM
hpldmi85q/B53rPUriDhGi3dRMckhfPs+B+1ZkIKBA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:15:33 2025 by rpki-client