Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PvWmunBla0ECthbA8eDZMSBOjL0.roa
File: PvWmunBla0ECthbA8eDZMSBOjL0.roa (raw, json)
Hash identifier: /B+244nLKWXAhph/aSGTApSlxrR0Kh7c8Ed/EiVm4Mg=
Subject key identifier: 3E:F5:A6:BA:70:65:6B:41:02:B6:16:C0:F1:E0:D9:31:20:4E:8C:BD
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01934F8C87217500410B80DCF6A6726B2F52
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PvWmunBla0ECthbA8eDZMSBOjL0.roa
Signing time: Thu 21 Nov 2024 16:27:09 +0000
ROA not before: Thu 21 Nov 2024 16:27:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.7.0/24 maxlen: 24
163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.12.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.17.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 20:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4f:8c:87:21:75:00:41:0b:80:dc:f6:a6:72:6b:2f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 21 16:27:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ef5a6ba70656b4102b616c0f1e0d931204e8cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:63:1a:ca:aa:ce:86:f6:7f:27:f6:22:c5:2a:
d4:11:ed:ff:62:3e:b5:87:a2:33:4e:ab:fb:71:5c:
a9:c2:31:71:cd:0f:1e:50:29:40:ce:8e:f6:ff:2e:
99:88:23:ae:43:0e:23:7f:af:29:cc:74:96:6c:55:
22:f7:9d:2c:65:f7:2d:21:0c:8a:43:1d:c9:aa:12:
89:9c:e9:5a:37:69:25:1c:8f:0f:94:62:15:18:38:
97:59:c2:17:fa:07:3e:ab:7d:08:37:e6:b5:7a:be:
0f:76:dd:60:99:ea:8f:53:b0:cf:0d:76:9d:17:7d:
bd:ec:d2:a1:2b:87:6a:d2:c6:81:15:49:39:d2:d5:
85:84:92:e1:e9:48:f9:49:f2:20:f2:2c:e3:c9:d1:
cb:b5:33:ec:30:59:4a:40:e5:90:53:a4:7b:de:ad:
ff:da:b9:88:0a:2c:15:1e:af:06:e1:bf:43:5a:dc:
ca:b7:ca:e6:0e:ff:55:dd:13:ea:8b:b0:23:b0:64:
7f:e3:9b:7e:08:87:3e:fe:ca:4a:6d:d8:d6:e7:a4:
dd:3e:a5:d4:74:e7:e5:6c:99:30:a8:9b:04:a7:6a:
dc:89:4f:89:05:bd:d1:0a:f1:7b:7c:ce:ea:8a:12:
fa:fb:46:1c:e4:3a:f1:eb:ff:b2:8b:57:0b:55:52:
3c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F5:A6:BA:70:65:6B:41:02:B6:16:C0:F1:E0:D9:31:20:4E:8C:BD
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PvWmunBla0ECthbA8eDZMSBOjL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.7.0-163.5.9.255
163.5.12.0/23
163.5.17.0/24
163.5.30.0/24
163.5.59.0/24
163.5.73.0/24
163.5.89.0/24
163.5.92.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0/24
163.5.126.0/24
163.5.128.0/23
163.5.138.0/23
163.5.143.0/24
163.5.146.0/24
163.5.149.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
52:43:86:bb:83:15:95:e6:38:2e:15:22:1f:88:b9:88:c5:c8:
33:4a:18:50:f1:17:f6:f1:7e:2f:c6:ed:fe:7c:6b:84:b0:ec:
c3:63:20:eb:90:2e:31:1e:bc:cf:a0:16:03:22:30:9a:67:b8:
79:d2:65:f3:57:29:b9:32:4d:24:45:33:ac:0a:e0:c6:2d:fe:
1e:90:7b:1b:24:94:a7:3b:88:61:7d:41:45:d4:e9:20:cd:07:
0a:03:5d:64:9f:1b:77:02:4d:5c:d7:7c:83:47:61:8d:4a:5d:
81:9d:ea:35:5c:da:0d:95:72:bf:21:d4:8c:01:81:47:62:9d:
d5:91:db:ab:24:da:2e:34:d9:02:2f:40:e4:57:b7:21:64:e9:
0e:1b:d1:1e:d9:64:a3:d9:7a:c1:73:a1:cc:dc:2e:27:24:d3:
0f:01:6b:89:ee:eb:94:92:04:24:df:23:46:38:80:79:3e:5c:
f7:de:d3:2d:ba:47:8c:da:59:84:d3:34:12:66:c2:bc:f8:09:
bd:e5:c1:8e:55:e0:7d:cc:54:07:c9:fc:01:64:b7:8f:85:48:
b9:7a:e1:50:3a:a2:55:0f:8b:00:6e:a2:d9:bc:f3:02:62:80:
de:c3:15:0a:fb:da:81:45:a1:e5:3c:1a:65:9b:7f:05:e5:d8:
94:d9:58:f6
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZNPjIchdQBBC4Dc9qZyay9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTIxMTYyNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWY1YTZiYTcwNjU2YjQxMDJiNjE2YzBmMWUwZDkzMTIwNGU4Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWMayqrOhvZ/J/YixSrUEe3/Yj61
h6IzTqv7cVypwjFxzQ8eUClAzo72/y6ZiCOuQw4jf68pzHSWbFUi950sZfctIQyK
Qx3JqhKJnOlaN2klHI8PlGIVGDiXWcIX+gc+q30IN+a1er4Pdt1gmeqPU7DPDXad
F3297NKhK4dq0saBFUk50tWFhJLh6Uj5SfIg8izjydHLtTPsMFlKQOWQU6R73q3/
2rmICiwVHq8G4b9DWtzKt8rmDv9V3RPqi7AjsGR/45t+CIc+/spKbdjW56TdPqXU
dOflbJkwqJsEp2rciU+JBb3RCvF7fM7qihL6+0Yc5Drx6/+yi1cLVVI8gwIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFD71prpwZWtBArYWwPHg2TEgToy9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUHZXbXVuQmxhMEVDdGhiQThlRFpNU0JPakwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgwDAME
AKMFBwMEAaMFCAMEAaMFDAMEAKMFEQMEAKMFHgMEAKMFOwMEAKMFSQMEAKMFWQME
AKMFXDAMAwQBowVuAwQBowVwAwQAowV5AwQAowV8AwQAowV+AwQBowWAAwQBowWK
AwQAowWPAwQAowWSAwQAowWVAwQAowWXAwQAowWgAwQAowWnAwQAowWyAwQAowW2
AwQBowW8AwQAowW/AwQBowXIMAwDBACjBcsDBACjBc4DBACjBdoDBACjBeADBACj
BeQDBACjBfEDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBAFJDhruDFZXm
OC4VIh+IuYjFyDNKGFDxF/bxfi/G7f58a4Sw7MNjIOuQLjEevM+gFgMiMJpnuHnS
ZfNXKbkyTSRFM6wK4MYt/h6QexsklKc7iGF9QUXU6SDNBwoDXWSfG3cCTVzXfINH
YY1KXYGd6jVc2g2Vcr8h1IwBgUdindWR26sk2i402QIvQORXtyFk6Q4b0R7ZZKPZ
esFzoczcLick0w8Ba4nu65SSBCTfI0Y4gHk+XPfe0y26R4zaWYTTNBJmwrz4Cb3l
wY5V4H3MVAfJ/AFkt4+FSLl64VA6olUPiwBuotm88wJigN7DFQr72oFFoeU8GmWb
fwXl2JTZWPY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:14:44 2024 by rpki-client on console-fra.rpki-client.org