Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QbZIbpXkUEd_AlE56_ydq633EoQ.roa
File: QbZIbpXkUEd_AlE56_ydq633EoQ.roa (raw, json)
Hash identifier: bodlctxLF1LjHIo011WU2x2FFJBJ6VdO5tOED0in8ns=
Subject key identifier: 41:B6:48:6E:95:E4:50:47:7F:02:51:39:EB:FC:9D:AB:AD:F7:12:84
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B1D73E28A3900D148230FB0EDE68B6EF1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QbZIbpXkUEd_AlE56_ydq633EoQ.roa
Signing time: Wed 11 Oct 2023 06:36:55 +0000
ROA not before: Wed 11 Oct 2023 06:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.235.0/24 maxlen: 24
163.5.242.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.251.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.74.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.87.0/24 maxlen: 24
163.5.98.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.104.0/24 maxlen: 24
163.5.105.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.58.0/24 maxlen: 24
163.5.64.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.197.0/24 maxlen: 24
163.5.198.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.217.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.122.0/24 maxlen: 24
163.5.123.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.172.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:73:e2:8a:39:00:d1:48:23:0f:b0:ed:e6:8b:6e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 11 06:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41b6486e95e450477f025139ebfc9dabadf71284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2e:33:0d:80:c0:4e:bf:d0:64:bd:6b:96:c1:
37:95:9a:33:ba:ab:1d:de:e2:cd:ff:c1:ee:01:4e:
82:eb:20:43:f7:1e:b7:b4:3e:05:c9:b5:ab:8a:8c:
8c:89:06:2a:07:62:be:8e:24:10:c3:48:14:05:be:
d4:38:68:2f:20:d9:89:c9:18:10:75:82:9a:87:00:
1b:bc:8c:59:e6:3f:67:ee:8f:9a:62:27:a8:7e:83:
a9:71:00:d8:04:e7:e1:34:eb:2a:48:97:22:98:ff:
98:da:66:4a:7c:21:2d:68:45:60:37:b1:41:98:83:
9f:e9:cb:ee:9a:84:0b:e5:fc:78:db:32:4c:ca:77:
2e:a3:2a:63:fc:73:4c:a8:35:09:b9:e2:90:20:4b:
7a:c9:2a:53:5c:01:2f:65:39:eb:1f:a6:ce:f8:27:
ad:42:3c:5d:b0:ea:9e:92:7d:02:d7:f3:69:af:5e:
20:a1:6a:85:3c:01:a2:31:c3:71:0e:ee:e7:d8:69:
fb:13:4e:dc:d5:9d:d1:68:07:ed:a6:f3:19:c0:55:
ed:fc:d9:3f:1a:31:b9:ab:68:33:6d:a9:2e:3a:9d:
91:a5:77:85:2e:96:6e:43:2f:0c:f8:1b:0a:f0:0b:
ee:71:90:5b:ca:23:ff:ca:79:3c:72:a9:5e:b2:fb:
40:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B6:48:6E:95:E4:50:47:7F:02:51:39:EB:FC:9D:AB:AD:F7:12:84
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QbZIbpXkUEd_AlE56_ydq633EoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.33.0/24
163.5.35.0-163.5.36.255
163.5.58.0/24
163.5.62.0/24
163.5.64.0/24
163.5.66.0/24
163.5.71.0/24
163.5.74.0/24
163.5.79.0/24
163.5.83.0/24
163.5.86.0/23
163.5.89.0/24
163.5.94.0/23
163.5.98.0/23
163.5.104.0-163.5.106.255
163.5.110.0-163.5.114.255
163.5.120.0/22
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.138.0/23
163.5.141.0-163.5.143.255
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0-163.5.162.255
163.5.165.0/24
163.5.167.0/24
163.5.170.0-163.5.172.255
163.5.176.0/24
163.5.178.0/23
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.195.0/24
163.5.197.0-163.5.198.255
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.212.0/24
163.5.216.0-163.5.218.255
163.5.220.0/24
163.5.224.0/24
163.5.228.0/24
163.5.235.0/24
163.5.241.0-163.5.242.255
163.5.247.0/24
163.5.249.0-163.5.253.255
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:e2:64:d2:5a:24:72:bf:82:20:1b:d1:5b:fe:4d:27:6a:63:
c6:9f:5a:70:dc:af:65:74:e8:f4:ef:8b:e9:9a:5d:6a:3d:28:
76:5b:01:be:a3:00:b8:1c:9e:f0:8c:20:d0:ab:4d:f4:c2:e3:
06:a1:bc:a9:80:77:a3:d5:9e:d5:cf:ad:c0:1c:7d:5c:fc:fb:
c8:ff:0e:09:94:77:02:e5:e7:e7:94:8d:4c:f6:ad:4a:59:c2:
c5:4c:ea:88:3c:bd:31:22:36:eb:62:61:ee:6c:c8:6e:b4:37:
8c:74:ac:04:29:c5:34:c6:8c:8f:08:8b:31:8b:fb:d7:76:17:
5a:56:3d:a0:0d:e7:67:a0:ef:c9:b0:3a:e8:e3:7f:df:c3:74:
4a:25:49:5a:9a:78:ab:c5:f4:83:35:d8:88:9c:44:72:ab:7e:
f2:12:cb:97:6d:79:8d:43:f8:2a:39:56:78:a7:e3:58:53:b7:
14:b2:6f:fe:9c:23:9c:68:61:ec:48:ed:0f:f2:d5:d0:5e:37:
1f:51:df:dc:0c:6f:a9:99:7f:53:5f:50:32:b3:a3:f8:13:93:
a2:22:13:46:0c:36:26:d5:ea:51:65:a3:57:48:0c:07:18:fb:
74:47:49:61:ba:54:0d:f0:01:5b:14:81:57:de:5b:54:9e:f8:
a1:31:c2:7b
-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgISAYsdc+KKOQDRSCMPsO3mi27xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDExMDYzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWI2NDg2ZTk1ZTQ1MDQ3N2YwMjUxMzllYmZjOWRhYmFkZjcxMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy4zDYDATr/QZL1rlsE3lZozuqsd
3uLN/8HuAU6C6yBD9x63tD4FybWrioyMiQYqB2K+jiQQw0gUBb7UOGgvINmJyRgQ
dYKahwAbvIxZ5j9n7o+aYieofoOpcQDYBOfhNOsqSJcimP+Y2mZKfCEtaEVgN7FB
mIOf6cvumoQL5fx42zJMyncuoypj/HNMqDUJueKQIEt6ySpTXAEvZTnrH6bO+Cet
QjxdsOqekn0C1/Npr14goWqFPAGiMcNxDu7n2Gn7E07c1Z3RaAftpvMZwFXt/Nk/
GjG5q2gzbakuOp2RpXeFLpZuQy8M+BsK8AvucZBbyiP/ynk8cqlesvtAmQIDAQAB
o4IDnzCCA5swHQYDVR0OBBYEFEG2SG6V5FBHfwJROev8naut9xKEMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUWJaSWJwWGtVRWRfQWxFNTZfeWRxNjMzRW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBswYIKwYBBQUHAQcBAf8EggGiMIIBnjCCAZoEAgABMIIB
kgMEAKMFHgMEAKMFITAMAwQAowUjAwQAowUkAwQAowU6AwQAowU+AwQAowVAAwQA
owVCAwQAowVHAwQAowVKAwQAowVPAwQAowVTAwQBowVWAwQAowVZAwQBowVeAwQB
owViMAwDBAOjBWgDBACjBWowDAMEAaMFbgMEAKMFcgMEAqMFeAMEAKMFfgMEAKMF
gAMEAKMFhgMEAaMFijAMAwQAowWNAwQEowWAAwQAowWSAwQAowWUAwQBowWWAwQA
owWcMAwDBAWjBaADBACjBaIDBACjBaUDBACjBacwDAMEAaMFqgMEAKMFrAMEAKMF
sAMEAaMFsjAMAwQAowW1AwQAowW2AwQAowW6AwQBowW8AwQAowW/AwQAowXDMAwD
BACjBcUDBACjBcYDBACjBckwDAMEAKMFywMEAaMFzAMEAKMF1DAMAwQDowXYAwQA
owXaAwQAowXcAwQAowXgAwQAowXkAwQAowXrMAwDBACjBfEDBACjBfIDBACjBfcw
DAMEAKMF+QMEAaMF/AMEAKMF/zANBgkqhkiG9w0BAQsFAAOCAQEAOuJk0lokcr+C
IBvRW/5NJ2pjxp9acNyvZXTo9O+L6Zpdaj0odlsBvqMAuBye8Iwg0KtN9MLjBqG8
qYB3o9We1c+twBx9XPz7yP8OCZR3AuXn55SNTPatSlnCxUzqiDy9MSI262Jh7mzI
brQ3jHSsBCnFNMaMjwiLMYv713YXWlY9oA3nZ6DvybA66ON/38N0SiVJWpp4q8X0
gzXYiJxEcqt+8hLLl215jUP4KjlWeKfjWFO3FLJv/pwjnGhh7EjtD/LV0F43H1Hf
3AxvqZl/U19QMrOj+BOToiITRgw2JtXqUWWjV0gMBxj7dEdJYbpUDfABWxSBV95b
VJ74oTHCew==
-----END CERTIFICATE-----
Generated at Wed Oct 11 10:52:59 2023 by rpki-client on console-ams.rpki-client.org