Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RAI1KcGtNJ5YZccn8Zjr15ygDdM.roa
File: RAI1KcGtNJ5YZccn8Zjr15ygDdM.roa (raw, json)
Hash identifier: fDplwXMua27ezb9b2ga0WuU5FxNC7LMjJg7OvET3X50=
Subject key identifier: 44:02:35:29:C1:AD:34:9E:58:65:C7:27:F1:98:EB:D7:9C:A0:0D:D3
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01878003BDB96009E4A7EBEB44C41144A59E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RAI1KcGtNJ5YZccn8Zjr15ygDdM.roa
Signing time: Fri 14 Apr 2023 13:45:41 +0000
ROA not before: Fri 14 Apr 2023 13:45:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.233.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.239.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.87.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.107.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.61.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.198.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.210.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.222.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 30 Apr 2023 09:23:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:03:bd:b9:60:09:e4:a7:eb:eb:44:c4:11:44:a5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 14 13:45:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44023529c1ad349e5865c727f198ebd79ca00dd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c2:68:4e:6c:9c:0a:a5:bf:c6:27:66:32:22:
f8:1a:e2:5a:18:9c:94:fc:01:a4:eb:6d:4c:e2:04:
fb:33:58:aa:39:0e:5c:76:c7:ce:f0:e9:89:a7:d1:
6d:b9:25:11:ff:8b:0e:ee:94:2f:dc:b5:cc:8e:c2:
bf:1d:a5:0e:90:4a:cf:09:83:26:22:89:00:e3:88:
d2:af:d8:c3:d9:1e:45:36:3e:bc:40:43:d7:61:76:
fd:52:68:6d:6b:c8:f3:80:3a:04:4f:98:6f:27:3e:
74:fd:ff:26:ed:1b:08:31:13:f9:b9:49:25:8b:ba:
c3:3a:ac:96:98:50:48:93:1c:7e:42:9d:cd:93:41:
3a:a5:3f:a1:71:d3:9d:40:26:da:9f:f9:97:e6:2e:
62:42:08:43:c4:af:b3:73:36:6c:1c:16:cc:43:9f:
40:87:9f:57:fe:10:66:e9:71:06:db:f5:6c:e5:10:
df:f1:cd:75:26:92:17:09:5d:79:33:00:9f:ec:d6:
91:aa:3a:65:5d:d6:84:7d:56:87:c3:b3:17:6d:3d:
49:7a:60:aa:61:1b:44:01:79:bf:77:3f:5f:2e:38:
81:14:42:81:81:4f:fa:54:b1:67:36:a0:20:b0:be:
ff:e2:91:a5:15:13:11:7c:ce:1e:22:16:8f:64:df:
bc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:02:35:29:C1:AD:34:9E:58:65:C7:27:F1:98:EB:D7:9C:A0:0D:D3
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RAI1KcGtNJ5YZccn8Zjr15ygDdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.61.0-163.5.62.255
163.5.86.0/23
163.5.99.0-163.5.100.255
163.5.107.0/24
163.5.109.0/24
163.5.117.0/24
163.5.127.0/24
163.5.130.0/24
163.5.132.0/23
163.5.136.0/24
163.5.138.0/24
163.5.145.0/24
163.5.149.0/24
163.5.158.0/24
163.5.161.0/24
163.5.166.0/24
163.5.198.0/24
163.5.202.0/24
163.5.210.0/23
163.5.216.0/24
163.5.221.0-163.5.223.255
163.5.226.0/23
163.5.230.0/24
163.5.233.0/24
163.5.239.0-163.5.241.255
163.5.244.0/24
163.5.246.0/24
163.5.248.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
63:09:53:63:0b:fd:d4:90:9b:7f:fb:0a:e8:aa:a5:f1:55:75:
52:a9:9a:40:3d:80:69:ed:61:65:22:0b:1d:9e:08:a8:cb:33:
da:db:00:65:2a:d7:c0:5a:e5:99:e4:93:e0:cc:d9:b8:84:bd:
1b:78:2d:8c:03:f8:b6:4c:25:f3:32:40:72:1a:d3:e0:ba:03:
64:9d:1e:75:19:fc:e1:5b:37:09:b7:e4:3c:2d:f8:f3:f3:79:
19:9f:08:a0:9a:78:4e:7c:25:8b:92:48:c6:d2:ae:a6:50:1a:
d5:8c:77:00:c0:ac:96:5b:0e:d5:a8:57:a9:ed:b4:72:e2:a3:
db:ac:26:68:10:f2:89:21:aa:01:5d:19:a3:74:d0:78:c6:2f:
a7:93:a5:28:87:64:ff:6f:ef:93:a4:56:32:4c:d5:69:e3:bd:
50:42:53:49:59:ed:16:de:16:15:7f:65:1e:9a:65:6e:cb:57:
db:b2:68:b2:77:44:ad:2f:32:da:ff:14:9a:7d:24:d9:6c:11:
2e:53:e8:9d:19:00:ce:61:63:ff:e7:c5:bb:ab:02:a7:36:d2:
8e:17:87:eb:72:b8:85:d4:cb:9d:c0:ff:52:ff:c8:17:b5:8f:
00:23:71:f6:4c:d8:83:0b:1a:e5:49:af:e7:73:d7:4e:3d:c3:
35:91:37:62
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYeAA725YAnkp+vrRMQRRKWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDE0MTM0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDAyMzUyOWMxYWQzNDllNTg2NWM3MjdmMTk4ZWJkNzljYTAwZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsJoTmycCqW/xidmMiL4GuJaGJyU
/AGk621M4gT7M1iqOQ5cdsfO8OmJp9FtuSUR/4sO7pQv3LXMjsK/HaUOkErPCYMm
IokA44jSr9jD2R5FNj68QEPXYXb9Umhta8jzgDoET5hvJz50/f8m7RsIMRP5uUkl
i7rDOqyWmFBIkxx+Qp3Nk0E6pT+hcdOdQCban/mX5i5iQghDxK+zczZsHBbMQ59A
h59X/hBm6XEG2/Vs5RDf8c11JpIXCV15MwCf7NaRqjplXdaEfVaHw7MXbT1JemCq
YRtEAXm/dz9fLjiBFEKBgU/6VLFnNqAgsL7/4pGlFRMRfM4eIhaPZN+8CwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFEQCNSnBrTSeWGXHJ/GY69ecoA3TMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUkFJMUtjR3ROSjVZWmNjbjhaanIxNXlnRGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBACj
BR8DBACjBSMwDAMEAKMFPQMEAKMFPgMEAaMFVjAMAwQAowVjAwQAowVkAwQAowVr
AwQAowVtAwQAowV1AwQAowV/AwQAowWCAwQBowWEAwQAowWIAwQAowWKAwQAowWR
AwQAowWVAwQAowWeAwQAowWhAwQAowWmAwQAowXGAwQAowXKAwQBowXSAwQAowXY
MAwDBACjBd0DBAWjBcADBAGjBeIDBACjBeYDBACjBekwDAMEAKMF7wMEAaMF8AME
AKMF9AMEAKMF9gMEAKMF+AMEAKMF/jANBgkqhkiG9w0BAQsFAAOCAQEAYwlTYwv9
1JCbf/sK6Kql8VV1UqmaQD2Aae1hZSILHZ4IqMsz2tsAZSrXwFrlmeST4MzZuIS9
G3gtjAP4tkwl8zJAchrT4LoDZJ0edRn84Vs3CbfkPC348/N5GZ8IoJp4Tnwli5JI
xtKuplAa1Yx3AMCsllsO1ahXqe20cuKj26wmaBDyiSGqAV0Zo3TQeMYvp5OlKIdk
/2/vk6RWMkzVaeO9UEJTSVntFt4WFX9lHpplbstX27JosndErS8y2v8Umn0k2WwR
LlPonRkAzmFj/+fFu6sCpzbSjheH63K4hdTLncD/Uv/IF7WPACNx9kzYgwsa5Umv
53PXTj3DNZE3Yg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org