Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/SYHcDmlnAPnZEOfvrcx2Akz-zEo.roa
File: SYHcDmlnAPnZEOfvrcx2Akz-zEo.roa (raw, json)
Hash identifier: 4kl3jkXhlM/9sPu5ryvtwra5jP/nqsaC1gvzq4R+p7E=
Subject key identifier: 49:81:DC:0E:69:67:00:F9:D9:10:E7:EF:AD:CC:76:02:4C:FE:CC:4A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018FDDBD64CBCBC6B58210196C90B0365D5A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/SYHcDmlnAPnZEOfvrcx2Akz-zEo.roa
Signing time: Mon 03 Jun 2024 10:55:27 +0000
ROA not before: Mon 03 Jun 2024 10:55:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 18:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:bd:64:cb:cb:c6:b5:82:10:19:6c:90:b0:36:5d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 3 10:55:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4981dc0e696700f9d910e7efadcc76024cfecc4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ed:18:18:5a:39:b3:f3:62:b0:92:95:42:5c:
c7:2a:f1:5e:ae:b1:a1:5c:cd:ba:16:e3:53:64:a6:
8b:1b:3d:11:8b:9f:61:12:1c:3f:dd:6c:e6:bc:cd:
70:8d:d7:62:f1:c2:3a:a7:2c:e1:f8:25:0e:ed:5d:
47:dd:ca:88:3e:b9:0e:3b:20:1e:ec:e6:87:e0:57:
8e:7d:6f:9b:2b:3b:d2:9e:1d:43:c9:1d:c4:2f:da:
c2:e0:3d:08:ad:9c:48:eb:b4:8d:b7:32:63:52:2b:
30:20:4d:34:2a:0d:34:b2:f3:7d:1d:5c:dc:d1:e9:
00:92:a7:88:13:22:5d:5c:e9:84:03:db:bd:11:9f:
ed:ae:58:2b:ab:02:1d:d4:6e:d5:7b:36:1a:5e:73:
1d:79:6c:2b:ba:b4:94:b8:d2:1a:fd:a0:f8:8e:77:
cd:f8:74:58:9d:ca:62:fc:32:bc:c4:73:1d:af:f4:
58:38:fc:48:2e:00:2e:88:03:55:a7:a9:52:52:4d:
2e:67:a9:58:c8:f7:bf:7e:c5:af:7e:0e:b6:52:8a:
57:bf:2e:d6:90:e1:23:63:60:b6:ca:40:15:82:87:
35:db:cd:76:b5:03:2e:bb:c5:da:0f:47:1f:52:45:
32:c5:63:25:6c:46:86:a5:fd:6e:b2:bd:ef:20:04:
a4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:81:DC:0E:69:67:00:F9:D9:10:E7:EF:AD:CC:76:02:4C:FE:CC:4A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/SYHcDmlnAPnZEOfvrcx2Akz-zEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.53.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.136.0/24
163.5.139.0/24
163.5.141.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.166.0/23
163.5.178.0/24
163.5.182.0/24
163.5.185.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0-163.5.201.255
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.244.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:d6:54:9f:7a:3c:a3:cd:91:e9:ce:d8:e6:fe:16:76:e3:b0:
d5:4b:e0:89:cc:94:38:fc:fd:76:68:24:e1:1a:14:4d:b9:3e:
c5:31:41:57:d9:f3:c0:22:6c:55:7e:01:d7:85:ce:8c:f6:5b:
f2:48:07:23:d0:1c:d2:f5:c6:70:fe:15:22:15:9e:24:f1:ee:
3a:a1:54:3c:0d:a7:ef:99:a7:b4:22:06:69:a1:00:e7:2c:3a:
a4:f1:5b:df:c4:99:2f:e1:0c:68:ff:c4:b4:26:95:95:51:90:
1a:9f:11:e5:61:f6:9b:57:fc:1d:c0:db:97:65:27:fb:66:55:
16:dd:7a:5c:40:42:ff:f2:3d:d3:28:0f:ff:2b:ed:a3:af:a4:
d7:9b:bb:f0:25:56:7c:bb:ea:e8:81:59:50:e5:1e:34:06:eb:
d3:a5:72:44:a5:b9:48:21:29:b5:52:7d:60:bc:d1:c3:9d:a7:
9b:4f:13:b1:c5:e0:34:cb:ae:ad:0d:62:dc:ee:da:9d:42:96:
bd:90:0f:29:d1:ab:91:c4:7c:4c:29:24:dc:46:94:07:91:95:
61:1e:2b:27:58:c9:cc:7f:eb:61:4a:ba:8b:47:6b:1b:35:3a:
9d:ec:dd:e8:19:4a:52:4c:db:0c:86:0a:6a:00:d3:2b:bc:96:
d9:c8:80:8d
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAY/dvWTLy8a1ghAZbJCwNl1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNjAzMTA1NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTgxZGMwZTY5NjcwMGY5ZDkxMGU3ZWZhZGNjNzYwMjRjZmVjYzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+0YGFo5s/NisJKVQlzHKvFerrGh
XM26FuNTZKaLGz0Ri59hEhw/3WzmvM1wjddi8cI6pyzh+CUO7V1H3cqIPrkOOyAe
7OaH4FeOfW+bKzvSnh1DyR3EL9rC4D0IrZxI67SNtzJjUiswIE00Kg00svN9HVzc
0ekAkqeIEyJdXOmEA9u9EZ/trlgrqwId1G7VezYaXnMdeWwrurSUuNIa/aD4jnfN
+HRYncpi/DK8xHMdr/RYOPxILgAuiANVp6lSUk0uZ6lYyPe/fsWvfg62UopXvy7W
kOEjY2C2ykAVgoc12812tQMuu8XaD0cfUkUyxWMlbEaGpf1usr3vIASkNwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFEmB3A5pZwD52RDn763MdgJM/sxKMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvU1lIY0RtbG5BUG5aRU9mdnJjeDJBa3otekVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBACj
BR4DBACjBTUDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQCowV8AwQAowV+
AwQBowWAAwQAowWIAwQAowWLAwQAowWNAwQAowWPAwQAowWSAwQAowWXAwQAowWg
AwQAowWiAwQBowWmAwQAowWyAwQAowW2AwQAowW5AwQBowW8AwQAowW/MAwDBACj
BccDBAGjBcgwDAMEAKMFywMEAKMFzgMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF8QME
AKMF9AMEAKMF+gMEAKMF/TANBgkqhkiG9w0BAQsFAAOCAQEApdZUn3o8o82R6c7Y
5v4WduOw1UvgicyUOPz9dmgk4RoUTbk+xTFBV9nzwCJsVX4B14XOjPZb8kgHI9Ac
0vXGcP4VIhWeJPHuOqFUPA2n75mntCIGaaEA5yw6pPFb38SZL+EMaP/EtCaVlVGQ
Gp8R5WH2m1f8HcDbl2Un+2ZVFt16XEBC//I90ygP/yvto6+k15u78CVWfLvq6IFZ
UOUeNAbr06VyRKW5SCEptVJ9YLzRw52nm08TscXgNMuurQ1i3O7anUKWvZAPKdGr
kcR8TCkk3EaUB5GVYR4rJ1jJzH/rYUq6i0drGzU6nezd6BlKUkzbDIYKagDTK7yW
2ciAjQ==
-----END CERTIFICATE-----
Generated at Mon Jun 10 21:13:36 2024 by rpki-client on console-ams.rpki-client.org