Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T_twlMoTbsa4aihKyKmbMPYjA1o.roa
File: T_twlMoTbsa4aihKyKmbMPYjA1o.roa (raw, json)
Hash identifier: CYyO7/xy+cPVHB++oSHxH3BD3P8uou315xcyN2vGJ5U=
Subject key identifier: 4F:FB:70:94:CA:13:6E:C6:B8:6A:28:4A:C8:A9:9B:30:F6:23:03:5A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018DEB2B2007D2152E4DFC1AFB3A1C34C585
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T_twlMoTbsa4aihKyKmbMPYjA1o.roa
Signing time: Tue 27 Feb 2024 15:24:48 +0000
ROA not before: Tue 27 Feb 2024 15:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.232.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 16:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:2b:20:07:d2:15:2e:4d:fc:1a:fb:3a:1c:34:c5:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 27 15:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ffb7094ca136ec6b86a284ac8a99b30f623035a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:50:ec:49:31:43:e8:64:93:f9:7b:71:96:f7:
61:6f:a9:90:eb:c6:e1:b8:c9:cb:d3:c9:e2:72:f6:
49:d1:81:3a:3b:c6:3b:36:62:cc:ea:1d:5a:d8:0e:
3a:86:c5:3d:61:31:15:47:e9:65:ae:52:47:19:f0:
fe:d1:0b:3e:0f:00:81:e8:7f:1d:c1:9d:4d:98:d3:
0b:31:e9:f6:7b:0a:d2:a8:3a:b2:4c:0b:db:43:93:
24:83:d2:e6:16:12:13:2b:61:0e:02:e9:b2:40:ac:
02:bd:50:35:77:e9:48:38:25:21:4f:4e:ee:b7:18:
96:ff:bc:f7:19:46:14:d3:8c:e2:48:50:c0:cb:9c:
0d:18:93:b7:0f:b2:7f:78:b4:8c:f6:6a:df:d4:72:
34:84:f8:f7:9a:1d:ea:d1:66:0d:0d:4f:d5:26:f8:
32:74:1d:80:9b:f9:05:72:63:7c:0d:f6:f6:1b:aa:
dd:64:75:b6:00:1c:21:cf:82:d8:6b:14:26:a9:28:
b8:d6:ea:2e:c6:ad:8b:20:39:64:10:46:b6:80:e9:
a5:b2:74:46:59:61:b9:3a:05:d0:94:84:3b:fd:ac:
f5:3c:3a:6e:98:a7:e5:b3:80:2c:5a:e4:02:28:1c:
80:e6:db:57:e0:63:16:97:b1:91:7d:cb:85:ae:53:
c8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FB:70:94:CA:13:6E:C6:B8:6A:28:4A:C8:A9:9B:30:F6:23:03:5A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T_twlMoTbsa4aihKyKmbMPYjA1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.79.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.148.0/24
163.5.151.0/24
163.5.160.0/23
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.185.0/24
163.5.188.0/23
163.5.191.0/24
163.5.195.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.232.0/24
163.5.241.0/24
163.5.248.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:7b:12:28:1d:c1:87:a0:8c:82:d4:a3:27:c2:2b:83:49:bd:
a2:ef:a2:ca:88:79:ab:57:aa:15:e9:49:83:bf:7f:75:73:5f:
02:71:36:7e:e1:92:1f:50:c5:a1:f2:87:32:9f:4a:e3:6d:a3:
20:93:af:ec:d2:bd:94:be:f2:00:72:c1:59:e9:03:36:96:7d:
75:67:63:1c:b0:51:61:9c:19:ce:09:43:5b:3e:58:42:19:21:
bd:41:fe:0a:e5:ca:5e:9f:a2:22:6d:00:63:13:bf:46:b6:28:
d4:cd:d6:f8:23:8a:5c:4e:dd:dd:cb:47:ce:73:91:66:a6:d1:
ed:02:4b:37:ce:b7:47:06:e2:bb:dc:2b:42:9b:b0:8e:35:94:
f5:9c:cd:e8:33:4d:64:96:59:d8:94:da:c8:ba:27:b0:1c:bf:
c2:56:ac:c9:4c:83:b8:06:90:9c:ed:9d:c4:1b:ac:f9:ae:22:
67:9a:83:99:d5:f2:65:9d:6d:cc:47:01:d3:cd:2c:b9:b7:0f:
b0:58:b3:25:25:2c:07:6c:86:ce:33:4d:a1:fb:fb:d8:8f:58:
ca:1c:90:56:11:c9:76:82:3f:d3:5a:b1:b7:2a:7b:e2:b6:0b:
07:3e:90:2c:20:10:e0:25:46:9d:26:00:17:5a:4b:fd:70:1b:
84:6d:4f:0c
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAY3rKyAH0hUuTfwa+zocNMWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjI3MTUyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmZiNzA5NGNhMTM2ZWM2Yjg2YTI4NGFjOGE5OWIzMGY2MjMwMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1DsSTFD6GST+Xtxlvdhb6mQ68bh
uMnL08nicvZJ0YE6O8Y7NmLM6h1a2A46hsU9YTEVR+llrlJHGfD+0Qs+DwCB6H8d
wZ1NmNMLMen2ewrSqDqyTAvbQ5Mkg9LmFhITK2EOAumyQKwCvVA1d+lIOCUhT07u
txiW/7z3GUYU04ziSFDAy5wNGJO3D7J/eLSM9mrf1HI0hPj3mh3q0WYNDU/VJvgy
dB2Am/kFcmN8Dfb2G6rdZHW2ABwhz4LYaxQmqSi41uouxq2LIDlkEEa2gOmlsnRG
WWG5OgXQlIQ7/az1PDpumKfls4AsWuQCKByA5ttX4GMWl7GRfcuFrlPITwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFE/7cJTKE27GuGooSsipmzD2IwNaMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVF90d2xNb1Ric2E0YWloS3lLbWJNUFlqQTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBACj
BR4DBACjBU8DBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgMEAKMFgAME
AKMFhgMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlAMEAKMFlwMEAaMFoAMEAKMFpwME
AKMFsgMEAKMFtgMEAKMFuQMEAaMFvAMEAKMFvwMEAKMFwwMEAKMFyTAMAwQAowXL
AwQBowXMAwQAowXaAwQAowXgAwQAowXkAwQAowXoAwQAowXxAwQAowX4AwQAowX6
AwQAowX9MA0GCSqGSIb3DQEBCwUAA4IBAQBrexIoHcGHoIyC1KMnwiuDSb2i76LK
iHmrV6oV6UmDv391c18CcTZ+4ZIfUMWh8ocyn0rjbaMgk6/s0r2UvvIAcsFZ6QM2
ln11Z2McsFFhnBnOCUNbPlhCGSG9Qf4K5cpen6IibQBjE79GtijUzdb4I4pcTt3d
y0fOc5FmptHtAks3zrdHBuK73CtCm7CONZT1nM3oM01kllnYlNrIuiewHL/CVqzJ
TIO4BpCc7Z3EG6z5riJnmoOZ1fJlnW3MRwHTzSy5tw+wWLMlJSwHbIbOM02h+/vY
j1jKHJBWEcl2gj/TWrG3KnvitgsHPpAsIBDgJUadJgAXWkv9cBuEbU8M
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:07:31 2024 by rpki-client on console-ams.rpki-client.org