Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TvVWYlMPyglkpeLPm2Fn1acE2ug.roa
File: TvVWYlMPyglkpeLPm2Fn1acE2ug.roa (raw, json)
Hash identifier: DfbhE9qSmtO5d4+4l9HMgCM2NNd60BcLlY+f4j4uBo8=
Subject key identifier: 4E:F5:56:62:53:0F:CA:09:64:A5:E2:CF:9B:61:67:D5:A7:04:DA:E8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019162408E11476CA6745B3694936AFC22DB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TvVWYlMPyglkpeLPm2Fn1acE2ug.roa
Signing time: Sat 17 Aug 2024 21:31:23 +0000
ROA not before: Sat 17 Aug 2024 21:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.58.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.232.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 20:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:62:40:8e:11:47:6c:a6:74:5b:36:94:93:6a:fc:22:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 17 21:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ef55662530fca0964a5e2cf9b6167d5a704dae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:45:82:46:02:4b:44:40:c5:ec:00:7f:b3:2b:
11:f9:29:0c:01:3a:c4:58:fa:a8:c1:ae:14:38:13:
3e:5a:bf:55:30:c7:14:3d:70:b5:d7:b3:d1:0c:95:
c6:69:3b:ee:ae:d9:49:00:11:00:e4:b4:e9:2f:29:
b9:21:b9:75:78:1d:99:0f:c6:40:63:12:2b:76:45:
cb:32:5c:c6:b6:f7:66:72:f8:10:dc:62:5d:f1:ef:
8b:59:63:91:af:e7:6b:31:9a:d7:c7:f9:07:b0:1a:
15:da:96:93:92:b4:f7:2f:21:c7:45:3c:07:a1:8b:
b0:25:94:91:da:da:20:f2:c0:b2:17:9f:34:7e:9b:
e5:11:5b:8b:1b:5c:9a:64:cb:c9:aa:d9:6e:d9:a1:
dd:d9:59:d3:83:fb:33:b4:bb:c8:90:f8:9d:02:82:
dd:89:ad:13:28:40:95:f0:ba:56:05:f5:0e:db:4c:
46:ab:49:2c:e1:df:c6:3b:99:bc:6d:b3:a7:df:be:
c8:01:cc:1e:32:93:bd:eb:f9:26:b4:6f:48:98:69:
d0:0f:3d:ee:7b:11:34:eb:4f:38:b7:80:24:8e:67:
22:90:97:d5:39:36:83:97:6e:d1:49:e2:9c:1e:15:
5c:d7:6d:b3:d8:ac:26:86:b9:8e:18:4b:b6:08:9d:
75:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F5:56:62:53:0F:CA:09:64:A5:E2:CF:9B:61:67:D5:A7:04:DA:E8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TvVWYlMPyglkpeLPm2Fn1acE2ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.51.0/24
163.5.58.0/23
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.166.0-163.5.168.255
163.5.173.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.232.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:3e:c0:bd:aa:e4:a1:82:7b:63:0e:c6:95:1a:40:01:a4:eb:
d1:2a:aa:74:66:54:8b:7a:cc:03:45:4c:c8:54:52:18:9f:48:
b8:4a:91:d0:3b:c8:16:3e:bc:ac:71:38:ee:93:41:5c:05:a8:
2f:03:11:e1:eb:70:97:9d:9d:b2:cc:78:95:d8:e2:52:e5:8d:
56:1f:07:37:18:6c:e6:3a:02:76:52:15:a8:d8:5b:91:27:84:
2b:be:3c:6d:94:3e:a0:e8:e5:ff:91:14:ed:ec:b4:94:4e:0b:
21:b9:b0:d9:44:93:05:f6:b0:65:2e:c1:d8:af:9f:38:da:41:
fd:e6:c9:f8:af:fb:94:bc:d1:88:74:92:af:db:f4:6a:0b:2a:
c1:e4:f1:72:0b:ad:5d:52:33:25:21:5b:de:62:e1:0c:86:cd:
e7:04:f2:06:1b:50:0f:90:a3:cb:81:30:43:95:41:4b:39:f0:
a5:1e:c8:ce:7e:f9:cc:b8:57:a4:d5:22:24:8e:0b:7a:61:b7:
fb:29:f9:17:e8:4c:ae:f1:59:dc:89:2f:ef:71:07:cd:22:f1:
f6:d2:5a:e3:2c:e9:d9:a0:9f:32:0e:ef:66:b4:8e:1a:c2:39:
06:71:87:7a:e4:bd:65:bf:7f:b3:ae:b8:02:dc:f3:ae:e2:7e:
ac:c8:ec:f3
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZFiQI4RR2ymdFs2lJNq/CLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwODE3MjEzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWY1NTY2MjUzMGZjYTA5NjRhNWUyY2Y5YjYxNjdkNWE3MDRkYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0WCRgJLREDF7AB/sysR+SkMATrE
WPqowa4UOBM+Wr9VMMcUPXC117PRDJXGaTvurtlJABEA5LTpLym5Ibl1eB2ZD8ZA
YxIrdkXLMlzGtvdmcvgQ3GJd8e+LWWORr+drMZrXx/kHsBoV2paTkrT3LyHHRTwH
oYuwJZSR2tog8sCyF580fpvlEVuLG1yaZMvJqtlu2aHd2VnTg/sztLvIkPidAoLd
ia0TKECV8LpWBfUO20xGq0ks4d/GO5m8bbOn377IAcweMpO96/kmtG9ImGnQDz3u
exE06084t4AkjmcikJfVOTaDl27RSeKcHhVc122z2KwmhrmOGEu2CJ11QwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFE71VmJTD8oJZKXiz5thZ9WnBNroMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVHZWV1lsTVB5Z2xrcGVMUG0yRm4xYWNFMnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBACj
BR4DBACjBTMDBAGjBToDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQCowV8
AwQAowV+AwQBowWAAwQAowWLAwQAowWPAwQAowWSAwQAowWXAwQAowWgMAwDBAGj
BaYDBACjBagDBACjBa0DBACjBbIDBACjBbYDBAGjBbwDBACjBb8DBAGjBcgwDAME
AKMFywMEAKMFzgMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF6AMEAKMF8QMEAKMF+gME
AKMF/TANBgkqhkiG9w0BAQsFAAOCAQEAtT7AvarkoYJ7Yw7GlRpAAaTr0SqqdGZU
i3rMA0VMyFRSGJ9IuEqR0DvIFj68rHE47pNBXAWoLwMR4etwl52dssx4ldjiUuWN
Vh8HNxhs5joCdlIVqNhbkSeEK748bZQ+oOjl/5EU7ey0lE4LIbmw2USTBfawZS7B
2K+fONpB/ebJ+K/7lLzRiHSSr9v0agsqweTxcgutXVIzJSFb3mLhDIbN5wTyBhtQ
D5Cjy4EwQ5VBSznwpR7Izn75zLhXpNUiJI4LemG3+yn5F+hMrvFZ3Ikv73EHzSLx
9tJa4yzp2aCfMg7vZrSOGsI5BnGHeuS9Zb9/s664AtzzruJ+rMjs8w==
-----END CERTIFICATE-----
Generated at Mon Aug 19 23:51:28 2024 by rpki-client on console-ams.rpki-client.org