Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TvbkVWzx9kBMy57T8I3eOIqhZRc.roa
File: TvbkVWzx9kBMy57T8I3eOIqhZRc.roa (raw, json)
Hash identifier: dQlkvrHGNxYnvxXtiuclm6G2c4SaF6sUey+dwv6lAkg=
Subject key identifier: 4E:F6:E4:55:6C:F1:F6:40:4C:CB:9E:D3:F0:8D:DE:38:8A:A1:65:17
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0195A9C847E11A690DC2D1189926A18616C9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TvbkVWzx9kBMy57T8I3eOIqhZRc.roa
Signing time: Tue 18 Mar 2025 15:03:49 +0000
ROA not before: Tue 18 Mar 2025 15:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.22.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 16:16:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:c8:47:e1:1a:69:0d:c2:d1:18:99:26:a1:86:16:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 18 15:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ef6e4556cf1f6404ccb9ed3f08dde388aa16517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ed:59:f3:ba:6d:d1:f7:72:1f:f8:31:69:9a:
e0:83:05:9f:ed:f4:8b:6f:46:01:19:cb:0e:d6:94:
23:e9:9b:1c:f5:2a:6e:9f:e0:c1:cd:5a:3e:72:01:
55:22:8f:06:27:c4:8c:d9:8e:88:63:b4:d9:19:4f:
57:f5:d5:b1:71:4f:c3:32:3f:c2:e4:90:e2:ae:61:
95:97:c1:70:0e:36:6b:93:82:22:96:f6:35:bd:22:
50:ec:32:c7:51:37:67:b1:56:55:87:94:54:eb:1c:
68:ff:c4:66:fb:05:2d:a0:36:56:07:62:c1:66:5a:
83:17:19:91:71:1c:bf:09:22:54:01:f2:69:3c:25:
09:27:8d:52:71:01:8e:86:38:9f:a8:ad:5f:a8:c5:
4c:4a:6e:c2:98:50:ea:2c:16:cb:f0:4e:9b:d0:65:
a4:d3:5e:2a:53:3b:81:24:3d:24:ec:d0:37:d3:01:
5f:83:7a:19:9d:cc:ec:05:bb:f8:88:07:72:08:b9:
03:51:bc:66:a7:5f:40:da:61:6b:fc:80:19:16:f1:
91:09:a0:68:e3:ca:ce:2c:22:26:33:1a:96:c6:54:
97:a6:1a:78:89:b3:b7:6c:ff:f9:5e:8d:e4:9e:31:
cb:c5:64:0f:1c:8b:85:e9:0a:2b:a6:25:7c:12:fe:
12:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F6:E4:55:6C:F1:F6:40:4C:CB:9E:D3:F0:8D:DE:38:8A:A1:65:17
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TvbkVWzx9kBMy57T8I3eOIqhZRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.22.0/24
163.5.30.0/24
163.5.34.0/24
163.5.46.0/24
163.5.59.0/24
163.5.66.0/24
163.5.73.0/24
163.5.86.0/24
163.5.97.0/24
163.5.112.0/23
163.5.118.0/23
163.5.121.0/24
163.5.128.0/23
163.5.131.0/24
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.156.0/24
163.5.158.0/24
163.5.160.0/24
163.5.162.0/24
163.5.164.0/24
163.5.167.0/24
163.5.170.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.216.0/24
163.5.218.0/24
163.5.221.0/24
163.5.224.0/23
163.5.228.0/23
163.5.233.0/24
163.5.241.0/24
163.5.246.0-163.5.248.255
Signature Algorithm: sha256WithRSAEncryption
84:99:c1:91:2c:10:ab:9b:f5:76:40:dc:e4:d3:76:5f:44:e6:
fb:d4:f4:b2:92:3f:36:00:a3:de:48:3c:34:25:ae:aa:6b:e6:
27:32:7c:5d:c0:a1:82:9f:28:be:24:b0:2f:6b:07:f0:4d:a0:
69:89:11:4d:e1:72:fe:15:ed:8c:5e:53:05:15:ad:37:9c:2e:
54:9c:77:31:a1:22:ab:34:47:3d:7c:fb:f4:eb:7d:f7:4f:0c:
a8:0e:8a:5c:c1:30:04:59:cc:aa:c5:38:0a:c1:41:18:07:85:
13:70:8e:6e:e9:8c:e1:a4:71:8c:07:e6:f3:4b:22:6a:85:20:
45:10:72:3b:06:8e:02:f1:15:20:f8:50:e3:97:30:f4:bc:be:
bc:52:fa:db:0d:8d:cc:ec:dd:4d:65:15:d0:fe:01:93:06:d1:
05:6c:49:bd:7f:b5:3c:c5:28:bf:df:c4:74:91:97:be:f3:ac:
f2:98:05:39:01:d2:d7:71:f6:8a:e1:98:8a:d2:86:e4:d5:57:
09:92:4f:11:80:32:59:a7:94:3f:d1:51:ab:82:b5:a7:bf:c8:
56:e7:9c:17:67:33:52:2b:7c:d8:e3:f1:5a:a3:0e:8d:59:2f:
78:de:37:3a:4a:1c:a1:23:52:68:b6:ec:3e:b1:09:45:15:fa:
b0:0c:38:dc
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZWpyEfhGmkNwtEYmSahhhbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMzE4MTUwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWY2ZTQ1NTZjZjFmNjQwNGNjYjllZDNmMDhkZGUzODhhYTE2NTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte1Z87pt0fdyH/gxaZrggwWf7fSL
b0YBGcsO1pQj6Zsc9Spun+DBzVo+cgFVIo8GJ8SM2Y6IY7TZGU9X9dWxcU/DMj/C
5JDirmGVl8FwDjZrk4IilvY1vSJQ7DLHUTdnsVZVh5RU6xxo/8Rm+wUtoDZWB2LB
ZlqDFxmRcRy/CSJUAfJpPCUJJ41ScQGOhjifqK1fqMVMSm7CmFDqLBbL8E6b0GWk
014qUzuBJD0k7NA30wFfg3oZnczsBbv4iAdyCLkDUbxmp19A2mFr/IAZFvGRCaBo
48rOLCImMxqWxlSXphp4ibO3bP/5Xo3knjHLxWQPHIuF6QorpiV8Ev4SYQIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFE725FVs8fZATMue0/CN3jiKoWUXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVHZia1ZXeng5a0JNeTU3VDhJM2VPSXFoWlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCASIEAgABMIIB
GgMEAKMFFgMEAKMFHgMEAKMFIgMEAKMFLgMEAKMFOwMEAKMFQgMEAKMFSQMEAKMF
VgMEAKMFYQMEAaMFcAMEAaMFdgMEAKMFeQMEAaMFgAMEAKMFgwMEAaMFijAMAwQB
owWOAwQAowWQAwQAowWSAwQAowWXAwQAowWcAwQAowWeAwQAowWgAwQAowWiAwQA
owWkAwQAowWnAwQAowWqAwQAowWtAwQAowWvAwQBowWyAwQAowW2AwQAowW6AwQA
owW9AwQAowW/AwQBowXIMAwDBACjBcsDBACjBc4DBACjBdEDBACjBdgDBACjBdoD
BACjBd0DBAGjBeADBAGjBeQDBACjBekDBACjBfEwDAMEAaMF9gMEAKMF+DANBgkq
hkiG9w0BAQsFAAOCAQEAhJnBkSwQq5v1dkDc5NN2X0Tm+9T0spI/NgCj3kg8NCWu
qmvmJzJ8XcChgp8oviSwL2sH8E2gaYkRTeFy/hXtjF5TBRWtN5wuVJx3MaEiqzRH
PXz79Ot9908MqA6KXMEwBFnMqsU4CsFBGAeFE3CObumM4aRxjAfm80siaoUgRRBy
OwaOAvEVIPhQ45cw9Ly+vFL62w2NzOzdTWUV0P4BkwbRBWxJvX+1PMUov9/EdJGX
vvOs8pgFOQHS13H2iuGYitKG5NVXCZJPEYAyWaeUP9FRq4K1p7/IVuecF2czUit8
2OPxWqMOjVkveN43OkocoSNSaLbsPrEJRRX6sAw43A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:44:19 2025 by rpki-client