Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UXCMpmHL5IcWGbbwHc8BXpQUUTg.roa
File: UXCMpmHL5IcWGbbwHc8BXpQUUTg.roa (raw, json)
Hash identifier: n34rzTESo95I/DkCV2ENvr+p5F8/phSCmvkgAVF0L5I=
Subject key identifier: 51:70:8C:A6:61:CB:E4:87:16:19:B6:F0:1D:CF:01:5E:94:14:51:38
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01950997428E69EC7F4344D2AD652A1BB820
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UXCMpmHL5IcWGbbwHc8BXpQUUTg.roa
Signing time: Sat 15 Feb 2025 12:31:02 +0000
ROA not before: Sat 15 Feb 2025 12:31:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.12.0/24 maxlen: 24
163.5.22.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.242.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 18:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:09:97:42:8e:69:ec:7f:43:44:d2:ad:65:2a:1b:b8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 15 12:31:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51708ca661cbe4871619b6f01dcf015e94145138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1b:f2:58:f8:1f:27:66:18:7c:13:78:4a:ce:
dc:ba:e8:57:ba:1f:44:1f:68:b5:a5:c6:80:64:c6:
dd:14:ad:58:67:a6:aa:aa:ee:19:6a:74:a6:4c:a4:
7c:9a:78:21:82:c7:c9:ee:e2:15:bb:9b:43:13:69:
9a:63:02:6e:5a:f5:17:57:99:32:aa:26:3d:bd:d4:
de:bf:66:20:9b:4c:7f:b5:0b:86:3a:e7:91:00:38:
9d:4f:ea:d1:b6:7c:76:ba:66:10:1c:8f:d0:fb:9e:
5b:c0:28:40:dd:a1:bb:5d:d4:d5:7c:c2:b0:ba:28:
0f:9b:6d:6f:0d:89:20:f5:6f:aa:0e:9e:f0:c4:c2:
0e:81:f7:78:83:a2:bf:9d:3d:d4:94:72:f8:a3:60:
33:88:13:13:1f:4a:0d:85:80:f0:73:c4:f7:a4:fa:
6c:1b:06:b4:b7:0a:d8:af:21:3d:83:67:ed:d4:77:
02:b1:d3:11:1e:15:ce:14:86:e4:0a:e3:07:66:ed:
2c:10:7a:04:38:60:d9:e8:2c:61:e6:2f:77:d6:da:
60:19:e9:8e:28:48:cf:b4:13:e9:10:07:bb:73:f3:
bc:ea:f1:72:b8:de:82:62:f0:ba:db:13:b9:4e:20:
cf:4d:52:17:5b:90:47:07:ee:84:b7:f7:a5:1d:a7:
99:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:70:8C:A6:61:CB:E4:87:16:19:B6:F0:1D:CF:01:5E:94:14:51:38
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UXCMpmHL5IcWGbbwHc8BXpQUUTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.12.0/24
163.5.22.0/24
163.5.30.0/23
163.5.34.0/24
163.5.46.0/24
163.5.59.0/24
163.5.73.0/24
163.5.111.0-163.5.113.255
163.5.118.0/23
163.5.121.0/24
163.5.128.0/23
163.5.131.0/24
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.158.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.170.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.212.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0-163.5.242.255
163.5.247.0/24
Signature Algorithm: sha256WithRSAEncryption
73:92:f5:aa:f0:78:79:43:e0:1f:24:6d:c9:af:39:1e:ce:48:
60:6b:97:7a:21:c7:30:c2:6a:a3:c1:6e:36:6a:c6:39:34:84:
59:ad:b0:8e:0f:0c:6f:ea:06:0a:89:33:bf:4f:d7:94:a7:77:
f4:4f:d2:34:3f:e1:8f:93:ee:b7:56:84:05:20:8c:4e:7c:16:
c5:96:9d:14:64:af:fc:05:d0:c9:f1:4c:fb:ce:c6:85:67:2d:
df:2c:93:17:ed:ba:e8:20:2c:b0:39:89:de:79:b0:bd:11:2c:
da:81:af:6b:98:c8:6f:f8:85:46:36:5a:d9:35:db:ac:ef:18:
8e:84:5b:0d:ac:bb:74:af:e5:3f:e5:10:6b:96:e3:4a:78:13:
77:ec:49:06:d5:b5:1c:11:10:67:79:38:f3:ff:cc:9d:2c:46:
a6:f3:69:dc:8b:db:57:24:03:16:ea:78:bd:c0:cf:57:72:ff:
63:b4:54:1d:a9:93:a2:96:a3:af:b8:d8:f3:b8:d4:0f:6a:c5:
76:2a:c3:31:ff:ce:90:a2:a6:ea:2a:f6:87:71:44:eb:21:b2:
9f:70:dd:7e:66:8b:e3:49:c3:92:79:01:f9:0b:e9:d9:d5:fc:
93:58:66:18:79:a1:25:59:b3:12:e4:1d:46:b4:25:f0:2b:ff:
67:9b:f6:fd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZUJl0KOaex/Q0TSrWUqG7ggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMjE1MTIzMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTcwOGNhNjYxY2JlNDg3MTYxOWI2ZjAxZGNmMDE1ZTk0MTQ1MTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthvyWPgfJ2YYfBN4Ss7cuuhXuh9E
H2i1pcaAZMbdFK1YZ6aqqu4ZanSmTKR8mnghgsfJ7uIVu5tDE2maYwJuWvUXV5ky
qiY9vdTev2Ygm0x/tQuGOueRADidT+rRtnx2umYQHI/Q+55bwChA3aG7XdTVfMKw
uigPm21vDYkg9W+qDp7wxMIOgfd4g6K/nT3UlHL4o2AziBMTH0oNhYDwc8T3pPps
Gwa0twrYryE9g2ft1HcCsdMRHhXOFIbkCuMHZu0sEHoEOGDZ6Cxh5i931tpgGemO
KEjPtBPpEAe7c/O86vFyuN6CYvC62xO5TiDPTVIXW5BHB+6Et/elHaeZMwIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFFFwjKZhy+SHFhm28B3PAV6UFFE4MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVVhDTXBtSEw1SWNXR2Jid0hjOEJYcFFVVVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD
BACjBQwDBACjBRYDBAGjBR4DBACjBSIDBACjBS4DBACjBTsDBACjBUkwDAMEAKMF
bwMEAaMFcAMEAaMFdgMEAKMFeQMEAaMFgAMEAKMFgwMEAaMFijAMAwQBowWOAwQA
owWQAwQAowWSAwQAowWXAwQAowWeAwQAowWgAwQAowWiAwQAowWnAwQAowWqAwQA
owWtAwQAowWvAwQBowWyAwQAowW2AwQAowW9AwQAowW/AwQBowXIMAwDBACjBcsD
BACjBc4DBACjBdEDBACjBdQDBACjBdoDBACjBeADBACjBeQwDAMEAKMF8QMEAKMF
8gMEAKMF9zANBgkqhkiG9w0BAQsFAAOCAQEAc5L1qvB4eUPgHyRtya85Hs5IYGuX
eiHHMMJqo8FuNmrGOTSEWa2wjg8Mb+oGCokzv0/XlKd39E/SND/hj5Put1aEBSCM
TnwWxZadFGSv/AXQyfFM+87GhWct3yyTF+266CAssDmJ3nmwvREs2oGva5jIb/iF
RjZa2TXbrO8YjoRbDay7dK/lP+UQa5bjSngTd+xJBtW1HBEQZ3k48//MnSxGpvNp
3IvbVyQDFup4vcDPV3L/Y7RUHamTopajr7jY87jUD2rFdirDMf/OkKKm6ir2h3FE
6yGyn3DdfmaL40nDknkB+Qvp2dX8k1hmGHmhJVmzEuQdRrQl8Cv/Z5v2/Q==
-----END CERTIFICATE-----
Generated at Thu Apr 10 07:47:48 2025 by rpki-client