Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WS2AHl8Six6M8Qyy1augfkqnfeE.roa
File: WS2AHl8Six6M8Qyy1augfkqnfeE.roa (raw, json)
Hash identifier: yrr3HARs6llTyfSRwlkaYuPxud6+3LVZuu8zlEbITAk=
Subject key identifier: 59:2D:80:1E:5F:12:8B:1E:8C:F1:0C:B2:D5:AB:A0:7E:4A:A7:7D:E1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018E72079CC88B2E6EF16AD00B373823AA37
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WS2AHl8Six6M8Qyy1augfkqnfeE.roa
Signing time: Sun 24 Mar 2024 19:54:45 +0000
ROA not before: Sun 24 Mar 2024 19:54:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Mar 2024 15:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:72:07:9c:c8:8b:2e:6e:f1:6a:d0:0b:37:38:23:aa:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 24 19:54:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=592d801e5f128b1e8cf10cb2d5aba07e4aa77de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:db:aa:08:f6:dd:41:06:99:08:c2:cc:45:f8:
35:fc:27:e6:f9:97:d7:e6:f0:fc:90:a3:61:b3:a1:
b5:d9:d2:bf:25:24:6f:70:11:d1:06:e2:d6:1c:4b:
34:b5:6b:d6:5e:d4:a7:4e:1b:b1:74:b7:c0:47:c5:
35:b3:98:bb:7b:61:7e:f8:f2:fb:8a:c8:8e:f3:9e:
30:1e:98:6a:43:27:78:0f:7f:bf:e3:59:66:93:be:
02:1b:06:79:39:77:55:2d:c8:90:c9:f4:f1:82:65:
76:42:1e:79:fc:3b:10:df:01:e0:29:03:df:45:da:
fd:6f:f8:51:6a:23:4f:48:cf:31:21:87:3c:a0:1f:
a6:05:63:59:c6:f1:62:04:10:f4:44:72:b6:da:73:
3f:0b:4f:6d:bb:78:ab:e2:13:8a:b9:88:63:a5:f4:
96:98:5d:0c:66:09:a9:a2:fc:e4:20:65:e2:3a:a3:
11:1b:b5:4e:ea:19:c1:94:69:f4:df:d8:47:9c:1f:
89:9f:0f:2b:9c:04:01:f2:13:20:aa:5d:ed:04:3e:
e8:06:ed:7f:aa:6d:65:51:82:c9:e3:52:6a:cf:79:
a6:09:ca:b1:34:29:9e:57:1e:c1:b9:3e:fb:12:8b:
25:5f:4a:b9:31:c6:a3:db:0a:43:50:53:43:79:53:
ff:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2D:80:1E:5F:12:8B:1E:8C:F1:0C:B2:D5:AB:A0:7E:4A:A7:7D:E1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WS2AHl8Six6M8Qyy1augfkqnfeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.79.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.148.0/24
163.5.151.0/24
163.5.160.0-163.5.162.255
163.5.167.0/24
163.5.171.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
74:7e:75:45:20:5c:91:70:75:d6:aa:5a:50:a5:6c:d0:c6:d1:
02:7a:98:a5:7d:61:e9:fd:11:89:a7:ed:b5:22:76:b3:66:40:
b1:1c:3d:db:28:13:63:b0:1f:42:15:6b:05:55:d6:d5:04:71:
ac:cc:0a:43:51:df:bb:99:fe:b3:27:b9:21:47:5d:a1:f0:e9:
6c:e0:69:f3:f0:8a:95:79:01:56:8f:23:d3:d4:38:e7:0b:a5:
8c:22:81:09:9b:4a:e2:10:c4:36:96:ee:c2:1f:3c:7f:74:09:
45:16:de:1f:a7:62:04:bc:7d:91:5e:3f:2b:d8:41:84:5e:12:
87:ef:19:00:20:87:5a:7b:17:e6:49:8d:a4:cb:f0:ae:a4:77:
2b:71:cf:63:48:68:08:17:ce:7d:d7:d7:ed:37:87:ce:fa:88:
c0:11:f9:1a:ed:5f:9b:bc:f8:8b:de:68:52:b5:7d:dd:93:75:
91:2a:0e:9e:37:a9:fa:c1:42:c7:65:82:f5:91:00:8d:52:91:
52:25:d4:86:87:7c:64:82:29:29:14:a0:b3:3a:37:d3:0e:ac:
0a:e2:3a:2d:a7:b9:5d:d4:38:29:d9:c5:06:21:59:5b:23:4a:
95:4c:3f:a5:6c:43:9b:58:77:b1:2d:ad:ff:38:e4:d8:1a:95:
a8:bf:c7:38
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAY5yB5zIiy5u8WrQCzc4I6o3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMzI0MTk1NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTJkODAxZTVmMTI4YjFlOGNmMTBjYjJkNWFiYTA3ZTRhYTc3ZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhduqCPbdQQaZCMLMRfg1/Cfm+ZfX
5vD8kKNhs6G12dK/JSRvcBHRBuLWHEs0tWvWXtSnThuxdLfAR8U1s5i7e2F++PL7
isiO854wHphqQyd4D3+/41lmk74CGwZ5OXdVLciQyfTxgmV2Qh55/DsQ3wHgKQPf
Rdr9b/hRaiNPSM8xIYc8oB+mBWNZxvFiBBD0RHK22nM/C09tu3ir4hOKuYhjpfSW
mF0MZgmpovzkIGXiOqMRG7VO6hnBlGn039hHnB+Jnw8rnAQB8hMgql3tBD7oBu1/
qm1lUYLJ41Jqz3mmCcqxNCmeVx7BuT77EoslX0q5Mcaj2wpDUFNDeVP/LQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFFktgB5fEosejPEMstWroH5Kp33hMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvV1MyQUhsOFNpeDZNOFF5eTFhdWdma3FuZmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBACj
BR4DBACjBU8DBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgMEAaMFgAME
AKMFhgMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlAMEAKMFlzAMAwQFowWgAwQAowWi
AwQAowWnAwQAowWrAwQAowWyAwQAowW2AwQBowW8AwQAowW/AwQAowXJMAwDBACj
BcsDBAGjBcwDBACjBdoDBACjBeADBACjBeQDBACjBfEDBACjBfoDBACjBf0wDQYJ
KoZIhvcNAQELBQADggEBAHR+dUUgXJFwddaqWlClbNDG0QJ6mKV9Yen9EYmn7bUi
drNmQLEcPdsoE2OwH0IVawVV1tUEcazMCkNR37uZ/rMnuSFHXaHw6WzgafPwipV5
AVaPI9PUOOcLpYwigQmbSuIQxDaW7sIfPH90CUUW3h+nYgS8fZFePyvYQYReEofv
GQAgh1p7F+ZJjaTL8K6kdytxz2NIaAgXzn3X1+03h876iMAR+RrtX5u8+IveaFK1
fd2TdZEqDp43qfrBQsdlgvWRAI1SkVIl1IaHfGSCKSkUoLM6N9MOrAriOi2nuV3U
OCnZxQYhWVsjSpVMP6VsQ5tYd7Etrf845Ngalai/xzg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org