Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XH7_rTPMujcvRI1mYLTcCWaSwQg.roa
File: XH7_rTPMujcvRI1mYLTcCWaSwQg.roa (raw, json)
Hash identifier: FnH39cxrMwBwY1j+ldaGfQhY3dFa4oBplZ4jb/4tYcU=
Subject key identifier: 5C:7E:FF:AD:33:CC:BA:37:2F:44:8D:66:60:B4:DC:09:66:92:C1:08
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018F33AD5457F45B28E8499E74454D06F50B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XH7_rTPMujcvRI1mYLTcCWaSwQg.roa
Signing time: Wed 01 May 2024 10:22:28 +0000
ROA not before: Wed 01 May 2024 10:22:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.54.0/24 maxlen: 24
163.5.56.0/24 maxlen: 24
163.5.65.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 17:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:ad:54:57:f4:5b:28:e8:49:9e:74:45:4d:06:f5:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 1 10:22:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c7effad33ccba372f448d6660b4dc096692c108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fc:ce:d3:74:73:4d:a3:5b:84:14:28:26:29:
7e:60:9d:0b:f0:a0:ce:d4:ae:a0:65:82:6c:2d:65:
33:ee:59:c7:ce:28:4d:a8:12:33:6a:b2:3f:e5:19:
ef:79:e9:d1:36:17:03:0b:e5:32:d1:0f:3a:1c:6e:
f4:9f:ee:77:bd:e2:9d:2d:87:c9:ea:f0:e0:02:71:
b6:bf:55:b8:76:11:9a:72:a7:6d:c6:9e:a9:ac:35:
bf:78:fa:3e:f1:a0:bb:51:1b:c6:fa:23:2d:58:23:
b2:71:c3:c6:e7:a4:04:1d:90:24:de:03:99:dd:7d:
55:39:e6:51:b6:8b:5b:fc:8a:14:68:51:c2:1c:95:
ca:cf:2d:dc:fe:ab:d4:04:ba:85:20:52:c6:7a:38:
df:7c:ca:73:49:18:8a:fb:ef:ce:1b:c6:e7:98:e7:
50:82:ed:fc:33:40:c3:12:5d:de:e8:55:f8:d5:64:
f6:3d:df:c3:a0:a4:d6:fc:38:27:95:b1:7c:1d:64:
6e:03:74:64:c1:e7:d4:d5:be:61:cf:7d:ae:8f:bb:
7d:0e:fd:9c:4b:fa:ba:4f:47:f2:01:6e:3b:e4:8c:
61:21:e7:94:4b:e2:98:ee:73:d3:cf:93:5e:8f:09:
fe:86:ef:09:e0:81:b0:ea:c9:8a:93:f6:e9:f9:a5:
d9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7E:FF:AD:33:CC:BA:37:2F:44:8D:66:60:B4:DC:09:66:92:C1:08
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XH7_rTPMujcvRI1mYLTcCWaSwQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.53.0-163.5.54.255
163.5.56.0/24
163.5.65.0/24
163.5.73.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.134.0/24
163.5.136.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.163.0/24
163.5.167.0/24
163.5.171.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:5a:81:ef:e4:1d:47:7c:c8:10:cf:66:f9:13:50:bc:5d:13:
cd:d8:06:1c:86:e6:d1:1a:f7:8f:c9:d9:e9:18:63:7d:3b:43:
c6:cc:9a:56:35:7b:c8:04:52:49:ef:24:8c:b6:9b:05:f0:4f:
6f:1b:73:62:96:db:d0:13:e5:81:f6:c3:f0:56:1b:f1:8c:cd:
69:8c:30:cc:39:97:14:ad:b8:8c:d5:cc:7a:80:62:00:4b:3e:
d6:26:6a:e7:b5:66:62:46:97:2e:ae:04:fe:a6:77:ef:47:24:
55:98:97:ff:fa:ee:18:2c:90:ac:ca:42:d9:71:ce:67:bb:0a:
36:c8:a6:f3:a0:15:76:c4:98:55:06:17:eb:78:47:f2:98:2c:
87:a0:a0:e9:a8:58:e8:d6:2c:6d:6e:f8:f7:eb:e7:87:17:8a:
2d:96:45:43:56:b4:e9:37:f3:f8:fc:8f:a7:f1:9c:2d:20:44:
d3:46:02:70:e2:a3:53:ba:ae:e0:db:80:cf:51:51:7e:d4:c9:
c8:c0:1e:aa:fb:14:c6:39:58:b4:61:cc:30:95:4b:eb:bd:2a:
1d:a3:43:55:21:24:56:60:66:60:8a:60:95:e4:8b:04:44:31:
57:06:32:18:e1:73:38:29:26:08:e8:6b:d7:38:6f:e2:e6:e0:
bf:dc:48:70
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAY8zrVRX9Fso6EmedEVNBvULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTAxMTAyMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzdlZmZhZDMzY2NiYTM3MmY0NDhkNjY2MGI0ZGMwOTY2OTJjMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/zO03RzTaNbhBQoJil+YJ0L8KDO
1K6gZYJsLWUz7lnHzihNqBIzarI/5RnveenRNhcDC+Uy0Q86HG70n+53veKdLYfJ
6vDgAnG2v1W4dhGacqdtxp6prDW/ePo+8aC7URvG+iMtWCOyccPG56QEHZAk3gOZ
3X1VOeZRtotb/IoUaFHCHJXKzy3c/qvUBLqFIFLGejjffMpzSRiK++/OG8bnmOdQ
gu38M0DDEl3e6FX41WT2Pd/DoKTW/DgnlbF8HWRuA3RkwefU1b5hz32uj7t9Dv2c
S/q6T0fyAW475IxhIeeUS+KY7nPTz5Nejwn+hu8J4IGw6smKk/bp+aXZhwIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFFx+/60zzLo3L0SNZmC03AlmksEIMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWEg3X3JUUE11amN2UkkxbVlMVGNDV2FTd1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBACj
BR4wDAMEAKMFNQMEAKMFNgMEAKMFOAMEAKMFQQMEAKMFSQMEAKMFWTAMAwQBowVu
AwQBowVwAwQAowV5MAwDBAKjBXwDBACjBX4DBAGjBYADBACjBYYDBACjBYgDBACj
BYsDBACjBY8DBACjBZIDBACjBZcDBACjBaADBACjBaMDBACjBacDBACjBasDBACj
BbIDBACjBbYDBAGjBbwDBACjBb8DBACjBckwDAMEAKMFywMEAaMFzAMEAKMF2gME
AKMF4AMEAKMF5AMEAKMF8QMEAKMF+gMEAKMF/TANBgkqhkiG9w0BAQsFAAOCAQEA
OlqB7+QdR3zIEM9m+RNQvF0TzdgGHIbm0Rr3j8nZ6RhjfTtDxsyaVjV7yARSSe8k
jLabBfBPbxtzYpbb0BPlgfbD8FYb8YzNaYwwzDmXFK24jNXMeoBiAEs+1iZq57Vm
YkaXLq4E/qZ370ckVZiX//ruGCyQrMpC2XHOZ7sKNsim86AVdsSYVQYX63hH8pgs
h6Cg6ahY6NYsbW749+vnhxeKLZZFQ1a06Tfz+PyPp/GcLSBE00YCcOKjU7qu4NuA
z1FRftTJyMAeqvsUxjlYtGHMMJVL670qHaNDVSEkVmBmYIpgleSLBEQxVwYyGOFz
OCkmCOhr1zhv4ubgv9xIcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:33 2024 by rpki-client on console-ams.rpki-client.org