Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_13YFKE1nGk2zq6dB_PKxdF_ytI.roa
File: _13YFKE1nGk2zq6dB_PKxdF_ytI.roa (raw, json)
Hash identifier: kIofe4b5mATlrqIwyG8aq+uJsaXs3bupiy5UKbOhTug=
Subject key identifier: FF:5D:D8:14:A1:35:9C:69:36:CE:AE:9D:07:F3:CA:C5:D1:7F:CA:D2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018BF7BF271C5C261776099BF86708A17886
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_13YFKE1nGk2zq6dB_PKxdF_ytI.roa
Signing time: Wed 22 Nov 2023 15:56:21 +0000
ROA not before: Wed 22 Nov 2023 15:56:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.74.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:bf:27:1c:5c:26:17:76:09:9b:f8:67:08:a1:78:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 22 15:56:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff5dd814a1359c6936ceae9d07f3cac5d17fcad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7f:34:8d:ef:d7:5e:6a:e6:54:40:43:0a:2d:
51:9c:c4:ea:1c:f7:7a:76:8c:d1:be:8e:de:b2:5c:
3a:f4:72:c3:92:6b:ec:1e:c2:f6:c7:c3:8a:24:cd:
15:d1:e6:3b:35:99:b7:4d:85:4a:4f:fd:2f:0b:b9:
f2:c9:bf:b4:c7:35:3c:36:0b:58:19:5c:4e:30:68:
cc:fa:ba:23:37:0a:d9:c6:3f:b8:be:66:59:6a:79:
24:0f:92:50:2e:01:cd:4f:89:fd:f1:58:64:54:50:
31:15:90:fd:2a:4c:6d:f9:96:e8:2e:e5:81:15:02:
08:3a:14:b0:a6:80:80:f8:b7:23:57:83:2a:a1:f2:
7a:a0:e5:0b:95:ff:13:2f:6c:a6:14:16:e4:ff:51:
d1:4f:c3:46:a4:6c:31:c9:3a:c3:bf:13:d3:30:15:
b3:b2:82:88:08:7a:47:9d:2b:fc:bd:72:68:1d:7c:
d2:39:91:c9:07:9c:c1:8e:ef:6e:4d:10:02:e7:a4:
9f:87:63:c0:38:b2:52:21:81:ea:6d:bf:a4:90:43:
f0:88:51:eb:57:3e:22:f1:f8:58:90:81:65:94:08:
da:6b:d4:e4:5b:f3:fc:80:82:a8:16:70:b4:74:fb:
69:bc:d1:0a:fd:b1:30:db:5a:09:44:23:34:a9:aa:
08:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5D:D8:14:A1:35:9C:69:36:CE:AE:9D:07:F3:CA:C5:D1:7F:CA:D2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_13YFKE1nGk2zq6dB_PKxdF_ytI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.35.0-163.5.36.255
163.5.62.0/24
163.5.74.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.99.0/24
163.5.106.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.138.0/23
163.5.142.0/23
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/24
163.5.167.0/24
163.5.170.0/24
163.5.176.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0-163.5.255.255
Signature Algorithm: sha256WithRSAEncryption
3d:0b:96:57:6a:b8:36:8d:4a:f7:b4:f8:d0:26:3f:63:51:88:
d6:de:35:64:0a:5e:82:61:e0:99:3b:dc:97:39:31:a5:e3:8a:
52:94:c3:94:75:9d:fe:0c:42:17:cc:6b:e7:fb:a5:58:bf:4c:
da:6b:e3:53:ec:27:ab:cb:91:6d:73:ae:08:7f:7f:fb:81:ba:
2e:e1:4b:05:d1:ff:1b:8b:4b:88:4e:64:65:b7:87:88:61:80:
ad:2d:5c:b9:72:34:61:d4:89:b3:85:59:38:5d:49:17:81:35:
ed:4a:aa:8f:e7:ff:2b:6c:8b:09:39:e4:80:62:3b:f2:b6:cb:
48:8c:63:2d:e3:01:cf:91:a4:09:4a:9c:71:df:ba:4c:79:b2:
4a:04:69:94:73:a6:10:ea:1c:21:a8:78:74:e9:a6:7c:bc:e8:
4a:ed:4d:1a:f1:f1:20:f4:13:a6:c0:16:fa:c7:d2:de:61:c9:
4d:19:94:6b:cb:7f:1d:88:aa:82:77:72:eb:f6:8c:ea:d6:8b:
b8:bd:bb:6e:84:2c:21:5d:94:ff:30:1c:29:b9:88:d6:d3:8e:
1c:05:6a:aa:90:7d:0e:9a:a1:43:66:b3:fe:d5:bc:07:d9:6c:
4a:a0:35:2f:5f:aa:30:b3:51:a6:15:8d:7d:c3:3d:b4:ea:cc:
d1:3c:44:bc
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgISAYv3vyccXCYXdgmb+GcIoXiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTIyMTU1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjVkZDgxNGExMzU5YzY5MzZjZWFlOWQwN2YzY2FjNWQxN2ZjYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp380je/XXmrmVEBDCi1RnMTqHPd6
dozRvo7eslw69HLDkmvsHsL2x8OKJM0V0eY7NZm3TYVKT/0vC7nyyb+0xzU8NgtY
GVxOMGjM+rojNwrZxj+4vmZZankkD5JQLgHNT4n98VhkVFAxFZD9Kkxt+ZboLuWB
FQIIOhSwpoCA+LcjV4MqofJ6oOULlf8TL2ymFBbk/1HRT8NGpGwxyTrDvxPTMBWz
soKICHpHnSv8vXJoHXzSOZHJB5zBju9uTRAC56Sfh2PAOLJSIYHqbb+kkEPwiFHr
Vz4i8fhYkIFllAjaa9TkW/P8gIKoFnC0dPtpvNEK/bEw21oJRCM0qaoIUQIDAQAB
o4IDHjCCAxowHQYDVR0OBBYEFP9d2BShNZxpNs6unQfzysXRf8rSMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvXzEzWUZLRTFuR2syenE2ZEJfUEt4ZEZfeXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMgYIKwYBBQUHAQcBAf8EggEhMIIBHTCCARkEAgABMIIB
EQMEAKMFHjAMAwQAowUjAwQAowUkAwQAowU+AwQAowVKAwQAowVPAwQAowVTAwQA
owVZAwQBowVeAwQAowVjAwQAowVqMAwDBAGjBW4DBAGjBXADBACjBXkDBACjBX4D
BACjBYADBACjBYYDBAGjBYoDBAGjBY4DBACjBZIDBACjBZQDBAGjBZYDBACjBZwD
BACjBaADBACjBacDBACjBaoDBACjBbADBACjBbIwDAMEAKMFtQMEAKMFtgMEAKMF
ugMEAaMFvAMEAKMFvwMEAKMFxwMEAKMFyTAMAwQAowXLAwQBowXMAwQAowXaAwQA
owXgAwQAowXkAwQAowXxAwQAowX6MAsDBACjBf0DAwGjBDANBgkqhkiG9w0BAQsF
AAOCAQEAPQuWV2q4No1K97T40CY/Y1GI1t41ZApegmHgmTvclzkxpeOKUpTDlHWd
/gxCF8xr5/ulWL9M2mvjU+wnq8uRbXOuCH9/+4G6LuFLBdH/G4tLiE5kZbeHiGGA
rS1cuXI0YdSJs4VZOF1JF4E17Uqqj+f/K2yLCTnkgGI78rbLSIxjLeMBz5GkCUqc
cd+6THmySgRplHOmEOocIah4dOmmfLzoSu1NGvHxIPQTpsAW+sfS3mHJTRmUa8t/
HYiqgndy6/aM6taLuL27boQsIV2U/zAcKbmI1tOOHAVqqpB9DpqhQ2az/tW8B9ls
SqA1L1+qMLNRphWNfcM9tOrM0TxEvA==
-----END CERTIFICATE-----
Generated at Fri Nov 24 15:48:49 2023 by rpki-client on console-fra.rpki-client.org