Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aH8gLcHR8k2aInruTCZP5Sei11A.roa
File: aH8gLcHR8k2aInruTCZP5Sei11A.roa (raw, json)
Hash identifier: VDFwueGAHMwk/t0yCx1elUBM8c697yjcw4BIgXQLPFE=
Subject key identifier: 68:7F:20:2D:C1:D1:F2:4D:9A:22:7A:EE:4C:26:4F:E5:27:A2:D7:50
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01915661906578100714E44FC30B27950C1E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aH8gLcHR8k2aInruTCZP5Sei11A.roa
Signing time: Thu 15 Aug 2024 14:12:00 +0000
ROA not before: Thu 15 Aug 2024 14:12:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.58.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.168.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.232.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Aug 2024 21:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:56:61:90:65:78:10:07:14:e4:4f:c3:0b:27:95:0c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 15 14:12:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=687f202dc1d1f24d9a227aee4c264fe527a2d750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d5:fd:e8:00:59:95:57:4f:94:a0:fd:a1:70:
64:57:f9:d0:15:e6:60:9c:c0:74:32:92:8a:da:11:
ca:b3:6e:1b:16:41:97:f3:b5:f0:9b:db:fe:9d:28:
58:b2:9a:0a:a2:ca:98:7b:b7:db:84:15:db:a5:e9:
b9:19:fe:a4:3f:eb:b1:4b:1b:ca:39:63:f4:5f:c9:
2f:61:14:3c:89:ed:71:4a:6a:29:4c:da:11:ac:12:
b2:76:a6:c0:b9:bf:14:d1:b6:47:5c:8d:a1:6c:0e:
97:0c:b4:dc:97:cf:bb:7e:23:b8:53:17:4f:5f:4c:
b0:05:67:29:bb:d7:6e:81:5d:39:9a:5e:56:cf:ac:
0b:b0:05:5d:60:0e:eb:1d:34:b9:44:b5:8d:1f:6b:
70:2e:b5:b0:9e:a8:54:18:08:4b:fb:85:b3:0a:4e:
28:c5:39:b7:0a:9d:c1:cb:59:3d:c7:bf:b5:61:1a:
22:81:b1:f4:29:67:5d:be:ee:a3:e3:a0:d1:4c:69:
c0:f4:24:6d:30:f5:47:84:ac:e4:74:26:d5:f9:be:
a6:0f:cc:8a:2d:2e:2c:ff:9f:38:8c:42:84:bb:c5:
1d:dd:b1:87:7b:7e:17:96:49:7f:b3:53:6d:11:4e:
21:c9:05:34:d2:7f:e0:a2:0f:18:1b:94:4e:3c:c1:
39:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7F:20:2D:C1:D1:F2:4D:9A:22:7A:EE:4C:26:4F:E5:27:A2:D7:50
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aH8gLcHR8k2aInruTCZP5Sei11A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.51.0/24
163.5.58.0/23
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.125.0-163.5.126.255
163.5.128.0/23
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.166.0-163.5.168.255
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.232.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
14:c8:e1:05:f7:75:e2:72:9a:1f:d7:4e:c4:2d:76:e8:f5:21:
1f:c8:f8:f2:a0:1b:6b:25:8c:ba:a3:5c:84:13:15:85:0d:e4:
2a:22:e1:91:63:44:c3:ef:74:22:bf:6d:cd:99:8d:f4:53:cb:
14:7c:85:a6:64:b1:5f:ad:22:41:82:d0:3e:df:e6:d4:f3:8e:
55:59:8f:d3:1f:8f:85:4f:c7:45:20:6e:30:f1:16:05:c1:92:
ca:de:e4:65:71:7d:08:77:b8:8a:57:08:71:f8:86:f6:bd:36:
11:72:e8:b0:8e:b7:e7:ab:82:2c:7e:77:9f:e3:22:4a:66:4d:
20:52:ae:c8:b0:2a:95:4b:9e:22:9b:db:ae:35:61:7d:e0:dd:
36:02:fc:e8:d7:fa:ed:b5:30:2e:9e:30:b3:e1:81:91:a6:d4:
33:33:60:17:96:0d:41:ed:69:58:55:b2:45:d9:c4:6e:4b:61:
d6:14:6d:b0:5f:bd:67:b4:a0:0c:34:97:92:68:2d:03:59:6a:
b6:dd:43:53:99:eb:4d:d7:96:d5:3d:ab:ca:35:0c:0a:cb:89:
91:d1:eb:35:ee:eb:bb:d4:62:6d:9c:bb:0a:ef:22:76:e3:05:
20:76:8f:9c:ec:44:a0:34:2d:b6:af:08:88:1d:f7:82:e4:1c:
65:93:24:64
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZFWYZBleBAHFORPwwsnlQweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwODE1MTQxMjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODdmMjAyZGMxZDFmMjRkOWEyMjdhZWU0YzI2NGZlNTI3YTJkNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNX96ABZlVdPlKD9oXBkV/nQFeZg
nMB0MpKK2hHKs24bFkGX87Xwm9v+nShYspoKosqYe7fbhBXbpem5Gf6kP+uxSxvK
OWP0X8kvYRQ8ie1xSmopTNoRrBKydqbAub8U0bZHXI2hbA6XDLTcl8+7fiO4UxdP
X0ywBWcpu9dugV05ml5Wz6wLsAVdYA7rHTS5RLWNH2twLrWwnqhUGAhL+4WzCk4o
xTm3Cp3By1k9x7+1YRoigbH0KWddvu6j46DRTGnA9CRtMPVHhKzkdCbV+b6mD8yK
LS4s/584jEKEu8Ud3bGHe34Xlkl/s1NtEU4hyQU00n/gog8YG5ROPME5NQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFGh/IC3B0fJNmiJ67kwmT+UnotdQMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYUg4Z0xjSFI4azJhSW5ydVRDWlA1U2VpMTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBACj
BR4DBACjBTMDBAGjBToDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQAowV9
AwQAowV+AwQBowWAAwQAowWGAwQAowWLAwQAowWPAwQAowWSAwQAowWXAwQAowWg
MAwDBAGjBaYDBACjBagDBACjBbIDBACjBbYDBAGjBbwDBACjBb8DBAGjBcgwDAME
AKMFywMEAKMFzgMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF6AMEAKMF8QMEAKMF+gME
AKMF/TANBgkqhkiG9w0BAQsFAAOCAQEAFMjhBfd14nKaH9dOxC126PUhH8j48qAb
ayWMuqNchBMVhQ3kKiLhkWNEw+90Ir9tzZmN9FPLFHyFpmSxX60iQYLQPt/m1POO
VVmP0x+PhU/HRSBuMPEWBcGSyt7kZXF9CHe4ilcIcfiG9r02EXLosI6356uCLH53
n+MiSmZNIFKuyLAqlUueIpvbrjVhfeDdNgL86Nf67bUwLp4ws+GBkabUMzNgF5YN
Qe1pWFWyRdnEbkth1hRtsF+9Z7SgDDSXkmgtA1lqtt1DU5nrTdeW1T2ryjUMCsuJ
kdHrNe7ru9RibZy7Cu8iduMFIHaPnOxEoDQttq8IiB33guQcZZMkZA==
-----END CERTIFICATE-----
Generated at Sun Aug 18 00:24:51 2024 by rpki-client on console-ams.rpki-client.org