Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bNQAxngmWPm_ghplbv2xObabG5I.roa
File: bNQAxngmWPm_ghplbv2xObabG5I.roa (raw, json)
Hash identifier: vCWosug7pisIywKzlrxWAZZVqMvJPxcAfTTRPIoWcWs=
Subject key identifier: 6C:D4:00:C6:78:26:58:F9:BF:82:1A:65:6E:FD:B1:39:B6:9B:1B:92
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC403E366D4983A544C60639308C2AEAE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bNQAxngmWPm_ghplbv2xObabG5I.roa
Signing time: Mon 01 Jan 2024 07:53:58 +0000
ROA not before: Mon 01 Jan 2024 07:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:03:e3:66:d4:98:3a:54:4c:60:63:93:08:c2:ae:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 07:53:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cd400c6782658f9bf821a656efdb139b69b1b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7d:aa:0d:c0:4a:de:7c:14:14:72:c1:3c:5e:
33:d4:c8:c0:c9:7a:35:d9:f3:69:3f:d7:6f:71:39:
cc:66:7f:a3:8a:01:63:5a:94:b3:80:ee:e2:19:2a:
b1:38:69:04:88:df:d2:35:93:4e:21:d2:6f:c4:71:
3a:89:d0:24:36:42:e0:77:58:d8:b7:f0:da:d5:d1:
bc:f7:b0:21:22:5c:ef:88:41:72:4c:02:ac:db:fd:
4f:d3:06:6b:d2:24:d3:8b:74:f3:63:19:5d:3e:26:
67:be:8b:3d:ea:a1:bf:2e:71:69:be:fd:ae:37:b5:
cc:ca:15:cb:af:96:88:45:1d:b7:69:82:45:dc:87:
20:80:f1:34:04:d7:04:1b:8d:94:64:75:91:61:c7:
26:9a:d5:37:34:f1:f2:29:70:f8:92:e6:e0:b0:ca:
85:8f:30:d7:9e:bc:7d:57:ff:f0:a8:9f:42:31:d9:
dd:0a:d4:c0:5a:fe:86:2a:c0:45:c8:72:42:0b:f1:
d1:17:67:9d:d7:ed:12:fb:6f:c6:80:a4:d0:a5:02:
09:c1:2a:0f:6e:5a:3e:78:a3:e5:7d:98:32:d6:e8:
5c:f7:53:a8:fb:85:63:4c:44:8d:a1:7d:d0:0a:f7:
e3:f8:a9:4e:7f:ab:e5:d2:33:53:7b:cd:4c:ea:e2:
e6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D4:00:C6:78:26:58:F9:BF:82:1A:65:6E:FD:B1:39:B6:9B:1B:92
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bNQAxngmWPm_ghplbv2xObabG5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.36.0/24
163.5.66.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.106.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
38:72:3e:7d:66:cc:61:c2:a5:cd:e1:ed:e5:0c:d8:5f:d9:e2:
d1:fd:0e:07:73:f3:cb:27:f1:ea:5a:7d:06:07:2b:5a:a7:2a:
04:dd:75:91:c6:71:4c:3c:ef:2c:2e:57:23:8b:d8:ab:56:8e:
ae:f6:f5:c9:4e:21:aa:76:66:7b:e4:f5:f8:e4:df:61:bb:e2:
12:32:78:b8:56:c1:4c:05:d1:f5:45:9d:89:04:32:ac:73:38:
83:3f:09:15:4f:1d:cb:bb:5f:13:6e:32:ac:41:35:45:90:4f:
48:8a:d8:84:ba:e0:51:ad:ce:84:fb:a2:cf:8e:1d:d9:f2:1d:
bb:68:9f:72:e8:e7:d8:7c:71:5c:4c:40:2e:7c:bb:84:c0:0e:
d1:19:22:d4:76:96:5d:63:e8:10:20:0b:0d:34:49:d8:d6:cb:
87:2f:4f:ad:f2:1e:90:30:47:a7:00:7d:46:6a:ec:5d:f2:d5:
ab:8d:a7:8b:38:9a:97:f4:ac:2e:c5:f4:8e:31:55:84:97:37:
9f:d8:5a:e0:0d:34:69:44:dd:6a:11:48:8c:91:f8:62:c9:43:
be:b2:ff:81:7a:06:5e:84:ab:5f:27:e4:e3:03:eb:d5:fe:7d:
3e:6c:6c:6e:02:ad:09:0b:b3:1b:e2:2e:c5:fe:3c:20:51:8f:
23:ec:eb:54
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAYzEA+Nm1Jg6VExgY5MIwq6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDc1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q0MDBjNjc4MjY1OGY5YmY4MjFhNjU2ZWZkYjEzOWI2OWIxYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA032qDcBK3nwUFHLBPF4z1MjAyXo1
2fNpP9dvcTnMZn+jigFjWpSzgO7iGSqxOGkEiN/SNZNOIdJvxHE6idAkNkLgd1jY
t/Da1dG897AhIlzviEFyTAKs2/1P0wZr0iTTi3TzYxldPiZnvos96qG/LnFpvv2u
N7XMyhXLr5aIRR23aYJF3IcggPE0BNcEG42UZHWRYccmmtU3NPHyKXD4kubgsMqF
jzDXnrx9V//wqJ9CMdndCtTAWv6GKsBFyHJCC/HRF2ed1+0S+2/GgKTQpQIJwSoP
blo+eKPlfZgy1uhc91Oo+4VjTESNoX3QCvfj+KlOf6vl0jNTe81M6uLmJwIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFGzUAMZ4Jlj5v4IaZW79sTm2mxuSMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYk5RQXhuZ21XUG1fZ2hwbGJ2MnhPYmFiRzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBACj
BR4DBACjBSQDBACjBUIDBACjBU8DBACjBVMDBACjBVkDBAGjBV4DBACjBWowDAME
AaMFbgMEAaMFcAMEAKMFeQMEAKMFfgMEAKMFgAMEAKMFhgMEAKMFiwMEAKMFjwME
AKMFkgMEAKMFlAMEAaMFlgMEAKMFoAMEAKMFpwMEAKMFsjAMAwQAowW1AwQAowW2
AwQBowW8AwQAowW/AwQAowXJMAwDBACjBcsDBAGjBcwDBACjBdoDBACjBeADBACj
BeQDBACjBfEDBACjBfoDBACjBf0DBACjBf8wDQYJKoZIhvcNAQELBQADggEBADhy
Pn1mzGHCpc3h7eUM2F/Z4tH9Dgdz88sn8epafQYHK1qnKgTddZHGcUw87ywuVyOL
2KtWjq729clOIap2Znvk9fjk32G74hIyeLhWwUwF0fVFnYkEMqxzOIM/CRVPHcu7
XxNuMqxBNUWQT0iK2IS64FGtzoT7os+OHdnyHbton3Lo59h8cVxMQC58u4TADtEZ
ItR2ll1j6BAgCw00SdjWy4cvT63yHpAwR6cAfUZq7F3y1auNp4s4mpf0rC7F9I4x
VYSXN5/YWuANNGlE3WoRSIyR+GLJQ76y/4F6Bl6Eq18n5OMD69X+fT5sbG4CrQkL
sxviLsX+PCBRjyPs61Q=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:19 2024 by rpki-client on console-fra.rpki-client.org