Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cuAb4PbAvtpH_3TW9NWYG22jKdY.roa
File: cuAb4PbAvtpH_3TW9NWYG22jKdY.roa (raw, json)
Hash identifier: d/pP2mAiG+9CvEYKsGjW/4E0wWMv3YRLzuWE3X32mDs=
Subject key identifier: 72:E0:1B:E0:F6:C0:BE:DA:47:FF:74:D6:F4:D5:98:1B:6D:A3:29:D6
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194790B89FBBFB8230C2ACD414A34C5639A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cuAb4PbAvtpH_3TW9NWYG22jKdY.roa
Signing time: Sat 18 Jan 2025 10:53:06 +0000
ROA not before: Sat 18 Jan 2025 10:53:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.219.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 16:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:79:0b:89:fb:bf:b8:23:0c:2a:cd:41:4a:34:c5:63:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 18 10:53:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72e01be0f6c0beda47ff74d6f4d5981b6da329d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a0:37:3a:fa:5b:5d:c8:d9:d5:ef:00:11:cb:
d1:4e:9f:5e:3c:24:b0:8c:ea:71:a1:7f:cd:69:80:
f7:f6:cf:bb:4a:86:51:92:42:e5:59:6a:18:09:8f:
d8:96:4a:80:38:27:3a:d6:2f:3b:cc:f8:76:ee:50:
41:ba:1e:8e:8d:af:8c:55:7e:85:1a:17:d4:80:6f:
b6:26:94:59:28:a9:62:32:59:d4:97:9d:e0:1e:97:
a3:e4:1b:5f:59:ff:04:a8:d3:a6:f5:59:1a:f4:25:
f5:44:ba:72:f4:6c:c0:5c:f7:f7:ae:51:ce:17:76:
08:95:20:1f:f6:b5:dc:78:94:96:4b:b5:50:2b:95:
21:fd:c3:4d:ff:8d:d4:4d:6d:b7:ea:5d:75:96:5a:
53:86:bd:a0:6c:09:1a:f2:6b:c9:08:d9:c7:38:2c:
b4:60:14:b1:8a:13:ee:46:75:e1:7c:02:3c:98:89:
1a:0f:98:f8:2b:b8:2d:81:85:79:cf:c5:ba:a9:ac:
5c:07:76:46:6f:65:5c:09:fa:42:05:a8:96:3e:0e:
97:56:fe:78:3b:96:d7:bd:c5:e3:a5:c5:00:9c:0a:
cd:c0:1d:d6:9f:bb:96:ef:a8:13:ca:53:7c:84:c8:
89:63:2f:4a:be:1c:8e:4c:7f:70:61:d0:f2:be:3a:
bc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E0:1B:E0:F6:C0:BE:DA:47:FF:74:D6:F4:D5:98:1B:6D:A3:29:D6
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cuAb4PbAvtpH_3TW9NWYG22jKdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.59.0/24
163.5.73.0/24
163.5.110.0-163.5.113.255
163.5.118.0/23
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.138.0/23
163.5.143.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.158.0/24
163.5.160.0/24
163.5.167.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.212.0/24
163.5.218.0/23
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.247.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:5f:29:2e:d8:e2:09:1b:64:2a:15:7a:f1:d8:69:35:ff:56:
8a:ee:f4:30:99:0f:5c:7f:d1:33:5a:1f:22:b3:27:2c:c0:c3:
37:4c:14:21:33:9d:0a:6c:a0:13:3f:46:4f:34:7f:da:87:75:
01:80:23:8d:2e:59:2c:25:4d:45:db:f5:e5:a6:f4:1d:2f:e9:
50:17:e7:6e:a9:13:51:1d:16:97:c7:4b:db:2d:5d:ad:37:36:
40:25:0c:16:30:72:f0:24:5b:13:9c:00:90:5c:0f:a4:29:56:
da:fc:04:c5:1a:ff:9c:7d:75:6e:da:7f:66:aa:1d:5b:b2:2c:
52:83:42:47:48:4a:d2:d3:b5:24:a7:69:7b:0f:c2:d8:18:9e:
ca:ab:b5:19:cb:75:b3:6a:88:9e:07:32:f6:9e:5b:27:48:66:
67:a0:f9:54:f9:8f:26:81:96:54:7a:d5:c5:0f:78:2b:9e:1e:
b4:49:71:48:4b:88:4b:d9:28:be:46:27:f7:3e:66:cf:ee:87:
d9:fe:5d:b9:7c:4f:2b:66:86:ca:3c:05:f5:78:f1:ff:06:2e:
92:0d:74:d0:2c:ec:28:48:52:cc:15:08:3b:69:d7:6c:8c:9b:
30:5f:1a:14:40:3a:e5:30:11:3a:8b:a2:58:0f:fe:6e:24:d9:
99:0b:be:13
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZR5C4n7v7gjDCrNQUo0xWOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTE4MTA1MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmUwMWJlMGY2YzBiZWRhNDdmZjc0ZDZmNGQ1OTgxYjZkYTMyOWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6A3OvpbXcjZ1e8AEcvRTp9ePCSw
jOpxoX/NaYD39s+7SoZRkkLlWWoYCY/YlkqAOCc61i87zPh27lBBuh6Oja+MVX6F
GhfUgG+2JpRZKKliMlnUl53gHpej5BtfWf8EqNOm9Vka9CX1RLpy9GzAXPf3rlHO
F3YIlSAf9rXceJSWS7VQK5Uh/cNN/43UTW236l11llpThr2gbAka8mvJCNnHOCy0
YBSxihPuRnXhfAI8mIkaD5j4K7gtgYV5z8W6qaxcB3ZGb2VcCfpCBaiWPg6XVv54
O5bXvcXjpcUAnArNwB3Wn7uW76gTylN8hMiJYy9KvhyOTH9wYdDyvjq8GwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFHLgG+D2wL7aR/901vTVmBttoynWMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvY3VBYjRQYkF2dHBIXzNUVzlOV1lHMjJqS2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBACj
BR4DBACjBTsDBACjBUkwDAMEAaMFbgMEAaMFcAMEAaMFdgMEAKMFeQMEAKMFfgME
AaMFgAMEAaMFijAMAwQAowWPAwQAowWQAwQAowWSAwQAowWXAwQAowWeAwQAowWg
AwQAowWnAwQAowWtAwQAowWvAwQBowWyAwQAowW2AwQAowW9AwQAowW/AwQBowXI
MAwDBACjBcsDBACjBc4DBACjBdQDBAGjBdoDBACjBeADBACjBeQDBACjBfEDBACj
BfcDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBAKpfKS7Y4gkbZCoVevHY
aTX/Voru9DCZD1x/0TNaHyKzJyzAwzdMFCEznQpsoBM/Rk80f9qHdQGAI40uWSwl
TUXb9eWm9B0v6VAX526pE1EdFpfHS9stXa03NkAlDBYwcvAkWxOcAJBcD6QpVtr8
BMUa/5x9dW7af2aqHVuyLFKDQkdIStLTtSSnaXsPwtgYnsqrtRnLdbNqiJ4HMvae
WydIZmeg+VT5jyaBllR61cUPeCueHrRJcUhLiEvZKL5GJ/c+Zs/uh9n+Xbl8Tytm
hso8BfV48f8GLpINdNAs7ChIUswVCDtp12yMmzBfGhRAOuUwETqLolgP/m4k2ZkL
vhM=
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:43:29 2025 by rpki-client