Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gKfn5-Etrj-UPjJhxQ08QLg-Rmg.roa
File: gKfn5-Etrj-UPjJhxQ08QLg-Rmg.roa (raw, json)
Hash identifier: JE48zVfaCsWs/kGh7lutquataXMulcfy9duTtZYJp0U=
Subject key identifier: 80:A7:E7:E7:E1:2D:AE:3F:94:3E:32:61:C5:0D:3C:40:B8:3E:46:68
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D4F13E262D655231B6D597F67E86A7DE0
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gKfn5-Etrj-UPjJhxQ08QLg-Rmg.roa
Signing time: Sun 28 Jan 2024 07:58:39 +0000
ROA not before: Sun 28 Jan 2024 07:58:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 14:06:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4f:13:e2:62:d6:55:23:1b:6d:59:7f:67:e8:6a:7d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 28 07:58:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80a7e7e7e12dae3f943e3261c50d3c40b83e4668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:84:f3:94:da:6f:d4:aa:88:88:0e:7c:79:da:
27:b8:a2:22:22:cf:54:51:24:0c:7d:bb:a6:a7:0d:
ab:09:4a:b5:c8:53:1f:7b:34:8a:37:ef:e3:73:e5:
26:04:d9:50:b4:07:63:a4:a6:59:55:b5:35:b5:f4:
dd:d0:ab:09:c6:95:6e:c7:c0:35:02:aa:21:48:4d:
0e:1c:74:36:e5:4c:57:3a:df:73:a9:96:27:17:f7:
18:83:a2:8b:0f:39:29:79:6a:27:e8:a7:e5:bc:60:
5a:ed:4a:60:ff:c7:3c:9f:a1:71:d5:72:2b:bc:6a:
41:4f:4d:0f:2a:9a:ba:d4:23:82:44:25:8b:4c:fb:
88:be:d2:a4:04:45:a1:ef:a1:1d:6c:6a:0f:24:55:
8c:0e:5f:1a:a6:80:c1:79:18:1d:d7:70:e1:1c:e9:
f5:70:88:4c:3c:0f:8a:ba:2f:96:c1:3b:d4:59:70:
92:5f:01:1a:55:49:ec:50:e4:b0:5d:36:96:88:ce:
8f:bf:ca:65:d7:c8:7e:b2:df:ac:00:25:9d:28:88:
5b:f9:65:8c:13:f0:8c:7c:9e:04:3a:ad:f7:d5:0a:
e5:14:01:c0:63:70:ea:ee:1d:75:e9:c8:4e:0f:6f:
af:32:21:1f:43:7e:f2:b6:a4:e8:52:da:25:f1:46:
1e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A7:E7:E7:E1:2D:AE:3F:94:3E:32:61:C5:0D:3C:40:B8:3E:46:68
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gKfn5-Etrj-UPjJhxQ08QLg-Rmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
08:98:40:0a:0c:1c:87:56:7f:c5:b3:ff:76:8f:e9:ae:32:5d:
19:d3:32:af:f3:ec:b2:11:f7:83:15:7d:9d:eb:3e:d5:68:c4:
cd:2a:a3:d2:e3:a3:da:06:44:b8:89:8c:31:6d:70:09:eb:d1:
de:cd:d0:d3:86:9d:d9:c4:54:ac:68:15:03:b9:98:8e:57:98:
dd:d0:07:91:81:31:90:f6:9a:c7:f7:93:6f:80:2e:6f:c8:04:
a9:02:06:9d:4e:b8:96:48:91:e2:dd:68:a7:f9:22:74:01:07:
58:87:8f:62:7d:9c:35:74:8e:ba:54:8b:82:1c:1b:64:d9:73:
3a:79:f9:42:66:f9:ce:02:05:c0:3f:9c:c7:ef:57:b2:e5:20:
2c:3e:6b:35:05:79:29:91:3c:ff:5e:05:3f:64:0b:e9:53:c3:
da:55:e9:d1:74:0c:d7:80:c9:fa:3b:3f:d6:79:2e:2f:9e:76:
ed:56:a2:60:c7:19:72:69:e0:8f:d0:2e:01:22:89:cf:6a:2f:
11:ff:3f:f9:46:b0:ef:41:4d:a7:df:98:54:1f:6c:0c:28:82:
7a:ab:e7:91:d2:d0:a1:34:44:bb:19:46:70:f3:3b:39:dd:75:
0b:e0:4f:32:02:c7:04:57:b8:09:dc:03:f3:9d:25:73:8f:ad:
13:68:5c:e7
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAY1PE+Ji1lUjG21Zf2foan3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTI4MDc1ODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE3ZTdlN2UxMmRhZTNmOTQzZTMyNjFjNTBkM2M0MGI4M2U0NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYTzlNpv1KqIiA58edonuKIiIs9U
USQMfbumpw2rCUq1yFMfezSKN+/jc+UmBNlQtAdjpKZZVbU1tfTd0KsJxpVux8A1
AqohSE0OHHQ25UxXOt9zqZYnF/cYg6KLDzkpeWon6KflvGBa7Upg/8c8n6Fx1XIr
vGpBT00PKpq61COCRCWLTPuIvtKkBEWh76EdbGoPJFWMDl8apoDBeRgd13DhHOn1
cIhMPA+Kui+WwTvUWXCSXwEaVUnsUOSwXTaWiM6Pv8pl18h+st+sACWdKIhb+WWM
E/CMfJ4EOq331QrlFAHAY3Dq7h116chOD2+vMiEfQ37ytqToUtol8UYe9QIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFICn5+fhLa4/lD4yYcUNPEC4PkZoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZ0tmbjUtRXRyai1VUGpKaHhRMDhRTGctUm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBACj
BR4DBACjBU8DBACjBVMDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgME
AKMFgAMEAKMFhgMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlAMEAaMFlgMEAKMFoAME
AKMFpwMEAKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAKMFyTAMAwQAowXLAwQBowXM
AwQAowXaAwQAowXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9MA0GCSqGSIb3DQEB
CwUAA4IBAQAImEAKDByHVn/Fs/92j+muMl0Z0zKv8+yyEfeDFX2d6z7VaMTNKqPS
46PaBkS4iYwxbXAJ69HezdDThp3ZxFSsaBUDuZiOV5jd0AeRgTGQ9prH95NvgC5v
yASpAgadTriWSJHi3Win+SJ0AQdYh49ifZw1dI66VIuCHBtk2XM6eflCZvnOAgXA
P5zH71ey5SAsPms1BXkpkTz/XgU/ZAvpU8PaVenRdAzXgMn6Oz/WeS4vnnbtVqJg
xxlyaeCP0C4BIonPai8R/z/5RrDvQU2n35hUH2wMKIJ6q+eR0tChNES7GUZw8zs5
3XUL4E8yAscEV7gJ3APznSVzj60TaFzn
-----END CERTIFICATE-----
Generated at Tue Jan 30 19:34:54 2024 by rpki-client on console-fra.rpki-client.org