Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kJQvp3aNA6mvCtx41R8gYAph3CE.roa
File: kJQvp3aNA6mvCtx41R8gYAph3CE.roa (raw, json)
Hash identifier: 6HvA4Afi2rXfq0gjQnZNLTBudJWZ49rnpU8LXGGagYg=
Subject key identifier: 90:94:2F:A7:76:8D:03:A9:AF:0A:DC:78:D5:1F:20:60:0A:61:DC:21
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018C788E622FAB5B42EB1C08F7B347B24ECA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kJQvp3aNA6mvCtx41R8gYAph3CE.roa
Signing time: Sun 17 Dec 2023 16:14:06 +0000
ROA not before: Sun 17 Dec 2023 16:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Dec 2023 11:10:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:78:8e:62:2f:ab:5b:42:eb:1c:08:f7:b3:47:b2:4e:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 17 16:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90942fa7768d03a9af0adc78d51f20600a61dc21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ad:b3:3b:87:4c:dd:04:c0:b3:5d:f7:5a:88:
a4:71:62:1a:06:27:fc:f7:e3:ee:de:3f:a8:ac:80:
38:8b:4f:55:2d:90:0c:6a:60:d3:e6:4a:ca:71:ef:
cd:05:83:a8:ba:73:fe:3c:b5:3e:bb:80:3a:e1:3f:
9c:90:a3:c9:46:33:c3:bd:5f:12:a6:82:d4:fc:13:
3f:17:3b:7e:d7:95:12:46:12:7a:75:b8:c5:2a:cb:
9c:f7:89:5a:e3:ce:85:d3:c0:58:3d:52:9a:8e:fe:
1e:c6:a0:78:5d:b6:f1:4e:97:b7:56:0f:8e:f7:8b:
3e:6e:33:9c:bd:ac:26:55:1d:d2:4b:ad:c2:2f:f4:
94:f5:a4:7b:f6:61:33:26:43:74:5f:b6:e5:9c:99:
6e:77:d6:b7:24:9b:29:a6:2e:2d:69:20:81:88:4b:
89:77:f0:c7:18:9c:7d:67:5a:c9:3b:f7:2b:06:08:
a4:79:09:64:7f:ab:49:2c:73:dc:57:03:38:74:5f:
94:af:f8:8e:ad:3d:d2:a3:de:de:85:d1:15:90:62:
c7:db:4c:26:8a:8f:f1:96:4a:15:74:eb:ea:82:45:
52:8c:e8:e2:38:1f:42:4d:ca:b7:7f:74:ce:dc:b0:
18:56:47:ee:a2:c0:46:3b:6a:09:72:9e:41:71:10:
e7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:94:2F:A7:76:8D:03:A9:AF:0A:DC:78:D5:1F:20:60:0A:61:DC:21
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kJQvp3aNA6mvCtx41R8gYAph3CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.36.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.106.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.139.0/24
163.5.142.0/23
163.5.146.0/24
163.5.148.0/22
163.5.156.0/24
163.5.160.0/24
163.5.167.0/24
163.5.170.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.223.0-163.5.224.255
163.5.228.0/24
163.5.241.0/24
163.5.244.0/24
163.5.250.0/24
163.5.253.0/24
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
11:5a:e1:25:58:36:96:bc:66:c2:83:c1:33:ed:c5:f2:2e:6c:
67:cb:44:60:f1:5b:89:a2:86:fb:33:46:2a:ae:4e:4c:43:34:
dc:97:ea:df:1d:fc:e9:91:23:a2:39:3c:8b:ac:0b:7b:65:de:
7f:1a:74:35:60:bf:6a:18:71:6b:be:8d:be:52:95:90:bb:e6:
56:06:86:47:d5:1e:19:48:95:b2:28:4f:c3:d2:d5:32:35:e4:
5c:19:b9:ca:1b:ff:19:70:df:59:53:ab:89:fc:c8:56:d5:68:
55:cb:2c:6e:d4:3b:14:f6:0b:d7:38:ee:87:64:67:f8:d7:0e:
73:b2:95:e7:6b:2d:72:a5:68:27:0d:32:ce:ca:96:a4:35:4c:
0c:da:ce:34:7b:37:76:74:f1:b8:37:e5:10:88:00:20:46:94:
cc:5b:fc:96:4e:60:a0:74:00:c4:19:a3:53:10:d1:4d:c6:6b:
c5:fe:09:aa:b8:dd:fa:18:33:fc:15:61:b8:81:02:bc:67:5c:
ab:6f:94:e4:b3:f4:fd:63:96:41:cf:ce:d3:de:90:6a:e2:c6:
48:03:94:a3:58:cd:e6:45:32:02:b1:a0:7d:17:c4:2e:87:67:
9c:54:be:72:bb:50:91:f5:90:f0:6e:1f:b5:f1:78:49:4c:d7:
3c:3b:ad:9e
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAYx4jmIvq1tC6xwI97NHsk7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjE3MTYxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDk0MmZhNzc2OGQwM2E5YWYwYWRjNzhkNTFmMjA2MDBhNjFkYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAia2zO4dM3QTAs133WoikcWIaBif8
9+Pu3j+orIA4i09VLZAMamDT5krKce/NBYOounP+PLU+u4A64T+ckKPJRjPDvV8S
poLU/BM/Fzt+15USRhJ6dbjFKsuc94la486F08BYPVKajv4exqB4XbbxTpe3Vg+O
94s+bjOcvawmVR3SS63CL/SU9aR79mEzJkN0X7blnJlud9a3JJsppi4taSCBiEuJ
d/DHGJx9Z1rJO/crBgikeQlkf6tJLHPcVwM4dF+Ur/iOrT3So97ehdEVkGLH20wm
io/xlkoVdOvqgkVSjOjiOB9CTcq3f3TO3LAYVkfuosBGO2oJcp5BcRDnWwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFJCUL6d2jQOprwrceNUfIGAKYdwhMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva0pRdnAzYU5BNm12Q3R4NDFSOGdZQXBoM0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQA
owUeAwQAowUkAwQAowVPAwQAowVTAwQAowVZAwQBowVeAwQAowVqMAwDBAGjBW4D
BAGjBXADBACjBXkDBACjBX4DBACjBYADBACjBYYDBACjBYsDBAGjBY4DBACjBZID
BAKjBZQDBACjBZwDBACjBaADBACjBacDBACjBaoDBACjBbIwDAMEAKMFtQMEAKMF
tgMEAaMFvAMEAKMFvwMEAKMFyTAMAwQAowXLAwQBowXMAwQAowXaMAwDBACjBd8D
BACjBeADBACjBeQDBACjBfEDBACjBfQDBACjBfoDBACjBf0DBACjBf8wDQYJKoZI
hvcNAQELBQADggEBABFa4SVYNpa8ZsKDwTPtxfIubGfLRGDxW4mihvszRiquTkxD
NNyX6t8d/OmRI6I5PIusC3tl3n8adDVgv2oYcWu+jb5SlZC75lYGhkfVHhlIlbIo
T8PS1TI15FwZucob/xlw31lTq4n8yFbVaFXLLG7UOxT2C9c47odkZ/jXDnOyledr
LXKlaCcNMs7KlqQ1TAzazjR7N3Z08bg35RCIACBGlMxb/JZOYKB0AMQZo1MQ0U3G
a8X+Caq43foYM/wVYbiBArxnXKtvlOSz9P1jlkHPztPekGrixkgDlKNYzeZFMgKx
oH0XxC6HZ5xUvnK7UJH1kPBuH7XxeElM1zw7rZ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org