Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/koLgzmlFIytmksxoHWcedJuUkg4.roa
File: koLgzmlFIytmksxoHWcedJuUkg4.roa (raw, json)
Hash identifier: ZY6SNboeU5Udea3pikB9pPAq6AiT5CpVL3u58hFWW3U=
Subject key identifier: 92:82:E0:CE:69:45:23:2B:66:92:CC:68:1D:67:1E:74:9B:94:92:0E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01957AEBAAEDDE4F0515F2BCBB4D1B0FDEBB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/koLgzmlFIytmksxoHWcedJuUkg4.roa
Signing time: Sun 09 Mar 2025 12:40:19 +0000
ROA not before: Sun 09 Mar 2025 12:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.22.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Mar 2025 14:36:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7a:eb:aa:ed:de:4f:05:15:f2:bc:bb:4d:1b:0f:de:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 9 12:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9282e0ce6945232b6692cc681d671e749b94920e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a8:f1:a8:a9:4d:4f:f2:54:37:94:58:03:20:
a7:2c:47:1a:d6:d4:34:53:89:e3:0c:9f:81:43:85:
7b:33:5c:9e:22:1a:52:6b:aa:8c:0c:e5:5d:f2:93:
d9:4e:ee:a4:bd:2c:ee:39:11:8d:37:84:e3:66:fe:
1a:84:2d:43:e2:cd:58:4e:5a:b1:dc:13:5f:96:b4:
7b:4c:f6:0d:63:2f:35:78:31:b1:a3:df:cd:ce:cc:
ac:71:ec:f1:04:75:72:26:82:9d:86:08:61:4a:7b:
a5:79:42:e5:1b:60:47:a6:35:d2:c1:3b:82:a8:c6:
9f:75:ff:88:9a:a7:7a:88:c9:65:93:d7:93:84:eb:
df:85:0d:bc:39:91:e2:a9:46:7f:44:36:1d:94:71:
3e:82:50:04:8c:53:22:dd:be:c2:ee:aa:5b:0e:5e:
51:0c:d1:34:0a:37:14:9f:cc:5a:5d:85:a9:a8:cd:
9f:44:ab:09:84:02:c7:b7:ad:44:e3:16:e8:a6:8b:
fd:5b:d6:e0:f7:a3:28:72:2a:91:f7:c7:33:96:f7:
b6:53:a3:be:7e:2d:27:20:e9:74:5b:d7:ac:9a:e7:
e9:73:e6:f4:a3:1d:bc:bf:2e:a3:df:1c:b3:b7:54:
29:3f:8c:9e:e5:c0:4c:0c:39:f2:35:ae:6c:f2:e6:
c9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:82:E0:CE:69:45:23:2B:66:92:CC:68:1D:67:1E:74:9B:94:92:0E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/koLgzmlFIytmksxoHWcedJuUkg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.22.0/24
163.5.30.0/23
163.5.34.0/24
163.5.46.0/24
163.5.59.0/24
163.5.66.0/24
163.5.73.0/24
163.5.112.0/23
163.5.118.0/23
163.5.121.0/24
163.5.128.0/23
163.5.131.0/24
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.156.0/24
163.5.158.0/24
163.5.160.0/24
163.5.162.0/24
163.5.164.0/24
163.5.167.0/24
163.5.170.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.216.0/24
163.5.218.0/24
163.5.221.0/24
163.5.224.0/24
163.5.228.0/23
163.5.233.0/24
163.5.241.0/24
163.5.246.0/23
Signature Algorithm: sha256WithRSAEncryption
87:8d:ef:7a:7b:0b:44:61:b9:9f:04:ea:d5:ef:55:62:68:47:
2d:8d:7e:85:01:2e:e3:70:75:fd:fe:7c:b7:bd:e0:30:80:e2:
58:9f:09:10:da:61:71:fe:30:c2:e8:de:44:03:93:37:50:54:
93:a8:b3:37:d3:43:7c:ac:17:c5:44:ca:38:e3:5d:dd:70:fa:
65:88:c1:5f:2e:dd:66:19:36:7e:37:03:38:92:53:b7:c3:44:
60:7b:e5:dc:da:8b:47:26:20:26:c5:cc:c0:e1:96:fe:94:89:
33:dd:82:9b:9c:09:f5:c9:19:09:e1:09:8d:57:39:f9:d7:0a:
b0:48:6f:e4:80:30:66:ca:5b:77:b9:86:93:73:9b:03:7e:c3:
c6:2c:66:7d:21:ee:e0:e0:89:c7:2e:b5:a1:01:9d:4f:77:7d:
d6:5e:88:7d:96:e3:c9:f8:3d:26:09:6f:a7:1b:dc:8e:66:69:
82:32:fd:f1:55:dc:72:dd:2b:0f:ef:f7:6f:10:a7:64:12:3e:
11:f5:da:8b:75:d1:b8:52:4a:d8:ca:ad:06:6c:26:81:e7:b5:
f2:54:60:35:d3:ee:01:4a:7b:aa:e0:ed:cf:e3:9d:1e:8d:9f:
71:ee:b2:a1:02:e6:b0:10:94:36:e0:e0:a8:f5:d2:3e:51:84:
c9:d0:62:fc
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAZV666rt3k8FFfK8u00bD967MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMzA5MTI0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjgyZTBjZTY5NDUyMzJiNjY5MmNjNjgxZDY3MWU3NDliOTQ5MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKjxqKlNT/JUN5RYAyCnLEca1tQ0
U4njDJ+BQ4V7M1yeIhpSa6qMDOVd8pPZTu6kvSzuORGNN4TjZv4ahC1D4s1YTlqx
3BNflrR7TPYNYy81eDGxo9/NzsyscezxBHVyJoKdhghhSnuleULlG2BHpjXSwTuC
qMafdf+Imqd6iMllk9eThOvfhQ28OZHiqUZ/RDYdlHE+glAEjFMi3b7C7qpbDl5R
DNE0CjcUn8xaXYWpqM2fRKsJhALHt61E4xbopov9W9bg96MociqR98czlve2U6O+
fi0nIOl0W9esmufpc+b0ox28vy6j3xyzt1QpP4ye5cBMDDnyNa5s8ubJ4wIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFJKC4M5pRSMrZpLMaB1nHnSblJIOMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva29MZ3ptbEZJeXRta3N4b0hXY2VkSnVVa2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAKMFFgMEAaMFHgMEAKMFIgMEAKMFLgMEAKMFOwMEAKMFQgMEAKMFSQMEAaMF
cAMEAaMFdgMEAKMFeQMEAaMFgAMEAKMFgwMEAaMFijAMAwQBowWOAwQAowWQAwQA
owWSAwQAowWXAwQAowWcAwQAowWeAwQAowWgAwQAowWiAwQAowWkAwQAowWnAwQA
owWqAwQAowWtAwQAowWvAwQBowWyAwQAowW2AwQAowW6AwQAowW9AwQAowW/AwQB
owXIMAwDBACjBcsDBACjBc4DBACjBdEDBACjBdgDBACjBdoDBACjBd0DBACjBeAD
BAGjBeQDBACjBekDBACjBfEDBAGjBfYwDQYJKoZIhvcNAQELBQADggEBAIeN73p7
C0RhuZ8E6tXvVWJoRy2NfoUBLuNwdf3+fLe94DCA4lifCRDaYXH+MMLo3kQDkzdQ
VJOoszfTQ3ysF8VEyjjjXd1w+mWIwV8u3WYZNn43AziSU7fDRGB75dzai0cmICbF
zMDhlv6UiTPdgpucCfXJGQnhCY1XOfnXCrBIb+SAMGbKW3e5hpNzmwN+w8YsZn0h
7uDgiccutaEBnU93fdZeiH2W48n4PSYJb6cb3I5maYIy/fFV3HLdKw/v928Qp2QS
PhH12ot10bhSStjKrQZsJoHntfJUYDXT7gFKe6rg7c/jnR6Nn3HusqEC5rAQlDbg
4Kj10j5RhMnQYvw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:15 2025 by rpki-client