Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/l9OcY6yD7EsZ3AAdIIht7vz1g2w.roa
File: l9OcY6yD7EsZ3AAdIIht7vz1g2w.roa (raw, json)
Hash identifier: g1td288jkTNgdIZY/sroPw/NtdYOo4lihu860qIOj2Y=
Subject key identifier: 97:D3:9C:63:AC:83:EC:4B:19:DC:00:1D:20:88:6D:EE:FC:F5:83:6C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018F9C6485F5B62B53B208536396C125A949
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/l9OcY6yD7EsZ3AAdIIht7vz1g2w.roa
Signing time: Tue 21 May 2024 18:23:04 +0000
ROA not before: Tue 21 May 2024 18:23:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 20:24:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9c:64:85:f5:b6:2b:53:b2:08:53:63:96:c1:25:a9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 21 18:23:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97d39c63ac83ec4b19dc001d20886deefcf5836c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:23:e4:85:d9:e1:9d:e5:89:c0:97:02:6b:
5d:c9:af:98:1f:b9:9e:0b:6c:ac:49:63:24:c4:d5:
f8:f1:f2:32:af:ba:02:e4:72:6f:0a:41:99:7f:e0:
65:73:2f:e0:90:2e:4b:bc:a4:c9:12:6f:de:04:7f:
9e:ff:94:9e:c4:b8:08:cf:fb:37:04:43:bc:fe:d9:
91:ac:45:ce:37:34:11:b9:14:b1:e1:60:06:b4:35:
71:66:fb:0c:91:b4:06:84:db:6a:fd:88:c4:54:a9:
07:a2:c5:bb:82:6d:47:fc:ad:76:57:af:dc:07:21:
40:e1:dc:0b:2d:05:78:a2:ec:c6:88:02:b4:15:eb:
d1:d9:8f:79:c6:e4:45:0b:93:ff:3b:4d:32:54:9c:
83:7c:63:42:f9:18:a8:73:ef:0f:85:23:6e:bb:f0:
bb:89:32:83:5a:99:e2:c2:cf:8d:8e:7c:e0:4d:f1:
b7:a6:e5:f0:93:47:32:8e:24:ee:cb:c4:1f:3a:c5:
5a:5f:f8:e1:ad:64:18:35:af:33:fc:b6:14:21:e7:
51:25:7c:00:98:81:8f:c2:3c:10:2a:b0:96:84:17:
17:15:29:02:a9:33:9c:c7:ed:b3:34:f5:83:24:62:
d2:65:30:10:43:57:6d:ce:6e:9a:16:22:da:89:74:
42:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D3:9C:63:AC:83:EC:4B:19:DC:00:1D:20:88:6D:EE:FC:F5:83:6C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/l9OcY6yD7EsZ3AAdIIht7vz1g2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.53.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.136.0/24
163.5.139.0/24
163.5.141.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.215.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:e4:28:8f:e3:cd:05:e2:8c:c5:2f:8f:c4:1e:40:d7:17:ee:
4c:6a:1b:ba:63:58:d5:3c:0b:bd:49:65:6c:22:27:c6:81:af:
7a:55:b0:de:8c:be:84:cc:88:1f:6b:90:bd:4c:6d:5b:60:24:
f1:84:09:f7:05:18:ad:13:7a:b5:e5:1d:c5:39:45:39:dc:9c:
f2:2c:18:71:4a:7f:9f:7a:85:b8:25:ba:d9:29:1b:a6:3c:d3:
4a:e8:58:4c:74:9d:df:80:2f:4e:45:ee:68:bd:e4:26:c0:d7:
e0:6f:0d:f0:6e:9c:61:cf:d6:22:d0:2a:9d:b5:b3:87:df:9e:
e1:5c:77:29:6a:06:b9:23:dc:7c:1d:98:dd:60:ea:53:b2:2e:
50:94:21:2b:4e:b3:22:27:94:cf:3b:c1:e1:c9:f4:17:6e:f6:
9f:79:12:34:95:00:d2:ce:f0:53:1c:d0:98:68:81:e2:b1:34:
b4:b8:3e:4c:b9:14:de:55:3f:9e:a3:1d:57:82:40:b9:e2:46:
37:e6:4d:cf:68:1e:3e:e8:c4:b9:26:b5:89:8d:a5:7c:9e:28:
4d:c3:e8:a5:26:63:30:b9:d6:ff:c3:ff:73:99:d8:4e:28:ed:
22:66:4c:fd:77:e2:79:81:3e:01:2a:f6:b5:07:6f:40:0c:6d:
67:07:49:8e
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAY+cZIX1titTsghTY5bBJalJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTIxMTgyMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2QzOWM2M2FjODNlYzRiMTlkYzAwMWQyMDg4NmRlZWZjZjU4MzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhgj5IXZ4Z3licCXAmtdya+YH7me
C2ysSWMkxNX48fIyr7oC5HJvCkGZf+Blcy/gkC5LvKTJEm/eBH+e/5SexLgIz/s3
BEO8/tmRrEXONzQRuRSx4WAGtDVxZvsMkbQGhNtq/YjEVKkHosW7gm1H/K12V6/c
ByFA4dwLLQV4ouzGiAK0FevR2Y95xuRFC5P/O00yVJyDfGNC+Rioc+8PhSNuu/C7
iTKDWpniws+NjnzgTfG3puXwk0cyjiTuy8QfOsVaX/jhrWQYNa8z/LYUIedRJXwA
mIGPwjwQKrCWhBcXFSkCqTOcx+2zNPWDJGLSZTAQQ1dtzm6aFiLaiXRCBQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFJfTnGOsg+xLGdwAHSCIbe789YNsMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbDlPY1k2eUQ3RXNaM0FBZElJaHQ3dnoxZzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBACj
BR4DBACjBTUDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQCowV8AwQAowV+
AwQBowWAAwQAowWIAwQAowWLAwQAowWNAwQAowWPAwQAowWSAwQAowWXAwQAowWg
AwQAowWnAwQAowWyAwQAowW2AwQBowW8AwQAowW/AwQAowXHAwQAowXJMAwDBACj
BcsDBAGjBcwDBACjBdcDBACjBdoDBACjBeADBACjBeQDBACjBfEDBACjBfoDBACj
Bf0wDQYJKoZIhvcNAQELBQADggEBAJ/kKI/jzQXijMUvj8QeQNcX7kxqG7pjWNU8
C71JZWwiJ8aBr3pVsN6MvoTMiB9rkL1MbVtgJPGECfcFGK0TerXlHcU5RTncnPIs
GHFKf596hbglutkpG6Y800roWEx0nd+AL05F7mi95CbA1+BvDfBunGHP1iLQKp21
s4ffnuFcdylqBrkj3HwdmN1g6lOyLlCUIStOsyInlM87weHJ9Bdu9p95EjSVANLO
8FMc0JhogeKxNLS4Pky5FN5VP56jHVeCQLniRjfmTc9oHj7oxLkmtYmNpXyeKE3D
6KUmYzC51v/D/3OZ2E4o7SJmTP134nmBPgEq9rUHb0AMbWcHSY4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org