Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nJ7EPoXnnwONOe2f8ixch1TjWLw.roa
File: nJ7EPoXnnwONOe2f8ixch1TjWLw.roa (raw, json)
Hash identifier: b2uss5NGcNpvSgcyRy4b3rWKovA4wlJb9JYx8xF9QWo=
Subject key identifier: 9C:9E:C4:3E:85:E7:9F:03:8D:39:ED:9F:F2:2C:5C:87:54:E3:58:BC
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0196A4C0A45A6CB76B7FF761B673E9E248E2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nJ7EPoXnnwONOe2f8ixch1TjWLw.roa
Signing time: Tue 06 May 2025 08:40:10 +0000
ROA not before: Tue 06 May 2025 08:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.184.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.237.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 12:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:c0:a4:5a:6c:b7:6b:7f:f7:61:b6:73:e9:e2:48:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 6 08:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c9ec43e85e79f038d39ed9ff22c5c8754e358bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d8:9c:ec:57:b8:5d:34:92:19:2b:28:a6:62:
f3:38:19:34:1d:c3:71:5e:db:f2:a6:58:75:09:f8:
2d:9d:6e:7c:18:5b:57:13:25:76:fd:ae:fc:6a:4b:
e6:61:56:d8:36:6a:ab:2a:70:ec:e5:3b:99:86:94:
5b:20:f6:71:3b:68:b3:fe:96:74:51:1b:0f:a4:d0:
6a:24:18:75:8e:3f:76:e1:53:df:48:6d:c3:a4:e8:
2c:4d:1d:79:4c:5c:8e:cf:98:65:d2:b4:84:b4:e6:
f5:a9:db:d3:f4:39:41:50:31:0b:9e:51:12:70:e2:
1c:19:c0:7e:7b:f2:ae:6a:fd:63:8f:a0:c0:ba:1c:
71:69:88:d4:18:75:cb:2e:b9:0e:0e:75:6a:5e:8f:
08:b5:9e:93:3a:be:bf:b4:bd:eb:01:b7:e2:54:67:
db:9b:8e:f3:c8:37:da:90:24:aa:1f:b7:11:5f:1f:
e4:b0:fe:fa:c9:2e:55:4a:28:d6:b8:b8:23:9b:a6:
17:78:6a:d3:f9:f8:26:8a:0a:32:b4:31:7c:c7:21:
38:50:90:ed:91:c8:6d:23:a9:59:77:a8:23:8a:18:
81:c5:fb:32:ed:36:df:c3:19:51:9b:83:aa:10:35:
95:f9:92:cc:80:0b:e2:12:53:04:e6:77:a1:49:2d:
22:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:9E:C4:3E:85:E7:9F:03:8D:39:ED:9F:F2:2C:5C:87:54:E3:58:BC
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nJ7EPoXnnwONOe2f8ixch1TjWLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.59.0/24
163.5.66.0/24
163.5.73.0/24
163.5.92.0/24
163.5.112.0/23
163.5.119.0/24
163.5.121.0/24
163.5.128.0/23
163.5.133.0/24
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.164.0/24
163.5.167.0/24
163.5.170.0/24
163.5.173.0/24
163.5.178.0/24
163.5.182.0/24
163.5.184.0/24
163.5.186.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.216.0/24
163.5.218.0/24
163.5.224.0/23
163.5.228.0/24
163.5.230.0/24
163.5.233.0/24
163.5.237.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
64:28:dc:c9:e3:ca:38:fc:8c:8c:e9:c6:c6:fc:00:53:10:24:
3c:45:70:dd:c8:0a:fa:da:66:10:8d:fa:c4:1c:cc:dd:ec:04:
b7:17:4a:0d:40:f9:b3:6f:21:1b:ef:72:d1:58:2b:ae:01:27:
ad:37:a8:10:1c:4e:d9:ab:8e:ad:6e:c6:af:a6:e3:9a:7f:06:
a9:90:94:d8:8b:8e:32:09:45:e8:4a:10:f3:02:31:aa:40:37:
10:45:3a:4f:c4:26:24:2b:e7:b7:d2:bf:5b:4a:98:b0:68:62:
fa:f6:7e:b3:fd:a3:0b:ca:10:43:a2:0a:8b:c8:13:27:b0:8b:
81:3c:82:e3:4e:2e:c1:22:a1:73:04:5d:6e:b0:a7:a8:c4:77:
2d:8d:bf:8a:60:01:8b:7f:30:a1:5f:cf:b3:c3:6f:52:67:04:
58:d1:05:d2:9b:7f:d6:b0:fd:3c:da:db:6a:9a:b8:8b:be:59:
62:d9:f9:a0:26:2f:ab:b8:3b:8e:b3:1b:73:16:55:89:36:4a:
86:ef:ca:74:94:e8:37:d5:15:b4:ba:0f:53:f5:d1:1b:f8:c2:
61:54:e9:1d:30:63:88:bf:a6:75:b6:f8:c0:e1:95:5c:0e:cb:
3c:ed:ad:0e:db:8e:4a:27:5d:17:bc:d0:bd:35:ed:a7:dd:16:
04:c9:77:a9
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAZakwKRabLdrf/dhtnPp4kjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNTA2MDg0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzllYzQzZTg1ZTc5ZjAzOGQzOWVkOWZmMjJjNWM4NzU0ZTM1OGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdic7Fe4XTSSGSsopmLzOBk0HcNx
Xtvyplh1CfgtnW58GFtXEyV2/a78akvmYVbYNmqrKnDs5TuZhpRbIPZxO2iz/pZ0
URsPpNBqJBh1jj924VPfSG3DpOgsTR15TFyOz5hl0rSEtOb1qdvT9DlBUDELnlES
cOIcGcB+e/Kuav1jj6DAuhxxaYjUGHXLLrkODnVqXo8ItZ6TOr6/tL3rAbfiVGfb
m47zyDfakCSqH7cRXx/ksP76yS5VSijWuLgjm6YXeGrT+fgmigoytDF8xyE4UJDt
kchtI6lZd6gjihiBxfsy7TbfwxlRm4OqEDWV+ZLMgAviElME5nehSS0iFwIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFJyexD6F558DjTntn/IsXIdU41i8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbko3RVBvWG5ud09OT2UyZjhpeGNoMVRqV0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
owUeAwQAowU7AwQAowVCAwQAowVJAwQAowVcAwQBowVwAwQAowV3AwQAowV5AwQB
owWAAwQAowWFAwQBowWKMAwDBAGjBY4DBACjBZADBACjBZIDBACjBZcDBACjBaAD
BACjBaIDBACjBaQDBACjBacDBACjBaoDBACjBa0DBACjBbIDBACjBbYDBACjBbgD
BACjBboDBACjBb0DBACjBb8DBAGjBcgwDAMEAKMFywMEAKMFzgMEAKMF0QMEAKMF
2AMEAKMF2gMEAaMF4AMEAKMF5AMEAKMF5gMEAKMF6QMEAKMF7QMEAKMF8TANBgkq
hkiG9w0BAQsFAAOCAQEAZCjcyePKOPyMjOnGxvwAUxAkPEVw3cgK+tpmEI36xBzM
3ewEtxdKDUD5s28hG+9y0VgrrgEnrTeoEBxO2auOrW7Gr6bjmn8GqZCU2IuOMglF
6EoQ8wIxqkA3EEU6T8QmJCvnt9K/W0qYsGhi+vZ+s/2jC8oQQ6IKi8gTJ7CLgTyC
404uwSKhcwRdbrCnqMR3LY2/imABi38woV/Ps8NvUmcEWNEF0pt/1rD9PNrbapq4
i75ZYtn5oCYvq7g7jrMbcxZViTZKhu/KdJToN9UVtLoPU/XRG/jCYVTpHTBjiL+m
dbb4wOGVXA7LPO2tDtuOSiddF7zQvTXtp90WBMl3qQ==
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:41:40 2025 by rpki-client