Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nMjs1-46oe7nJcpTk8f7GNRkABE.roa
File: nMjs1-46oe7nJcpTk8f7GNRkABE.roa (raw, json)
Hash identifier: uTOwow9y36pgUPOpykvuQCIePaAiPHGunI/rpRa2vNQ=
Subject key identifier: 9C:C8:EC:D7:EE:3A:A1:EE:E7:25:CA:53:93:C7:FB:18:D4:64:00:11
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018FD451E42BD833E189D0B9DED89EC9907E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nMjs1-46oe7nJcpTk8f7GNRkABE.roa
Signing time: Sat 01 Jun 2024 15:01:27 +0000
ROA not before: Sat 01 Jun 2024 15:01:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 10:55:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d4:51:e4:2b:d8:33:e1:89:d0:b9:de:d8:9e:c9:90:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 1 15:01:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cc8ecd7ee3aa1eee725ca5393c7fb18d4640011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6e:ef:41:97:7b:ae:83:49:a2:8e:a5:a3:e8:
83:44:ee:b9:a5:55:e1:35:7a:d6:26:af:1a:68:6a:
09:67:fe:21:87:e7:ab:0b:6e:0f:29:01:ec:08:e0:
e7:bc:8e:36:c6:f5:ba:78:33:2b:9b:26:92:48:d2:
cd:5b:1b:a5:df:bf:b1:10:e2:00:aa:a8:3d:96:a8:
1b:39:85:25:20:80:14:94:59:01:74:15:0b:74:72:
61:f4:4d:d9:9b:e9:81:6d:70:4c:74:b4:c0:92:56:
f0:4b:6d:fe:ad:c9:1d:2b:56:50:13:68:a1:39:43:
94:24:a2:b8:95:23:12:8e:a2:36:8a:0f:7e:7d:94:
7a:44:ac:f6:50:51:70:7f:8f:da:07:ed:f7:7a:e6:
88:6b:09:b6:47:d7:93:ee:34:21:d1:76:e6:f7:31:
34:7e:ad:df:95:ea:81:19:e3:b8:d9:e9:5a:2f:ea:
b7:16:4a:6c:0b:3a:4c:3a:79:e8:1a:cd:79:9a:57:
70:38:26:67:31:d3:2d:97:53:7f:78:5e:b1:bd:03:
1a:56:83:41:3e:f9:5e:3e:ad:03:25:2a:5e:e2:6d:
24:84:6a:a7:f4:33:0f:a1:cf:9f:20:ac:51:eb:ae:
95:f2:20:5a:18:ef:99:d5:9c:b8:c5:b1:8f:c2:02:
ef:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C8:EC:D7:EE:3A:A1:EE:E7:25:CA:53:93:C7:FB:18:D4:64:00:11
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nMjs1-46oe7nJcpTk8f7GNRkABE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.51.0/24
163.5.53.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.136.0/24
163.5.139.0/24
163.5.141.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.166.0/23
163.5.178.0/24
163.5.182.0/24
163.5.185.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0-163.5.201.255
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.244.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
91:a8:da:23:8e:6c:8f:94:4c:28:a5:ba:f6:1a:d4:c8:01:bf:
41:26:0c:9a:88:0f:23:13:72:8c:8b:7c:c7:e9:a0:fe:ed:4f:
f2:b3:de:e5:3b:9e:50:74:b3:3d:87:0c:8e:52:3a:50:94:cf:
31:a0:a9:bc:3c:d1:3f:aa:d5:23:d7:dc:06:72:4e:fe:8a:e2:
42:ad:2b:58:26:5d:fa:b7:53:6c:2c:48:04:d9:19:39:fb:0a:
27:c9:c6:9d:24:15:fe:a1:f1:b3:dc:70:cc:c1:8d:8f:8a:0f:
50:12:b3:33:4e:c2:4d:93:67:be:15:fd:73:be:0b:a2:d1:a1:
22:53:33:20:f5:2e:69:9e:35:03:4c:be:31:1a:be:31:10:56:
3d:6d:a6:7c:12:b8:8c:1c:0d:d1:8b:33:09:39:dd:81:73:f5:
24:78:85:e8:a1:0a:00:90:3c:cb:8a:4e:ff:04:7f:73:76:fc:
a8:b9:1a:1c:a6:25:ea:a2:d4:5d:c3:6b:51:a4:4b:d8:35:b8:
80:a5:f2:f3:31:d7:ce:29:92:21:67:c5:88:b2:78:ca:0e:c5:
18:32:00:93:b1:ac:d5:35:f2:f0:11:81:61:33:cd:b0:71:ae:
45:12:ff:87:46:63:e7:30:03:25:48:84:de:5e:f8:bb:3a:c1:
27:95:ae:5f
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAY/UUeQr2DPhidC53tieyZB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNjAxMTUwMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M4ZWNkN2VlM2FhMWVlZTcyNWNhNTM5M2M3ZmIxOGQ0NjQwMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG7vQZd7roNJoo6lo+iDRO65pVXh
NXrWJq8aaGoJZ/4hh+erC24PKQHsCODnvI42xvW6eDMrmyaSSNLNWxul37+xEOIA
qqg9lqgbOYUlIIAUlFkBdBULdHJh9E3Zm+mBbXBMdLTAklbwS23+rckdK1ZQE2ih
OUOUJKK4lSMSjqI2ig9+fZR6RKz2UFFwf4/aB+33euaIawm2R9eT7jQh0Xbm9zE0
fq3fleqBGeO42elaL+q3FkpsCzpMOnnoGs15mldwOCZnMdMtl1N/eF6xvQMaVoNB
PvlePq0DJSpe4m0khGqn9DMPoc+fIKxR666V8iBaGO+Z1Zy4xbGPwgLvIwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFJzI7NfuOqHu5yXKU5PH+xjUZAARMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbk1qczEtNDZvZTduSmNwVGs4ZjdHTlJrQUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBACj
BR4DBACjBTMDBACjBTUDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQCowV8
AwQAowV+AwQBowWAAwQAowWIAwQAowWLAwQAowWNAwQAowWPAwQAowWSAwQAowWX
AwQAowWgAwQAowWiAwQBowWmAwQAowWyAwQAowW2AwQAowW5AwQBowW8AwQAowW/
MAwDBACjBccDBAGjBcgwDAMEAKMFywMEAKMFzgMEAKMF2gMEAKMF4AMEAKMF5AME
AKMF8QMEAKMF9AMEAKMF+gMEAKMF/TANBgkqhkiG9w0BAQsFAAOCAQEAkajaI45s
j5RMKKW69hrUyAG/QSYMmogPIxNyjIt8x+mg/u1P8rPe5TueUHSzPYcMjlI6UJTP
MaCpvDzRP6rVI9fcBnJO/oriQq0rWCZd+rdTbCxIBNkZOfsKJ8nGnSQV/qHxs9xw
zMGNj4oPUBKzM07CTZNnvhX9c74LotGhIlMzIPUuaZ41A0y+MRq+MRBWPW2mfBK4
jBwN0YszCTndgXP1JHiF6KEKAJA8y4pO/wR/c3b8qLkaHKYl6qLUXcNrUaRL2DW4
gKXy8zHXzimSIWfFiLJ4yg7FGDIAk7Gs1TXy8BGBYTPNsHGuRRL/h0Zj5zADJUiE
3l74uzrBJ5WuXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org