Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nYXn0ATWc5WD8v3UEciwPcGq_Mw.roa
File: nYXn0ATWc5WD8v3UEciwPcGq_Mw.roa (raw, json)
Hash identifier: CEjpEuhU9hfBARZ1L6HKD/ACuecToWi8DEmjdyn+d9s=
Subject key identifier: 9D:85:E7:D0:04:D6:73:95:83:F2:FD:D4:11:C8:B0:3D:C1:AA:FC:CC
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018FC068765B76183AAB3E4F71D43BAFD980
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nYXn0ATWc5WD8v3UEciwPcGq_Mw.roa
Signing time: Tue 28 May 2024 18:13:42 +0000
ROA not before: Tue 28 May 2024 18:13:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Jun 2024 14:58:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c0:68:76:5b:76:18:3a:ab:3e:4f:71:d4:3b:af:d9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 28 18:13:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d85e7d004d6739583f2fdd411c8b03dc1aafccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:66:7c:cb:84:1c:b2:b9:fa:cf:96:6e:fa:d2:
97:af:03:8f:96:4d:3f:50:f8:6e:cd:a1:4d:bb:24:
56:44:dc:e0:da:d1:67:47:5a:7f:a2:67:bc:9f:6b:
e6:40:23:e2:6b:3d:a8:24:39:36:35:4a:a8:c4:6d:
17:00:02:c2:64:66:46:32:a2:45:fc:a3:4f:be:c2:
a9:d8:88:a2:02:34:69:50:c9:47:2a:3b:21:42:b9:
61:df:70:38:77:e1:91:5b:06:65:ba:36:c9:52:6c:
ac:27:d0:7e:33:0b:a0:06:a9:15:a0:d3:53:94:2b:
f6:43:43:43:6d:56:c9:2b:94:64:a6:cb:40:50:20:
cf:d8:82:39:7e:39:48:37:c2:28:7c:51:36:fa:d3:
df:53:89:b3:c6:04:b4:d4:fd:6f:9d:1d:71:6a:81:
00:51:be:41:41:d0:60:b2:ff:bf:ba:a1:ab:8d:9b:
81:19:1e:7a:e8:ac:bf:49:3e:fe:38:63:db:91:36:
1e:b6:19:2d:77:16:6e:99:96:5f:f0:07:a7:a0:c3:
24:23:d4:ff:f8:95:50:d8:48:6b:5a:35:3e:6b:da:
67:5e:a9:d1:93:61:dd:b7:d2:66:2a:ef:d9:86:a4:
6d:8a:da:e6:6a:04:79:e8:b7:26:9d:67:de:10:b3:
c2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:85:E7:D0:04:D6:73:95:83:F2:FD:D4:11:C8:B0:3D:C1:AA:FC:CC
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nYXn0ATWc5WD8v3UEciwPcGq_Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.53.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.136.0/24
163.5.139.0/24
163.5.141.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.154.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.185.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0-163.5.201.255
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.244.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:03:27:e1:ce:f2:92:42:a9:ce:de:94:d8:fb:2d:31:7f:50:
b6:4b:73:16:70:fb:f9:68:45:aa:19:bb:b7:c8:1e:9e:8a:24:
bb:22:f1:a7:e0:c0:12:b5:22:f2:26:45:11:b9:c3:d7:84:17:
54:73:b5:5a:54:31:9d:ba:09:76:89:fc:a1:6d:f5:91:40:48:
0d:84:83:0c:df:0d:b2:aa:44:b9:d8:e8:93:2d:60:f2:99:68:
ce:69:ee:6b:e4:e7:82:6a:34:19:4c:b1:3b:37:e5:bd:22:85:
5e:ae:aa:30:ac:bb:72:f3:20:78:ac:f5:62:42:aa:48:4a:96:
7e:f4:3d:12:3c:78:ac:e4:10:7b:2c:55:f9:df:db:f2:2a:6e:
8a:ad:a2:e9:c3:bd:83:7e:a0:a4:f7:86:ae:8d:43:ee:77:d1:
3e:e4:a9:00:69:60:40:66:ab:25:31:e5:63:a2:1b:11:c4:11:
ee:85:62:43:eb:cb:43:dd:06:c0:ac:61:eb:e6:aa:2d:f6:b2:
c0:e9:f4:60:9b:9c:68:db:e1:c4:a0:6f:70:7d:f6:bb:dc:fe:
23:dc:da:e1:fe:53:81:46:55:77:35:e8:71:06:57:c0:35:1c:
1c:01:07:31:0a:04:e0:1a:17:36:d6:83:0a:f5:4e:2b:a2:d8:
99:3c:d7:bd
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAY/AaHZbdhg6qz5PcdQ7r9mAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTI4MTgxMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg1ZTdkMDA0ZDY3Mzk1ODNmMmZkZDQxMWM4YjAzZGMxYWFmY2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWZ8y4Qcsrn6z5Zu+tKXrwOPlk0/
UPhuzaFNuyRWRNzg2tFnR1p/ome8n2vmQCPiaz2oJDk2NUqoxG0XAALCZGZGMqJF
/KNPvsKp2IiiAjRpUMlHKjshQrlh33A4d+GRWwZlujbJUmysJ9B+MwugBqkVoNNT
lCv2Q0NDbVbJK5RkpstAUCDP2II5fjlIN8IofFE2+tPfU4mzxgS01P1vnR1xaoEA
Ub5BQdBgsv+/uqGrjZuBGR566Ky/ST7+OGPbkTYethktdxZumZZf8AenoMMkI9T/
+JVQ2EhrWjU+a9pnXqnRk2Hdt9JmKu/ZhqRtitrmagR56LcmnWfeELPCXQIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFJ2F59AE1nOVg/L91BHIsD3BqvzMMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbllYbjBBVFdjNVdEOHYzVUVjaXdQY0dxX013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBACj
BR4DBACjBTUDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQCowV8AwQAowV+
AwQBowWAAwQAowWIAwQAowWLAwQAowWNAwQAowWPAwQAowWSAwQAowWXAwQAowWa
AwQAowWgAwQAowWnAwQAowWyAwQAowW2AwQAowW5AwQBowW8AwQAowW/MAwDBACj
BccDBAGjBcgwDAMEAKMFywMEAKMFzgMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF8QME
AKMF9AMEAKMF+gMEAKMF/TANBgkqhkiG9w0BAQsFAAOCAQEAsAMn4c7ykkKpzt6U
2PstMX9QtktzFnD7+WhFqhm7t8genookuyLxp+DAErUi8iZFEbnD14QXVHO1WlQx
nboJdon8oW31kUBIDYSDDN8NsqpEudjoky1g8plozmnua+Tngmo0GUyxOzflvSKF
Xq6qMKy7cvMgeKz1YkKqSEqWfvQ9Ejx4rOQQeyxV+d/b8ipuiq2i6cO9g36gpPeG
ro1D7nfRPuSpAGlgQGarJTHlY6IbEcQR7oViQ+vLQ90GwKxh6+aqLfaywOn0YJuc
aNvhxKBvcH32u9z+I9za4f5TgUZVdzXocQZXwDUcHAEHMQoE4BoXNtaDCvVOK6LY
mTzXvQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:53 2025 by rpki-client