Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/niNpgiDbrs_0PIlYJ82eXsKSkPU.roa
File: niNpgiDbrs_0PIlYJ82eXsKSkPU.roa (raw, json)
Hash identifier: Vf7a7RCzWASTa2GdLUmELSCg13l1/UwpTIarRzLftk0=
Subject key identifier: 9E:23:69:82:20:DB:AE:CF:F4:3C:89:58:27:CD:9E:5E:C2:92:90:F5
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0190F8B27AC1CAB289308DA23D6AEEBDF380
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/niNpgiDbrs_0PIlYJ82eXsKSkPU.roa
Signing time: Sun 28 Jul 2024 09:36:04 +0000
ROA not before: Sun 28 Jul 2024 09:36:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.232.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 08:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f8:b2:7a:c1:ca:b2:89:30:8d:a2:3d:6a:ee:bd:f3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 28 09:36:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e23698220dbaecff43c895827cd9e5ec29290f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:35:6c:0f:db:49:67:8d:07:87:ee:33:46:bf:
9b:07:5b:8a:27:17:2a:48:74:bb:f1:3e:cf:34:ae:
90:ef:08:29:b5:bb:9b:d2:ec:91:93:6c:cb:51:3a:
b3:4f:49:2b:cb:cc:70:13:17:d8:6e:25:0e:b3:38:
0e:63:ca:ed:56:53:29:4f:94:d8:b2:f4:fd:56:bc:
a2:b3:6a:94:6c:c5:d3:37:ca:b7:7a:a4:db:9c:53:
30:fc:2a:65:2e:b0:3a:00:3b:31:d1:bf:37:28:a7:
e6:e5:f0:24:23:f8:89:85:ee:60:83:dd:bf:25:11:
b3:43:8f:2c:15:3b:d4:c8:9c:04:ee:f6:7d:cd:e1:
1a:24:55:41:60:cb:26:bc:6f:ab:7e:55:d9:71:9c:
cd:ad:b5:5b:96:60:a4:d0:c9:2d:f5:34:ef:70:78:
58:db:9e:f9:6c:b5:ba:3d:ac:f6:00:38:a2:91:10:
a6:ab:4a:e2:12:c4:b4:a7:cd:ab:30:b5:a2:0e:83:
24:f4:c5:d7:68:75:42:92:a6:aa:2f:df:59:dd:40:
2a:48:ca:92:c4:c2:5a:87:1d:c5:dc:c9:cd:a0:d9:
2b:b1:4e:c6:a9:2c:28:92:9e:5a:0c:9e:38:63:6a:
28:86:06:38:7e:42:e8:ef:13:c7:6c:50:26:08:77:
49:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:23:69:82:20:DB:AE:CF:F4:3C:89:58:27:CD:9E:5E:C2:92:90:F5
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/niNpgiDbrs_0PIlYJ82eXsKSkPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.51.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.125.0-163.5.126.255
163.5.128.0/23
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/23
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0-163.5.201.255
163.5.203.0-163.5.206.255
163.5.211.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.232.0/24
163.5.241.0/24
163.5.247.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
08:ad:db:73:2d:2f:fe:97:d5:9d:61:6a:40:ac:dd:4a:87:3e:
59:6b:9a:a9:70:eb:ea:ac:b5:6f:8e:ce:b2:2e:7e:b4:9b:70:
e4:d1:69:90:e3:11:11:ec:93:d6:fc:d0:26:25:82:c7:7a:bb:
55:b0:b9:b6:98:32:7b:3f:7b:6f:0b:1c:3e:bc:b6:7b:8a:3d:
93:29:4e:eb:0f:7d:90:e6:2c:13:f1:d8:b1:37:cc:7e:56:a3:
98:5c:e2:1c:fb:da:29:c4:de:cc:88:dc:8a:9a:fa:8f:a5:88:
e0:29:e7:60:a3:1b:a3:1b:ff:ef:ff:b9:4c:65:10:e3:e7:6f:
2d:13:0e:a0:45:88:7e:4d:1b:fd:42:0b:4e:48:30:e4:70:e0:
a3:c1:98:b0:02:49:ff:1c:f5:cf:ae:f3:a0:7a:ac:05:22:1e:
a0:6d:0a:97:d0:e9:1b:99:95:bc:a7:48:f2:46:b9:c7:e4:4e:
2c:f7:fd:d0:8c:99:39:c5:50:0b:45:53:a3:c0:9b:56:6f:ed:
94:80:b8:a9:25:b4:be:39:ae:9a:9c:3e:34:06:d7:6f:e2:b9:
d1:dc:62:60:3e:63:01:b4:33:89:6e:b6:ee:09:b8:3b:27:16:
73:0c:55:41:3e:84:3a:dd:a0:1e:6e:cf:b2:1a:63:f6:09:cb:
7f:22:e1:59
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZD4snrByrKJMI2iPWruvfOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzI4MDkzNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTIzNjk4MjIwZGJhZWNmZjQzYzg5NTgyN2NkOWU1ZWMyOTI5MGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDVsD9tJZ40Hh+4zRr+bB1uKJxcq
SHS78T7PNK6Q7wgptbub0uyRk2zLUTqzT0kry8xwExfYbiUOszgOY8rtVlMpT5TY
svT9Vryis2qUbMXTN8q3eqTbnFMw/CplLrA6ADsx0b83KKfm5fAkI/iJhe5gg92/
JRGzQ48sFTvUyJwE7vZ9zeEaJFVBYMsmvG+rflXZcZzNrbVblmCk0Mkt9TTvcHhY
2575bLW6Paz2ADiikRCmq0riEsS0p82rMLWiDoMk9MXXaHVCkqaqL99Z3UAqSMqS
xMJahx3F3MnNoNkrsU7GqSwokp5aDJ44Y2oohgY4fkLo7xPHbFAmCHdJRQIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFJ4jaYIg267P9DyJWCfNnl7CkpD1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbmlOcGdpRGJyc18wUElsWUo4MmVYc0tTa1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBACj
BR4DBACjBTMDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQAowV9AwQAowV+
AwQBowWAAwQAowWGAwQAowWLAwQAowWPAwQAowWSAwQAowWXAwQAowWgAwQBowWi
AwQAowWnAwQAowWyAwQAowW2AwQBowW8AwQAowW/MAwDBACjBccDBAGjBcgwDAME
AKMFywMEAKMFzgMEAKMF0wMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF6AMEAKMF8QME
AKMF9wMEAKMF+gMEAKMF/TANBgkqhkiG9w0BAQsFAAOCAQEACK3bcy0v/pfVnWFq
QKzdSoc+WWuaqXDr6qy1b47Osi5+tJtw5NFpkOMREeyT1vzQJiWCx3q7VbC5tpgy
ez97bwscPry2e4o9kylO6w99kOYsE/HYsTfMflajmFziHPvaKcTezIjcipr6j6WI
4CnnYKMboxv/7/+5TGUQ4+dvLRMOoEWIfk0b/UILTkgw5HDgo8GYsAJJ/xz1z67z
oHqsBSIeoG0Kl9DpG5mVvKdI8ka5x+ROLPf90IyZOcVQC0VTo8CbVm/tlIC4qSW0
vjmumpw+NAbXb+K50dxiYD5jAbQziW627gm4OycWcwxVQT6EOt2gHm7Pshpj9gnL
fyLhWQ==
-----END CERTIFICATE-----
Generated at Mon Jul 29 12:11:53 2024 by rpki-client on console-fra.rpki-client.org