Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nrxILBUCDzR8_2_EJ2HikATwBVM.roa
File: nrxILBUCDzR8_2_EJ2HikATwBVM.roa (raw, json)
Hash identifier: 5MeUlQU/TK4AqBBQXT2mmwBmASj4F3iqrcrjskVYdfM=
Subject key identifier: 9E:BC:48:2C:15:02:0F:34:7C:FF:6F:C4:27:61:E2:90:04:F0:05:53
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018FB945FCE82AB78451E5076365F5ADB8C4
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nrxILBUCDzR8_2_EJ2HikATwBVM.roa
Signing time: Mon 27 May 2024 08:58:42 +0000
ROA not before: Mon 27 May 2024 08:58:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 18:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:45:fc:e8:2a:b7:84:51:e5:07:63:65:f5:ad:b8:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 27 08:58:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ebc482c15020f347cff6fc42761e29004f00553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:80:3e:32:7c:5e:96:be:7a:b4:38:8b:38:3e:
f8:4b:9c:39:54:30:d7:a7:2c:2e:a0:c2:67:e4:88:
c0:da:26:91:e3:b5:d5:72:7f:07:6f:31:57:92:6d:
f0:34:b8:bb:4a:47:20:b4:45:80:93:bf:2a:13:a9:
36:ae:3d:c1:0c:6b:17:f5:08:3c:48:64:0a:d8:85:
c3:d6:be:cf:f7:df:23:d4:64:eb:c0:7b:82:4b:3e:
36:90:15:ea:52:32:44:de:43:9f:12:6f:7b:b2:68:
d1:0c:61:ae:f7:9a:81:88:59:b9:f8:3b:a4:41:fa:
4a:7f:f8:22:76:27:a4:6e:b6:a9:d9:cd:56:99:3c:
ce:fc:b6:4e:91:10:12:d1:69:69:35:e3:e3:0d:72:
94:31:cd:0c:c5:dd:a9:e8:99:c2:16:f8:df:ee:9a:
05:6d:35:ca:2f:33:52:1b:d9:4f:b5:46:8c:91:5c:
fb:77:8c:f2:48:b8:44:f4:a0:80:7c:b1:17:33:38:
3f:ce:d8:5d:4f:b4:e3:85:82:f7:a8:65:90:3d:37:
65:84:1a:d7:dc:ac:44:b0:38:10:f3:9f:7f:78:14:
15:7e:84:f8:0c:1f:f9:26:fe:4d:a4:27:70:3e:f6:
e4:e3:03:03:e2:58:b8:f7:51:87:1c:ac:95:50:cf:
14:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:BC:48:2C:15:02:0F:34:7C:FF:6F:C4:27:61:E2:90:04:F0:05:53
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nrxILBUCDzR8_2_EJ2HikATwBVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.53.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.136.0/24
163.5.139.0/24
163.5.141.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.154.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0-163.5.201.255
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.223.0-163.5.224.255
163.5.228.0/24
163.5.241.0/24
163.5.244.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:a2:35:e3:a6:e5:41:85:92:cc:dd:93:38:3a:60:19:df:88:
70:11:63:2c:b9:f4:1d:88:e6:be:94:c3:bd:06:7b:9e:32:a9:
c0:91:3c:2d:a9:49:58:97:03:d9:d1:f5:4f:6a:d1:45:c8:d2:
e7:f4:fb:15:97:67:9b:57:e7:1a:14:16:e8:1a:f6:91:b3:6d:
c1:41:3b:18:90:90:4e:c9:a9:99:2f:6e:ae:b3:a3:09:ba:11:
79:47:d9:33:2e:c2:db:fd:3f:41:f8:41:f1:40:84:6c:de:4a:
fa:92:51:f8:d9:12:68:f2:fc:c7:27:b1:9b:e0:f2:96:bc:61:
96:7c:6e:7b:8a:79:da:2e:2b:76:36:ff:bd:c8:28:51:e4:7f:
52:0a:f3:3b:4d:44:c4:0f:fd:cb:7a:d6:e4:02:43:09:11:10:
13:e1:cb:46:12:cc:fe:03:60:50:44:07:40:e9:cf:fb:a7:91:
77:10:b3:bd:3e:b7:f3:fd:70:ec:4c:b2:44:04:fd:cf:a5:90:
c8:e6:dd:c3:4e:2e:1c:08:e8:cd:ce:a8:54:5a:b1:0a:8e:93:
d0:00:81:40:09:e2:21:e2:99:cd:3a:0c:43:c0:09:78:74:57:
73:a2:31:3e:d2:3d:c8:35:44:a8:28:26:13:1d:e5:2b:97:82:
1a:47:fd:4d
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAY+5RfzoKreEUeUHY2X1rbjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTI3MDg1ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWJjNDgyYzE1MDIwZjM0N2NmZjZmYzQyNzYxZTI5MDA0ZjAwNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IA+Mnxelr56tDiLOD74S5w5VDDX
pywuoMJn5IjA2iaR47XVcn8HbzFXkm3wNLi7SkcgtEWAk78qE6k2rj3BDGsX9Qg8
SGQK2IXD1r7P998j1GTrwHuCSz42kBXqUjJE3kOfEm97smjRDGGu95qBiFm5+Duk
QfpKf/gidiekbrap2c1WmTzO/LZOkRAS0WlpNePjDXKUMc0Mxd2p6JnCFvjf7poF
bTXKLzNSG9lPtUaMkVz7d4zySLhE9KCAfLEXMzg/zthdT7TjhYL3qGWQPTdlhBrX
3KxEsDgQ859/eBQVfoT4DB/5Jv5NpCdwPvbk4wMD4li491GHHKyVUM8UTwIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFJ68SCwVAg80fP9vxCdh4pAE8AVTMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbnJ4SUxCVUNEelI4XzJfRUoySGlrQVR3QlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBACj
BR4DBACjBTUDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQCowV8AwQAowV+
AwQBowWAAwQAowWIAwQAowWLAwQAowWNAwQAowWPAwQAowWSAwQAowWXAwQAowWa
AwQAowWgAwQAowWnAwQAowWyAwQAowW2AwQBowW8AwQAowW/MAwDBACjBccDBAGj
BcgwDAMEAKMFywMEAKMFzgMEAKMF2jAMAwQAowXfAwQAowXgAwQAowXkAwQAowXx
AwQAowX0AwQAowX6AwQAowX9MA0GCSqGSIb3DQEBCwUAA4IBAQCiojXjpuVBhZLM
3ZM4OmAZ34hwEWMsufQdiOa+lMO9BnueMqnAkTwtqUlYlwPZ0fVPatFFyNLn9PsV
l2ebV+caFBboGvaRs23BQTsYkJBOyamZL26us6MJuhF5R9kzLsLb/T9B+EHxQIRs
3kr6klH42RJo8vzHJ7Gb4PKWvGGWfG57innaLit2Nv+9yChR5H9SCvM7TUTED/3L
etbkAkMJERAT4ctGEsz+A2BQRAdA6c/7p5F3ELO9Prfz/XDsTLJEBP3PpZDI5t3D
Ti4cCOjNzqhUWrEKjpPQAIFACeIh4pnNOgxDwAl4dFdzojE+0j3INUSoKCYTHeUr
l4IaR/1N
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org