Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qFkxnnhaNXGS23EytwObvsNzbCg.roa
File: qFkxnnhaNXGS23EytwObvsNzbCg.roa (raw, json)
Hash identifier: kfBxYB5+c1g9yAbWA7g29GLIEXbrBkIVlc+HBeIlExM=
Subject key identifier: A8:59:31:9E:78:5A:35:71:92:DB:71:32:B7:03:9B:BE:C3:73:6C:28
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B7EDD537217A7DE15364DEF95B3A6F176
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qFkxnnhaNXGS23EytwObvsNzbCg.roa
Signing time: Mon 30 Oct 2023 04:35:15 +0000
ROA not before: Mon 30 Oct 2023 04:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 163.5.228.0/24 maxlen: 24
163.5.235.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.251.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
163.5.255.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.67.0/24 maxlen: 24
163.5.76.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.98.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.104.0/24 maxlen: 24
163.5.105.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.115.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.37.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.36.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.176.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.208.0/24 maxlen: 24
163.5.217.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.222.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.122.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.141.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.172.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7e:dd:53:72:17:a7:de:15:36:4d:ef:95:b3:a6:f1:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 30 04:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a859319e785a357192db7132b7039bbec3736c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:db:d3:9d:6f:7b:ae:87:92:69:7c:6c:7d:58:
14:fa:c2:84:a8:8c:35:87:f2:42:f7:8e:aa:77:67:
21:30:23:51:d5:75:6e:f8:5b:16:45:fc:54:3f:b3:
f7:06:bc:16:d7:ff:ac:8a:ab:c5:ff:13:3d:a4:bc:
14:98:ba:1b:63:37:c1:db:63:cc:2c:2d:54:c1:b0:
3b:39:85:85:16:0e:12:25:03:cb:dc:6c:9a:f8:65:
e6:fd:4e:ce:0a:16:cc:be:57:3c:88:f6:a5:97:29:
9a:8b:81:2b:bc:5f:f9:f8:f0:be:7b:c7:43:18:66:
98:95:30:e3:27:dd:3a:db:c5:e6:79:d3:52:48:8e:
ba:5c:7b:19:7b:33:ff:d0:4a:f8:20:15:9f:b3:df:
43:38:9b:d5:4c:a7:cc:81:b5:77:dc:a4:f4:a3:14:
86:b0:c1:c5:9d:70:d7:27:74:29:87:1e:97:89:69:
4b:b0:59:bf:80:50:26:14:01:21:67:5a:16:a2:e7:
16:19:24:0c:6e:1a:af:3a:eb:8e:e4:f2:4f:7f:90:
da:f3:b2:0e:9a:48:88:10:ff:db:14:65:e9:23:01:
19:31:a3:93:7e:61:e2:52:9e:d7:61:50:32:d4:b6:
41:48:42:58:9c:bc:b5:ed:ef:09:af:47:d7:3c:84:
bc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:59:31:9E:78:5A:35:71:92:DB:71:32:B7:03:9B:BE:C3:73:6C:28
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qFkxnnhaNXGS23EytwObvsNzbCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.33.0/24
163.5.35.0-163.5.37.255
163.5.62.0/24
163.5.66.0/23
163.5.76.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.94.0/23
163.5.98.0/23
163.5.104.0-163.5.106.255
163.5.110.0-163.5.115.255
163.5.121.0-163.5.122.255
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.138.0/23
163.5.141.0-163.5.143.255
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.156.0/24
163.5.160.0/23
163.5.165.0/24
163.5.167.0/24
163.5.170.0/24
163.5.172.0/24
163.5.176.0/24
163.5.178.0/24
163.5.181.0-163.5.182.255
163.5.186.0/24
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.208.0/24
163.5.217.0-163.5.218.255
163.5.222.0/24
163.5.224.0/24
163.5.228.0/24
163.5.235.0/24
163.5.241.0/24
163.5.249.0-163.5.253.255
163.5.255.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:54:b4:6c:41:81:f1:8f:41:96:27:b1:ab:2b:de:be:ab:69:
aa:6f:9d:ae:3d:0e:d3:44:f6:7c:ba:48:fb:f3:cd:28:6a:e8:
f3:24:1f:e9:76:93:68:1a:36:d6:91:0a:ad:7c:b0:4c:26:b8:
fc:f7:5e:33:b2:47:d7:17:9c:1f:35:f1:2d:f5:ab:6b:7a:c0:
6a:fa:c5:85:5f:a1:2a:10:23:6a:16:ca:19:2f:28:95:07:ec:
6c:a3:8e:bc:bd:08:58:92:9b:35:7d:25:0f:2e:e2:8a:7e:ac:
fe:33:a0:c0:83:6a:30:4d:34:4e:0b:7c:f4:f3:d2:fd:6d:a9:
21:2e:cb:55:08:7c:1c:aa:bc:e1:4a:a0:62:18:e0:e6:53:c4:
36:aa:bb:a1:e3:a6:e7:3c:2c:c2:7c:da:3e:b4:41:cf:84:53:
f0:91:aa:33:6c:c8:46:1d:34:66:5c:8c:e5:8b:35:de:16:78:
69:ea:90:b7:5c:f7:4e:10:a8:26:3c:27:ef:24:f0:7c:3f:38:
05:b0:05:59:66:71:7c:97:33:f1:c1:6a:49:8b:a7:e6:d7:e7:
b4:79:9f:1a:4c:b6:22:e8:05:63:62:3e:7a:af:31:ca:bc:a3:
6d:43:7e:cd:db:81:f0:ea:1a:68:7a:e0:48:b7:ce:16:43:f3:
c1:97:69:96
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgISAYt+3VNyF6feFTZN75WzpvF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDMwMDQzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODU5MzE5ZTc4NWEzNTcxOTJkYjcxMzJiNzAzOWJiZWMzNzM2YzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9vTnW97roeSaXxsfVgU+sKEqIw1
h/JC946qd2chMCNR1XVu+FsWRfxUP7P3BrwW1/+siqvF/xM9pLwUmLobYzfB22PM
LC1UwbA7OYWFFg4SJQPL3Gya+GXm/U7OChbMvlc8iPallymai4ErvF/5+PC+e8dD
GGaYlTDjJ90628XmedNSSI66XHsZezP/0Er4IBWfs99DOJvVTKfMgbV33KT0oxSG
sMHFnXDXJ3Qphx6XiWlLsFm/gFAmFAEhZ1oWoucWGSQMbhqvOuuO5PJPf5Da87IO
mkiIEP/bFGXpIwEZMaOTfmHiUp7XYVAy1LZBSEJYnLy17e8Jr0fXPIS8fQIDAQAB
o4IDYzCCA18wHQYDVR0OBBYEFKhZMZ54WjVxkttxMrcDm77Dc2woMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcUZreG5uaGFOWEdTMjNFeXR3T2J2c056YkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdwYIKwYBBQUHAQcBAf8EggFmMIIBYjCCAV4EAgABMIIB
VgMEAKMFHgMEAKMFITAMAwQAowUjAwQBowUkAwQAowU+AwQBowVCAwQAowVMAwQA
owVPAwQAowVTAwQAowVZAwQBowVeAwQBowViMAwDBAOjBWgDBACjBWowDAMEAaMF
bgMEAqMFcDAMAwQAowV5AwQAowV6AwQAowV+AwQAowWAAwQAowWGAwQBowWKMAwD
BACjBY0DBASjBYADBACjBZIDBACjBZQDBAGjBZYDBACjBZwDBAGjBaADBACjBaUD
BACjBacDBACjBaoDBACjBawDBACjBbADBACjBbIwDAMEAKMFtQMEAKMFtgMEAKMF
ugMEAaMFvAMEAKMFvwMEAKMFyTAMAwQAowXLAwQBowXMAwQAowXQMAwDBACjBdkD
BACjBdoDBACjBd4DBACjBeADBACjBeQDBACjBesDBACjBfEwDAMEAKMF+QMEAaMF
/AMEAKMF/zANBgkqhkiG9w0BAQsFAAOCAQEAqFS0bEGB8Y9Bliexqyvevqtpqm+d
rj0O00T2fLpI+/PNKGro8yQf6XaTaBo21pEKrXywTCa4/PdeM7JH1xecHzXxLfWr
a3rAavrFhV+hKhAjahbKGS8olQfsbKOOvL0IWJKbNX0lDy7iin6s/jOgwINqME00
Tgt89PPS/W2pIS7LVQh8HKq84UqgYhjg5lPENqq7oeOm5zwswnzaPrRBz4RT8JGq
M2zIRh00ZlyM5Ys13hZ4aeqQt1z3ThCoJjwn7yTwfD84BbAFWWZxfJcz8cFqSYun
5tfntHmfGky2IugFY2I+eq8xyryjbUN+zduB8OoaaHrgSLfOFkPzwZdplg==
-----END CERTIFICATE-----
Generated at Tue Oct 31 18:17:05 2023 by rpki-client on console-ams.rpki-client.org