Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tNfewd-YmgZrNtWbzKm1wEl6Lxk.roa
File: tNfewd-YmgZrNtWbzKm1wEl6Lxk.roa (raw, json)
Hash identifier: LQPsjh8Orbc6wZYij//zWR05Z8KiF53vtBvaagADYs8=
Subject key identifier: B4:D7:DE:C1:DF:98:9A:06:6B:36:D5:9B:CC:A9:B5:C0:49:7A:2F:19
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0190DAC6C8C3316B600C2B687237BD6DF95D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tNfewd-YmgZrNtWbzKm1wEl6Lxk.roa
Signing time: Mon 22 Jul 2024 14:09:38 +0000
ROA not before: Mon 22 Jul 2024 14:09:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.194.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.232.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 18:16:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:c6:c8:c3:31:6b:60:0c:2b:68:72:37:bd:6d:f9:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 22 14:09:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4d7dec1df989a066b36d59bcca9b5c0497a2f19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4b:01:34:f5:8a:30:a2:96:26:fc:64:ac:0c:
1d:26:fb:a7:e4:01:df:ff:ec:3f:7c:75:eb:e9:21:
0a:6e:73:b2:2e:f2:04:ce:ba:c0:4d:8d:68:e9:93:
20:61:66:5f:3e:a2:66:53:8f:8e:13:15:14:34:03:
8d:bb:19:b9:43:c5:30:90:9b:ab:75:ed:b9:71:18:
14:29:b6:25:86:61:e2:3b:70:1f:46:de:a0:6f:93:
70:ec:0b:14:0a:a8:62:51:63:84:23:45:6c:7d:c9:
d5:88:03:f0:00:48:b3:e3:c8:c0:20:9c:b9:5b:8b:
63:c4:f1:97:8f:24:14:4e:99:e8:a2:15:42:a5:9e:
e0:e4:c0:0f:10:d7:76:15:39:12:3e:7b:a5:82:d2:
8e:b0:47:3e:87:ba:a8:d9:41:77:9a:b4:ea:0c:a3:
66:5f:67:98:57:a2:3e:7d:53:5f:ad:df:a0:52:cf:
b6:d8:09:da:64:0d:16:10:c5:73:7b:53:38:5d:d6:
d6:07:80:85:18:f3:9a:37:c7:d3:b0:3b:d9:8b:f6:
c6:ae:5c:4f:bd:0c:04:d8:18:dd:cf:9a:8f:56:b8:
1a:66:4c:71:78:85:c3:b6:e4:0b:73:ee:74:32:52:
3f:e7:31:68:7a:8d:db:92:d2:c4:5b:5d:01:6e:cf:
6b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D7:DE:C1:DF:98:9A:06:6B:36:D5:9B:CC:A9:B5:C0:49:7A:2F:19
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tNfewd-YmgZrNtWbzKm1wEl6Lxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.51.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.125.0-163.5.126.255
163.5.128.0/23
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/23
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.194.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.211.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.232.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:8c:05:e8:dc:f1:b2:5d:ad:cb:97:f7:9d:d1:4c:78:33:e5:
dc:97:50:a8:94:f2:aa:1e:d4:6b:49:1e:01:2a:95:65:e3:c0:
2a:26:06:46:6d:18:b0:1d:ca:97:18:96:52:fb:d0:9d:42:00:
bd:54:7a:f5:c0:90:c5:76:50:17:39:d1:3a:02:23:0d:73:c3:
4f:73:62:d5:90:63:9b:a0:75:6a:2e:2d:68:16:98:b3:e2:18:
b2:1b:d4:db:33:ac:3a:0d:fe:51:e6:0e:89:2a:50:a1:4a:6a:
5d:9c:e0:eb:67:ae:8d:43:29:6c:b5:36:fa:be:89:35:16:d1:
d5:87:53:a4:d9:21:7d:b7:5b:83:98:43:bf:2a:b5:af:3d:df:
b9:5f:5d:86:70:3c:f1:9f:94:93:d1:73:fd:6e:25:bc:af:6c:
72:21:15:c5:8c:e5:a3:f8:b5:9f:95:c2:e4:a2:bf:e7:d6:fa:
f6:54:86:f2:d6:ce:c1:54:2d:44:98:81:62:60:00:94:da:81:
60:02:60:1f:71:f4:32:a3:4a:06:b2:ad:d2:3a:ff:7d:d5:39:
9e:b3:da:f3:d9:b2:df:fd:e8:d9:be:c5:da:0e:30:1f:74:b3:
5d:f0:b4:6f:8c:42:53:03:b8:8a:13:c4:5b:98:e2:94:04:ad:
37:7e:d5:16
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAZDaxsjDMWtgDCtocje9bfldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzIyMTQwOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQ3ZGVjMWRmOTg5YTA2NmIzNmQ1OWJjY2E5YjVjMDQ5N2EyZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUsBNPWKMKKWJvxkrAwdJvun5AHf
/+w/fHXr6SEKbnOyLvIEzrrATY1o6ZMgYWZfPqJmU4+OExUUNAONuxm5Q8UwkJur
de25cRgUKbYlhmHiO3AfRt6gb5Nw7AsUCqhiUWOEI0VsfcnViAPwAEiz48jAIJy5
W4tjxPGXjyQUTpnoohVCpZ7g5MAPENd2FTkSPnulgtKOsEc+h7qo2UF3mrTqDKNm
X2eYV6I+fVNfrd+gUs+22AnaZA0WEMVze1M4XdbWB4CFGPOaN8fTsDvZi/bGrlxP
vQwE2Bjdz5qPVrgaZkxxeIXDtuQLc+50MlI/5zFoeo3bktLEW10Bbs9r3QIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFLTX3sHfmJoGazbVm8yptcBJei8ZMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdE5mZXdkLVltZ1pyTnRXYnpLbTF3RWw2THhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBACj
BR4DBACjBTMDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQAowV9AwQAowV+
AwQBowWAAwQAowWGAwQAowWLAwQAowWPAwQAowWSAwQAowWXAwQAowWgAwQBowWi
AwQAowWnAwQAowWyAwQAowW2AwQBowW8AwQAowW/AwQAowXCAwQBowXIMAwDBACj
BcsDBACjBc4DBACjBdMDBACjBdoDBACjBeADBACjBeQDBACjBegDBACjBfEDBACj
BfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBAD+MBejc8bJdrcuX953RTHgz5dyX
UKiU8qoe1GtJHgEqlWXjwComBkZtGLAdypcYllL70J1CAL1UevXAkMV2UBc50ToC
Iw1zw09zYtWQY5ugdWouLWgWmLPiGLIb1NszrDoN/lHmDokqUKFKal2c4Otnro1D
KWy1Nvq+iTUW0dWHU6TZIX23W4OYQ78qta8937lfXYZwPPGflJPRc/1uJbyvbHIh
FcWM5aP4tZ+VwuSiv+fW+vZUhvLWzsFULUSYgWJgAJTagWACYB9x9DKjSgayrdI6
/33VOZ6z2vPZst/96Nm+xdoOMB90s13wtG+MQlMDuIoTxFuY4pQErTd+1RY=
-----END CERTIFICATE-----
Generated at Tue Jul 23 20:54:15 2024 by rpki-client on console-ams.rpki-client.org