Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vDbeTadAjz39lGZY71yxWsTYvW4.roa
File: vDbeTadAjz39lGZY71yxWsTYvW4.roa (raw, json)
Hash identifier: uMXXZEOm91dbzWS9/z0OWyE+WabJVS2ndUotc9wa+Wc=
Subject key identifier: BC:36:DE:4D:A7:40:8F:3D:FD:94:66:58:EF:5C:B1:5A:C4:D8:BD:6E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0190FDB34D8A2BA19B3CFC3FACAB3A0322D7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vDbeTadAjz39lGZY71yxWsTYvW4.roa
Signing time: Mon 29 Jul 2024 08:55:04 +0000
ROA not before: Mon 29 Jul 2024 08:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.232.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jul 2024 20:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:b3:4d:8a:2b:a1:9b:3c:fc:3f:ac:ab:3a:03:22:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 29 08:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc36de4da7408f3dfd946658ef5cb15ac4d8bd6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:55:45:be:19:12:6a:39:b7:b1:89:15:d1:67:
e7:97:97:44:69:35:2e:c5:16:24:5e:f3:00:0c:2e:
0f:db:44:63:b9:23:d0:e4:3b:7f:e3:3c:d8:5e:2b:
b8:19:b8:68:d7:49:43:54:c8:aa:15:88:7c:04:ca:
5f:0f:fd:c6:87:d4:ed:f6:82:ad:fb:2b:a6:ea:50:
80:44:a0:39:22:51:0f:0d:e5:76:ca:5a:1f:fc:56:
32:3e:2e:61:53:06:eb:52:4b:69:ac:54:2f:85:7c:
9e:0a:89:aa:2d:8d:2e:f5:0f:f3:aa:58:bf:e3:72:
f6:f2:d3:ed:48:4a:c0:c8:fb:0c:99:5e:1f:c0:5a:
e9:29:68:8d:d7:39:3f:c5:6f:5a:f6:6a:f8:cc:a0:
92:1b:5d:16:d2:c9:b8:08:9b:ac:84:42:d0:e3:48:
0f:19:b1:8a:e8:7d:59:f6:b8:2e:1f:62:2e:de:76:
40:a1:16:bd:1a:35:c7:b7:d2:44:31:0d:d1:ea:05:
6a:7e:10:59:82:1a:87:55:96:13:f9:06:1c:bf:a5:
04:b6:96:7c:fd:a5:c3:df:09:3a:c0:cb:6b:5c:6e:
fb:fa:e7:95:ea:a1:83:ce:ea:a7:80:4b:e6:78:d5:
df:dd:69:41:de:18:d5:2a:4d:d4:af:8f:49:90:21:
08:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:36:DE:4D:A7:40:8F:3D:FD:94:66:58:EF:5C:B1:5A:C4:D8:BD:6E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vDbeTadAjz39lGZY71yxWsTYvW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.51.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.125.0-163.5.126.255
163.5.128.0/23
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/23
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0-163.5.201.255
163.5.203.0-163.5.206.255
163.5.211.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.232.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
51:e2:82:b9:58:e8:4a:a6:a7:2c:94:36:7d:f1:03:0b:9d:fd:
a6:79:63:43:4a:72:d4:68:ca:1a:0d:77:f2:10:ed:17:9b:c6:
e0:b3:c9:4a:5f:f0:53:e6:a5:ce:0a:df:4e:06:30:51:d7:d0:
03:aa:b5:0b:1d:c7:a9:e0:8b:3e:63:ca:2b:7a:93:bf:08:fa:
33:32:c5:d6:2a:82:d2:00:4d:f9:f4:80:9a:36:60:4c:71:f7:
8f:20:da:a9:ac:72:81:77:c0:16:bd:e6:2f:36:04:e2:5b:db:
3e:bd:3e:79:62:fa:47:f6:00:f5:ba:db:c7:eb:e2:b1:49:42:
71:2f:cc:c9:e8:1c:30:c4:6a:08:c4:08:85:3b:36:bf:b9:3f:
3f:d2:e2:41:36:5f:03:2c:b8:aa:3b:97:48:76:36:74:c5:71:
4f:ba:07:7e:22:c8:41:03:68:ce:e5:1c:4a:48:41:d0:bc:a9:
e7:fc:54:81:79:9a:7f:e2:23:56:df:a4:36:95:3b:1a:ea:3d:
cc:1b:4a:db:34:1a:fc:e3:91:45:48:f0:94:6d:fe:be:fb:4d:
6a:b0:95:ad:11:2f:97:55:52:ea:19:52:47:d9:57:9d:2d:c5:
61:af:92:69:7b:10:a3:43:01:ce:c7:cb:c2:02:a8:30:b3:71:
71:7c:11:cd
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZD9s02KK6GbPPw/rKs6AyLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzI5MDg1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzM2ZGU0ZGE3NDA4ZjNkZmQ5NDY2NThlZjVjYjE1YWM0ZDhiZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1VFvhkSajm3sYkV0Wfnl5dEaTUu
xRYkXvMADC4P20RjuSPQ5Dt/4zzYXiu4Gbho10lDVMiqFYh8BMpfD/3Gh9Tt9oKt
+yum6lCARKA5IlEPDeV2ylof/FYyPi5hUwbrUktprFQvhXyeComqLY0u9Q/zqli/
43L28tPtSErAyPsMmV4fwFrpKWiN1zk/xW9a9mr4zKCSG10W0sm4CJushELQ40gP
GbGK6H1Z9rguH2Iu3nZAoRa9GjXHt9JEMQ3R6gVqfhBZghqHVZYT+QYcv6UEtpZ8
/aXD3wk6wMtrXG77+ueV6qGDzuqngEvmeNXf3WlB3hjVKk3Ur49JkCEIjQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFLw23k2nQI89/ZRmWO9csVrE2L1uMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdkRiZVRhZEFqejM5bEdaWTcxeXhXc1RZdlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBACj
BR4DBACjBTMDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQAowV9AwQAowV+
AwQBowWAAwQAowWGAwQAowWLAwQAowWPAwQAowWSAwQAowWXAwQAowWgAwQBowWi
AwQAowWnAwQAowWyAwQAowW2AwQBowW8AwQAowW/MAwDBACjBccDBAGjBcgwDAME
AKMFywMEAKMFzgMEAKMF0wMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF6AMEAKMF8QME
AKMF+gMEAKMF/TANBgkqhkiG9w0BAQsFAAOCAQEAUeKCuVjoSqanLJQ2ffEDC539
pnljQ0py1GjKGg138hDtF5vG4LPJSl/wU+alzgrfTgYwUdfQA6q1Cx3HqeCLPmPK
K3qTvwj6MzLF1iqC0gBN+fSAmjZgTHH3jyDaqaxygXfAFr3mLzYE4lvbPr0+eWL6
R/YA9brbx+visUlCcS/MyegcMMRqCMQIhTs2v7k/P9LiQTZfAyy4qjuXSHY2dMVx
T7oHfiLIQQNozuUcSkhB0Lyp5/xUgXmaf+IjVt+kNpU7Guo9zBtK2zQa/OORRUjw
lG3+vvtNarCVrREvl1VS6hlSR9lXnS3FYa+SaXsQo0MBzsfLwgKoMLNxcXwRzQ==
-----END CERTIFICATE-----
Generated at Wed Jul 31 22:25:19 2024 by rpki-client on console-ams.rpki-client.org