Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vKfdXbX4tmraIqDFHcpuWGnzHhg.roa
File: vKfdXbX4tmraIqDFHcpuWGnzHhg.roa (raw, json)
Hash identifier: jfO2Ecr7UVyQojs9qs0QGDV8a9iZ6cdUNoZbo6FvIM0=
Subject key identifier: BC:A7:DD:5D:B5:F8:B6:6A:DA:22:A0:C5:1D:CA:6E:58:69:F3:1E:18
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0192142C6D6B98980683DBA19AB0A51A4FAE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vKfdXbX4tmraIqDFHcpuWGnzHhg.roa
Signing time: Sat 21 Sep 2024 10:41:48 +0000
ROA not before: Sat 21 Sep 2024 10:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.49.0/24 maxlen: 24
163.5.58.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 09:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:14:2c:6d:6b:98:98:06:83:db:a1:9a:b0:a5:1a:4f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 21 10:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bca7dd5db5f8b66ada22a0c51dca6e5869f31e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:37:59:d6:4e:63:e2:32:b2:8d:ca:01:6c:28:
b5:4d:80:bf:45:ce:87:42:9e:96:74:8d:fa:5c:13:
1f:54:ad:ca:47:33:74:23:76:92:5e:39:ef:f4:c3:
89:11:d8:54:ec:d6:e5:bf:72:9b:52:d0:86:bc:bf:
b7:ab:6b:90:d6:ee:11:bc:0f:4b:b1:ee:37:a6:5e:
b9:d8:c5:95:b3:c2:9b:8d:7f:b7:4c:b8:d5:dd:31:
ed:70:c7:f2:04:ce:0a:c3:1b:1b:36:d9:48:a1:6f:
f2:0a:c2:1d:da:94:77:13:db:39:88:7f:3c:b6:21:
96:c7:4a:ec:70:be:18:ab:00:f1:4f:b8:47:7f:4e:
0c:df:d0:9a:8c:db:11:5e:b2:2d:ed:da:04:22:97:
9f:51:a2:7d:78:1d:f0:1e:be:4e:50:ca:20:32:dd:
39:74:6c:68:29:c7:5f:7d:a0:2f:96:05:fb:9f:e1:
fa:ca:93:d6:4e:0b:c4:75:0b:c6:d4:ca:37:80:17:
e0:1f:10:bd:23:cb:7b:46:50:33:56:75:29:6e:e5:
c8:c0:f7:05:5b:d6:77:2d:c9:e3:87:e9:6a:98:9f:
60:31:fb:cd:83:ba:6c:e2:52:7f:cf:85:92:f8:6e:
45:87:6f:39:ce:af:eb:d4:d3:d2:68:d6:0f:04:f7:
10:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A7:DD:5D:B5:F8:B6:6A:DA:22:A0:C5:1D:CA:6E:58:69:F3:1E:18
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vKfdXbX4tmraIqDFHcpuWGnzHhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.49.0/24
163.5.58.0/23
163.5.73.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.118.0/23
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.132.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.247.0-163.5.248.255
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:56:c5:bd:72:1a:e0:18:39:4a:81:16:82:20:2c:df:ef:6f:
b3:cd:43:96:e2:e4:89:4d:c1:6d:22:72:c4:06:c8:e3:76:42:
bc:f3:1e:49:e6:83:9d:17:f2:d2:19:87:45:ab:64:4d:7e:90:
dc:89:46:72:19:78:68:2c:29:56:86:83:f6:2c:b3:36:35:f9:
35:2c:e7:72:0a:4b:b0:3a:c2:3a:dc:96:61:f9:b1:0b:e4:d0:
07:f1:90:de:9f:a1:5a:1d:ac:d6:44:cb:4c:53:ae:6e:15:d7:
cb:fa:5d:e2:9a:5e:87:b6:3b:ae:bd:6e:e2:a9:f7:88:42:88:
fe:e0:e7:06:e4:97:a6:6a:1e:7a:fa:1a:63:ee:9e:54:84:72:
45:b0:51:bd:a4:5b:fc:92:d8:1b:3b:92:4e:7f:60:bf:fb:84:
c3:ce:f6:2f:c1:4e:7c:8e:e9:47:0d:ad:cb:3c:64:c4:a8:21:
45:d4:1a:81:d5:d9:0e:59:ac:7e:76:61:89:df:94:59:ca:26:
f1:cc:f6:ef:aa:61:7b:76:03:13:cc:96:12:12:4f:2e:b2:70:
b7:59:3e:1b:4b:3d:a4:f1:fd:6a:f7:57:b9:da:69:d8:2f:e8:
2b:b8:5a:41:5e:59:9d:83:6f:ea:be:e5:ce:e3:8c:5b:64:03:
0f:05:f0:a2
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZIULG1rmJgGg9uhmrClGk+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTIxMTA0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2E3ZGQ1ZGI1ZjhiNjZhZGEyMmEwYzUxZGNhNmU1ODY5ZjMxZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DdZ1k5j4jKyjcoBbCi1TYC/Rc6H
Qp6WdI36XBMfVK3KRzN0I3aSXjnv9MOJEdhU7Nblv3KbUtCGvL+3q2uQ1u4RvA9L
se43pl652MWVs8KbjX+3TLjV3THtcMfyBM4KwxsbNtlIoW/yCsId2pR3E9s5iH88
tiGWx0rscL4YqwDxT7hHf04M39CajNsRXrIt7doEIpefUaJ9eB3wHr5OUMogMt05
dGxoKcdffaAvlgX7n+H6ypPWTgvEdQvG1Mo3gBfgHxC9I8t7RlAzVnUpbuXIwPcF
W9Z3Lcnjh+lqmJ9gMfvNg7ps4lJ/z4WS+G5Fh285zq/r1NPSaNYPBPcQRQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFLyn3V21+LZq2iKgxR3Kblhp8x4YMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdktmZFhiWDR0bXJhSXFERkhjcHVXR256SGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBACj
BR4DBACjBTEDBAGjBToDBACjBUkDBACjBVkwDAMEAaMFbgMEAaMFcAMEAaMFdgME
AKMFeQMEAKMFfgMEAaMFgAMEAKMFhAMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlwME
AKMFoAMEAKMFogMEAKMFpwMEAKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAaMFyDAM
AwQAowXLAwQAowXOAwQAowXaAwQAowXgAwQAowXkAwQAowXxMAwDBACjBfcDBACj
BfgDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBACxWxb1yGuAYOUqBFoIg
LN/vb7PNQ5bi5IlNwW0icsQGyON2QrzzHknmg50X8tIZh0WrZE1+kNyJRnIZeGgs
KVaGg/YsszY1+TUs53IKS7A6wjrclmH5sQvk0AfxkN6foVodrNZEy0xTrm4V18v6
XeKaXoe2O669buKp94hCiP7g5wbkl6ZqHnr6GmPunlSEckWwUb2kW/yS2Bs7kk5/
YL/7hMPO9i/BTnyO6UcNrcs8ZMSoIUXUGoHV2Q5ZrH52YYnflFnKJvHM9u+qYXt2
AxPMlhISTy6ycLdZPhtLPaTx/Wr3V7naadgv6Cu4WkFeWZ2Db+q+5c7jjFtkAw8F
8KI=
-----END CERTIFICATE-----
Generated at Mon Sep 23 14:19:12 2024 by rpki-client on console-ams.rpki-client.org