Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xqBikrRX8QV28qK1IHpxpIauoKc.roa
File: xqBikrRX8QV28qK1IHpxpIauoKc.roa (raw, json)
Hash identifier: XsAvHflchooOZxejmSWc/RuAAFABs+I5EG4fTA0DZkA=
Subject key identifier: C6:A0:62:92:B4:57:F1:05:76:F2:A2:B5:20:7A:71:A4:86:AE:A0:A7
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D5E50F2963205BE01F166A3E8EFA0F5ED
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xqBikrRX8QV28qK1IHpxpIauoKc.roa
Signing time: Wed 31 Jan 2024 06:59:39 +0000
ROA not before: Wed 31 Jan 2024 06:59:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.83.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 16:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:50:f2:96:32:05:be:01:f1:66:a3:e8:ef:a0:f5:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 31 06:59:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6a06292b457f10576f2a2b5207a71a486aea0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2a:75:66:7e:58:d3:de:e9:f0:d4:e4:d5:9a:
37:00:0c:97:7e:ff:b0:73:d6:6b:6a:09:03:74:62:
00:7c:95:b1:47:8b:aa:c2:09:56:82:fa:52:12:3f:
2f:92:94:cc:c9:d5:f6:cb:21:b5:43:24:5a:a4:3f:
7f:08:00:ed:a9:f4:fd:eb:63:a4:2f:5f:2a:f1:17:
f8:a5:ec:7a:f5:1c:e4:11:d7:fc:25:40:57:b9:71:
bf:c1:bf:be:d5:2c:4a:b6:9b:3a:58:5f:20:3b:17:
1b:92:1c:83:9d:cd:bd:23:f8:7d:f3:2f:f7:f4:e2:
d1:7d:8a:23:f6:33:57:9e:bf:cb:5f:35:55:bd:e3:
64:a9:19:8e:40:89:5e:7e:9c:a6:0c:db:26:0f:fd:
fd:64:99:27:aa:1d:f3:7d:7c:12:93:7c:bf:4c:bc:
1a:1e:13:d5:6e:e6:fb:8d:1f:00:18:6d:bf:22:51:
4a:d6:d4:1a:ca:22:44:35:10:54:82:a9:69:2f:21:
83:88:fd:6f:2a:aa:58:e7:c6:73:0e:59:ed:34:91:
6a:b0:ec:4f:19:20:14:fa:e8:bd:f8:89:61:54:a7:
f5:02:a3:60:c7:cb:13:73:ab:dc:28:22:af:e0:9b:
27:e3:1e:34:24:6f:ce:16:01:78:d3:06:5c:94:38:
21:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A0:62:92:B4:57:F1:05:76:F2:A2:B5:20:7A:71:A4:86:AE:A0:A7
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xqBikrRX8QV28qK1IHpxpIauoKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.79.0/24
163.5.83.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/24
163.5.134.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.148.0/24
163.5.150.0/23
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
84:6b:87:bd:31:3b:33:ca:ac:5b:37:11:b0:92:90:ec:f0:ba:
49:c9:62:6d:b7:d1:1d:1a:40:db:e8:8d:0c:6a:87:78:28:2d:
cd:a4:20:e1:6d:ad:a9:75:d2:f4:93:4c:c3:52:2f:27:d1:cb:
86:bd:5a:e5:d1:4c:20:db:7f:7b:f6:55:8d:ff:58:61:60:57:
87:f3:d7:d2:35:6d:45:da:52:77:b8:f3:a7:5c:69:90:16:e4:
32:b1:0e:29:f1:ad:ad:43:d1:ec:d6:7b:5b:19:a7:4f:2c:46:
b8:e4:dd:a3:be:e2:60:2b:3f:a7:20:18:05:d8:33:0b:25:64:
70:89:fb:56:06:a5:ac:7e:46:ce:57:bf:05:77:74:93:83:2a:
6f:f2:47:4d:15:de:bf:a3:3e:f7:97:f7:93:28:e0:a3:3c:d8:
a2:e0:b5:ad:ba:3d:31:ef:04:84:02:30:d1:3d:83:1c:ff:ac:
35:7c:aa:06:d7:ac:0e:9d:f4:c2:7e:45:f9:44:b9:9e:92:39:
c6:20:a1:a5:90:71:9c:8a:d8:69:45:4b:61:f2:7e:a0:82:95:
21:c6:60:7d:b7:9a:27:aa:11:94:5d:cd:89:08:52:df:fb:19:
45:48:4c:74:ab:6a:3c:6d:1e:dc:9f:b2:4b:75:ca:c5:ee:73:
95:8d:31:d9
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAY1eUPKWMgW+AfFmo+jvoPXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTMxMDY1OTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmEwNjI5MmI0NTdmMTA1NzZmMmEyYjUyMDdhNzFhNDg2YWVhMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyp1Zn5Y097p8NTk1Zo3AAyXfv+w
c9ZragkDdGIAfJWxR4uqwglWgvpSEj8vkpTMydX2yyG1QyRapD9/CADtqfT962Ok
L18q8Rf4pex69RzkEdf8JUBXuXG/wb++1SxKtps6WF8gOxcbkhyDnc29I/h98y/3
9OLRfYoj9jNXnr/LXzVVveNkqRmOQIlefpymDNsmD/39ZJknqh3zfXwSk3y/TLwa
HhPVbub7jR8AGG2/IlFK1tQayiJENRBUgqlpLyGDiP1vKqpY58ZzDlntNJFqsOxP
GSAU+ui9+IlhVKf1AqNgx8sTc6vcKCKv4Jsn4x40JG/OFgF40wZclDghJwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFMagYpK0V/EFdvKitSB6caSGrqCnMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveHFCaWtyUlg4UVYyOHFLMUlIcHhwSWF1b0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBACj
BR4DBACjBU8DBACjBVMDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgME
AKMFgAMEAKMFhgMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlAMEAaMFlgMEAKMFoAME
AKMFpwMEAKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAKMFyTAMAwQAowXLAwQBowXM
AwQAowXaAwQAowXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9MA0GCSqGSIb3DQEB
CwUAA4IBAQCEa4e9MTszyqxbNxGwkpDs8LpJyWJtt9EdGkDb6I0Maod4KC3NpCDh
ba2pddL0k0zDUi8n0cuGvVrl0Uwg23979lWN/1hhYFeH89fSNW1F2lJ3uPOnXGmQ
FuQysQ4p8a2tQ9Hs1ntbGadPLEa45N2jvuJgKz+nIBgF2DMLJWRwiftWBqWsfkbO
V78Fd3STgypv8kdNFd6/oz73l/eTKOCjPNii4LWtuj0x7wSEAjDRPYMc/6w1fKoG
16wOnfTCfkX5RLmekjnGIKGlkHGcithpRUth8n6ggpUhxmB9t5onqhGUXc2JCFLf
+xlFSEx0q2o8bR7cn7JLdcrF7nOVjTHZ
-----END CERTIFICATE-----
Generated at Fri Feb 2 20:35:38 2024 by rpki-client on console-ams.rpki-client.org