Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/0uKTNMaJV4-7Pc0ofop2YGmOF8w.roa
File: 0uKTNMaJV4-7Pc0ofop2YGmOF8w.roa (raw, json)
Hash identifier: Ji0A/Ftfz89h4kRzHjctb8YbnY8MSGlxkkwrv+Xr/XE=
Subject key identifier: D2:E2:93:34:C6:89:57:8F:BB:3D:CD:28:7E:8A:76:60:69:8E:17:CC
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019650E72FD943BC0243914B9B44D7F3E93B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/0uKTNMaJV4-7Pc0ofop2YGmOF8w.roa
Signing time: Sun 20 Apr 2025 01:54:10 +0000
ROA not before: Sun 20 Apr 2025 01:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.63.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 05:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:50:e7:2f:d9:43:bc:02:43:91:4b:9b:44:d7:f3:e9:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 20 01:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2e29334c689578fbb3dcd287e8a7660698e17cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ce:b7:29:4a:93:01:fd:8f:67:74:8f:1b:06:
e3:24:67:f4:79:e3:51:59:17:8c:cb:1c:05:64:72:
f4:c5:14:4b:ac:53:ca:fd:24:a6:48:64:14:71:d7:
c7:0e:45:13:66:36:34:35:b5:4a:c4:ce:92:41:c0:
3d:b5:6d:85:69:32:a1:82:77:bf:eb:2e:0b:6c:e4:
0a:57:49:b0:5b:b5:d6:ff:d5:d0:40:bd:41:55:9d:
79:4f:27:9a:76:4c:29:3a:d8:e3:8e:6d:76:c0:6d:
ae:20:bd:ff:08:e7:49:84:77:dc:16:0a:98:84:64:
05:46:de:cf:a6:e2:df:92:eb:60:39:85:82:2f:28:
60:84:e3:f2:01:c2:b7:2c:e3:71:6f:04:9b:ad:8c:
16:e7:14:50:4b:11:e9:3d:25:e6:86:2d:a8:be:b1:
00:3f:66:8a:ef:3e:23:18:0d:b9:59:91:2c:b3:39:
3f:db:4b:33:c2:64:7b:96:8d:48:61:53:2f:51:3d:
53:99:c8:88:e6:d6:b5:d9:73:d0:94:09:8f:ae:97:
46:23:53:4a:87:4b:2f:0b:99:bc:77:15:97:ce:de:
23:ed:b2:66:1a:fb:0f:57:76:b9:26:55:b6:f7:b3:
e8:ee:59:57:0c:7e:23:99:e9:c3:95:c6:06:58:d4:
c0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E2:93:34:C6:89:57:8F:BB:3D:CD:28:7E:8A:76:60:69:8E:17:CC
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/0uKTNMaJV4-7Pc0ofop2YGmOF8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.34.0/24
163.5.59.0/24
163.5.63.0/24
163.5.66.0/24
163.5.73.0/24
163.5.112.0/23
163.5.118.0/23
163.5.121.0/24
163.5.128.0/23
163.5.133.0/24
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.158.0/24
163.5.160.0/24
163.5.162.0/24
163.5.164.0/24
163.5.167.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.216.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
163.5.246.0/24
Signature Algorithm: sha256WithRSAEncryption
85:20:2b:69:ee:9e:ee:a2:d5:59:7f:25:1c:56:b6:30:ba:f9:
ed:a0:64:48:48:ef:14:52:30:12:b4:19:34:78:98:0d:5e:c7:
5d:c5:5b:35:c3:ec:36:74:cb:f0:6c:01:cf:b8:6b:01:e3:41:
03:52:bb:40:52:3a:90:da:d4:37:01:ad:9d:00:33:a4:71:4a:
3e:88:d1:45:ee:9b:dd:5d:3f:86:a9:b2:36:01:e5:c5:81:c0:
cd:88:28:56:b4:81:cd:1e:bf:36:c9:99:ab:4f:db:33:3b:cf:
97:0d:e5:c2:a2:ff:07:3d:86:ea:5a:4e:00:e1:3c:6e:aa:25:
a0:cb:ab:d6:e0:44:07:59:b0:21:3e:3e:84:ec:03:66:70:96:
92:6d:e8:ac:73:59:4a:b3:f6:3f:77:23:a3:04:4c:d6:5c:40:
68:ce:65:0a:37:91:94:28:38:aa:f4:e1:fb:c2:bf:37:1e:d4:
5b:83:fd:be:6d:b9:e2:6e:5e:59:71:d8:a6:a6:5c:30:d0:f5:
16:7f:c9:15:71:77:6b:07:ab:0a:80:63:30:ad:db:da:26:d3:
63:2a:25:16:4c:21:11:9f:f5:e0:38:9b:81:1b:e8:3f:7e:a4:
30:41:e3:b2:96:e8:19:58:5d:df:86:4d:3c:55:08:f6:31:e1:
1c:66:0d:f5
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAZZQ5y/ZQ7wCQ5FLm0TX8+k7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNDIwMDE1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmUyOTMzNGM2ODk1NzhmYmIzZGNkMjg3ZThhNzY2MDY5OGUxN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0863KUqTAf2PZ3SPGwbjJGf0eeNR
WReMyxwFZHL0xRRLrFPK/SSmSGQUcdfHDkUTZjY0NbVKxM6SQcA9tW2FaTKhgne/
6y4LbOQKV0mwW7XW/9XQQL1BVZ15TyeadkwpOtjjjm12wG2uIL3/COdJhHfcFgqY
hGQFRt7PpuLfkutgOYWCLyhghOPyAcK3LONxbwSbrYwW5xRQSxHpPSXmhi2ovrEA
P2aK7z4jGA25WZEsszk/20szwmR7lo1IYVMvUT1TmciI5ta12XPQlAmPrpdGI1NK
h0svC5m8dxWXzt4j7bJmGvsPV3a5JlW297Po7llXDH4jmenDlcYGWNTAFwIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFNLikzTGiVePuz3NKH6KdmBpjhfMMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMHVLVE5NYUpWNC03UGMwb2ZvcDJZR21PRjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
owUeAwQAowUiAwQAowU7AwQAowU/AwQAowVCAwQAowVJAwQBowVwAwQBowV2AwQA
owV5AwQBowWAAwQAowWFAwQBowWKMAwDBAGjBY4DBACjBZADBACjBZIDBACjBZcD
BACjBZ4DBACjBaADBACjBaIDBACjBaQDBACjBacDBACjBa0DBACjBa8DBAGjBbID
BACjBbYDBACjBboDBACjBb0DBACjBb8DBAGjBcgwDAMEAKMFywMEAKMFzgMEAKMF
0QMEAKMF2AMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF6QMEAKMF8QMEAKMF9jANBgkq
hkiG9w0BAQsFAAOCAQEAhSArae6e7qLVWX8lHFa2MLr57aBkSEjvFFIwErQZNHiY
DV7HXcVbNcPsNnTL8GwBz7hrAeNBA1K7QFI6kNrUNwGtnQAzpHFKPojRRe6b3V0/
hqmyNgHlxYHAzYgoVrSBzR6/NsmZq0/bMzvPlw3lwqL/Bz2G6lpOAOE8bqoloMur
1uBEB1mwIT4+hOwDZnCWkm3orHNZSrP2P3cjowRM1lxAaM5lCjeRlCg4qvTh+8K/
Nx7UW4P9vm254m5eWXHYpqZcMND1Fn/JFXF3awerCoBjMK3b2ibTYyolFkwhEZ/1
4DibgRvoP36kMEHjspboGVhd34ZNPFUI9jHhHGYN9Q==
-----END CERTIFICATE-----
Generated at Sun Jun 15 22:02:28 2025 by rpki-client