Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OVIqFtU0ZNJtDUxPbAvYIyYWq_w.roa
File: OVIqFtU0ZNJtDUxPbAvYIyYWq_w.roa (raw, json)
Hash identifier: PCie/SEGTH/4CIhWwUco5I5VERROSHXKDcGjLlPx8TE=
Subject key identifier: 39:52:2A:16:D5:34:64:D2:6D:0D:4C:4F:6C:0B:D8:23:26:16:AB:FC
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0195E6CB2D86991DC6344356A7CE1F1F6942
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OVIqFtU0ZNJtDUxPbAvYIyYWq_w.roa
Signing time: Sun 30 Mar 2025 11:23:49 +0000
ROA not before: Sun 30 Mar 2025 11:23:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 19:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e6:cb:2d:86:99:1d:c6:34:43:56:a7:ce:1f:1f:69:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 30 11:23:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39522a16d53464d26d0d4c4f6c0bd8232616abfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:35:94:c8:b0:07:4b:28:3e:05:ee:47:5a:4c:
19:59:2d:58:64:bb:d0:25:34:f2:7e:d5:c3:9e:44:
59:be:9d:6b:c7:3f:e3:f4:12:8c:60:9c:c7:1b:5e:
dd:a9:91:c3:f1:a4:39:5a:02:71:e6:43:50:40:74:
54:f0:f0:54:7e:37:db:d8:6d:96:ac:e5:eb:21:a7:
75:87:7b:b7:d3:f7:70:44:f9:f8:74:d9:15:4b:de:
12:c3:de:ac:44:59:98:32:92:3b:07:e5:b6:1f:50:
72:c5:ff:69:f9:ae:4c:84:37:22:d9:dd:ef:09:08:
71:97:58:de:78:28:ca:1b:9d:4f:e0:b6:1a:65:51:
e1:86:82:c8:90:b8:9b:33:5f:e4:b9:2e:a6:da:73:
af:6e:27:ff:30:1b:77:15:ec:d7:44:39:9b:18:e3:
58:e0:57:42:52:14:08:44:1f:02:b9:18:fd:d9:e9:
13:a4:a8:2e:c9:5f:75:9b:ac:4a:fb:01:be:7d:9b:
ee:8e:90:af:65:46:03:65:da:c8:66:15:7c:5c:ef:
e8:31:39:61:02:7f:5e:ae:a5:7d:67:58:5d:cf:93:
58:7f:64:17:4f:bb:0e:0c:d1:c5:b1:16:59:51:e3:
c4:15:e4:6b:ff:ac:f0:20:a2:1e:98:67:9f:1d:dd:
2b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:52:2A:16:D5:34:64:D2:6D:0D:4C:4F:6C:0B:D8:23:26:16:AB:FC
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OVIqFtU0ZNJtDUxPbAvYIyYWq_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.34.0/24
163.5.46.0/24
163.5.59.0/24
163.5.66.0/24
163.5.73.0/24
163.5.97.0/24
163.5.112.0/23
163.5.118.0/23
163.5.121.0/24
163.5.128.0/23
163.5.131.0/24
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.156.0/24
163.5.158.0/24
163.5.160.0/24
163.5.162.0/24
163.5.164.0/24
163.5.167.0/24
163.5.170.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.216.0/24
163.5.218.0/24
163.5.221.0/24
163.5.224.0/23
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
163.5.246.0-163.5.248.255
Signature Algorithm: sha256WithRSAEncryption
78:5d:32:ef:6b:00:3b:ab:38:64:02:3b:8f:75:e5:ad:38:a1:
ec:62:26:71:fc:e5:19:9b:41:15:42:4a:fa:fc:d2:35:14:d4:
93:6b:8f:b9:59:24:ac:b8:54:b1:76:7a:88:c7:c3:76:2e:dc:
7c:9c:c9:fd:74:cb:fa:82:90:de:42:6e:9b:03:d6:f1:6d:fb:
74:5e:e1:62:c6:37:47:13:7b:de:2a:86:09:1a:b3:81:f6:90:
52:87:4c:46:4b:16:44:a9:e7:18:db:3f:46:0b:02:1b:44:26:
79:6b:e3:50:0f:51:39:9b:50:95:a1:7f:f4:21:27:12:e4:34:
8a:e9:ba:cd:b8:bd:ee:0e:5f:a1:da:17:e3:3f:0c:57:75:7f:
d1:5e:86:3e:c4:32:06:d9:e4:e9:10:0f:89:f4:ff:44:9c:3c:
fc:3d:71:43:01:84:0d:aa:88:e5:80:31:2f:a0:22:74:d4:e8:
a8:0c:6c:ee:32:12:3d:20:c5:ad:a6:0a:74:96:fe:29:8f:3d:
2d:82:79:9c:f3:4e:46:a4:25:74:04:2c:48:50:c3:45:55:b6:
6b:58:12:f6:83:33:62:a9:ea:73:71:bc:17:20:6d:ab:b6:23:
cf:d8:fe:e0:ef:c6:cf:ca:6f:b7:36:6c:c0:78:b3:ea:26:1d:
da:af:60:ad
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZXmyy2GmR3GNENWp84fH2lCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMzMwMTEyMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTUyMmExNmQ1MzQ2NGQyNmQwZDRjNGY2YzBiZDgyMzI2MTZhYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDWUyLAHSyg+Be5HWkwZWS1YZLvQ
JTTyftXDnkRZvp1rxz/j9BKMYJzHG17dqZHD8aQ5WgJx5kNQQHRU8PBUfjfb2G2W
rOXrIad1h3u30/dwRPn4dNkVS94Sw96sRFmYMpI7B+W2H1Byxf9p+a5MhDci2d3v
CQhxl1jeeCjKG51P4LYaZVHhhoLIkLibM1/kuS6m2nOvbif/MBt3FezXRDmbGONY
4FdCUhQIRB8CuRj92ekTpKguyV91m6xK+wG+fZvujpCvZUYDZdrIZhV8XO/oMTlh
An9erqV9Z1hdz5NYf2QXT7sODNHFsRZZUePEFeRr/6zwIKIemGefHd0r/QIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFDlSKhbVNGTSbQ1MT2wL2CMmFqv8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvT1ZJcUZ0VTBaTkp0RFV4UGJBdllJeVlXcV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAKMFHgMEAKMFIgMEAKMFLgMEAKMFOwMEAKMFQgMEAKMFSQMEAKMFYQMEAaMF
cAMEAaMFdgMEAKMFeQMEAaMFgAMEAKMFgwMEAaMFijAMAwQBowWOAwQAowWQAwQA
owWSAwQAowWXAwQAowWcAwQAowWeAwQAowWgAwQAowWiAwQAowWkAwQAowWnAwQA
owWqAwQAowWtAwQAowWvAwQBowWyAwQAowW2AwQAowW6AwQAowW9AwQAowW/AwQB
owXIMAwDBACjBcsDBACjBc4DBACjBdEDBACjBdgDBACjBdoDBACjBd0DBAGjBeAD
BACjBeQDBACjBekDBACjBfEwDAMEAaMF9gMEAKMF+DANBgkqhkiG9w0BAQsFAAOC
AQEAeF0y72sAO6s4ZAI7j3XlrTih7GImcfzlGZtBFUJK+vzSNRTUk2uPuVkkrLhU
sXZ6iMfDdi7cfJzJ/XTL+oKQ3kJumwPW8W37dF7hYsY3RxN73iqGCRqzgfaQUodM
RksWRKnnGNs/RgsCG0QmeWvjUA9ROZtQlaF/9CEnEuQ0ium6zbi97g5fodoX4z8M
V3V/0V6GPsQyBtnk6RAPifT/RJw8/D1xQwGEDaqI5YAxL6AidNToqAxs7jISPSDF
raYKdJb+KY89LYJ5nPNORqQldAQsSFDDRVW2a1gS9oMzYqnqc3G8FyBtq7Yjz9j+
4O/Gz8pvtzZswHiz6iYd2q9grQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:46:50 2025 by rpki-client