Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VBlfPgDg-Oaps8u_BhTVlCLJeLo.roa
File: VBlfPgDg-Oaps8u_BhTVlCLJeLo.roa (raw, json)
Hash identifier: llnDWgo36KYN0nRcfSKWMUrQE3letq/oTUapXQE996Q=
Subject key identifier: 54:19:5F:3E:00:E0:F8:E6:A9:B3:CB:BF:06:14:D5:94:22:C9:78:BA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019755FC756D349EB8EB374FA2F230942584
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VBlfPgDg-Oaps8u_BhTVlCLJeLo.roa
Signing time: Mon 09 Jun 2025 18:38:17 +0000
ROA not before: Mon 09 Jun 2025 18:38:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.28.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jun 2025 18:07:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:55:fc:75:6d:34:9e:b8:eb:37:4f:a2:f2:30:94:25:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 9 18:38:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54195f3e00e0f8e6a9b3cbbf0614d59422c978ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bb:a9:a4:8f:79:6a:d5:cd:fc:5d:bb:ea:ce:
85:08:3a:b7:47:a0:ef:b3:59:a5:a9:04:7d:85:10:
90:ae:08:e3:6f:e3:05:9d:eb:46:c8:7c:f1:43:09:
48:9e:01:c5:32:b1:28:9b:23:b2:df:0c:4b:21:e8:
b7:6a:f2:c4:4d:8e:f6:5f:9e:36:48:b6:86:0d:9b:
22:df:7b:a9:c4:0b:92:3d:1a:1b:12:33:5c:8c:8a:
e0:30:0e:cb:fd:ff:be:89:27:d4:3d:b9:51:62:4c:
41:92:aa:f2:56:c3:01:a3:cd:2f:41:ce:84:99:3f:
7d:b4:f2:39:3f:42:ac:a2:5a:56:2d:6c:59:fa:a4:
1e:22:0d:b9:46:e2:80:06:89:07:52:ba:10:2f:83:
e4:15:7d:8a:df:b8:39:c4:cb:fa:8c:b7:2a:cd:b9:
7a:91:13:e1:a3:7d:fd:3f:90:4f:86:82:86:67:1e:
a0:b0:93:c5:e0:85:20:07:84:5f:72:e2:1e:d5:32:
6b:7c:04:3d:02:65:0c:fc:26:60:14:8b:3a:5d:f3:
1f:0f:bf:2c:5d:75:df:ae:fb:a4:5e:49:38:7e:6b:
c1:2c:82:f6:09:9e:b1:8c:bc:79:da:0d:cc:17:f4:
75:62:0e:c2:98:61:6d:e4:82:17:fc:da:68:bc:7b:
8d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:19:5F:3E:00:E0:F8:E6:A9:B3:CB:BF:06:14:D5:94:22:C9:78:BA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VBlfPgDg-Oaps8u_BhTVlCLJeLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.28.0/24
163.5.30.0/23
163.5.59.0/24
163.5.109.0/24
163.5.112.0/24
163.5.121.0/24
163.5.128.0/23
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.201.0/24
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.218.0/24
163.5.221.0/24
163.5.223.0-163.5.224.255
163.5.228.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b5:a6:2d:fc:94:e0:65:7d:f9:d2:71:00:b2:7a:c1:48:21:
9e:86:4b:50:6e:da:27:ec:7a:21:f0:47:19:01:b4:79:2c:ed:
38:93:89:4a:bd:4c:ec:df:20:60:2a:6c:b2:5c:f0:a3:03:8f:
5c:d9:ff:82:d7:d5:74:29:db:39:9e:5b:4f:ce:e2:c7:ba:e5:
aa:32:3e:c0:b6:06:f6:16:f8:3b:0c:e2:05:48:e8:18:59:fd:
c9:4c:ff:8f:8e:cf:ad:2c:a2:15:7d:63:a8:2a:64:03:37:88:
3e:84:30:4c:4c:38:58:a1:e9:f3:66:d4:7e:e7:36:d3:b7:62:
57:18:20:7a:f7:64:1c:9d:c9:27:85:74:12:52:8b:87:40:c8:
66:11:7d:87:3b:f3:41:79:65:3a:f3:fa:c1:48:33:b3:f9:3a:
28:cd:69:0b:cc:ec:c6:97:5d:fe:2d:19:69:8e:8d:03:78:85:
7c:e5:d3:e9:43:ed:64:53:ab:da:e5:9c:06:b2:98:fd:39:22:
45:27:cc:fe:1a:ff:22:aa:db:d8:00:5e:aa:77:df:98:4b:4a:
1b:1e:33:7a:b4:90:0d:5e:ee:07:b8:16:30:3c:fa:8f:35:85:
8f:81:3d:b3:20:bf:a9:0b:8c:19:74:f4:d3:68:76:81:f7:7e:
cc:35:9a:64
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZdV/HVtNJ646zdPovIwlCWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNjA5MTgzODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDE5NWYzZTAwZTBmOGU2YTliM2NiYmYwNjE0ZDU5NDIyYzk3OGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbuppI95atXN/F276s6FCDq3R6Dv
s1mlqQR9hRCQrgjjb+MFnetGyHzxQwlIngHFMrEomyOy3wxLIei3avLETY72X542
SLaGDZsi33upxAuSPRobEjNcjIrgMA7L/f++iSfUPblRYkxBkqryVsMBo80vQc6E
mT99tPI5P0KsolpWLWxZ+qQeIg25RuKABokHUroQL4PkFX2K37g5xMv6jLcqzbl6
kRPho339P5BPhoKGZx6gsJPF4IUgB4RfcuIe1TJrfAQ9AmUM/CZgFIs6XfMfD78s
XXXfrvukXkk4fmvBLIL2CZ6xjLx52g3MF/R1Yg7CmGFt5IIX/NpovHuN0wIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFFQZXz4A4PjmqbPLvwYU1ZQiyXi6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVkJsZlBnRGctT2Fwczh1X0JoVFZsQ0xKZUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBACj
BRwDBAGjBR4DBACjBTsDBACjBW0DBACjBXADBACjBXkDBAGjBYADBACjBYsDBACj
BY8DBACjBZIDBACjBZcDBACjBaADBACjBaIDBACjBacDBACjBbIDBACjBbYDBACj
BboDBACjBb0DBACjBckwDAMEAKMFywMEAKMFzgMEAKMF0QMEAKMF2gMEAKMF3TAM
AwQAowXfAwQAowXgAwQAowXkAwQAowXxMA0GCSqGSIb3DQEBCwUAA4IBAQBstaYt
/JTgZX350nEAsnrBSCGehktQbton7Hoh8EcZAbR5LO04k4lKvUzs3yBgKmyyXPCj
A49c2f+C19V0Kds5nltPzuLHuuWqMj7Atgb2Fvg7DOIFSOgYWf3JTP+Pjs+tLKIV
fWOoKmQDN4g+hDBMTDhYoenzZtR+5zbTt2JXGCB692QcncknhXQSUouHQMhmEX2H
O/NBeWU68/rBSDOz+ToozWkLzOzGl13+LRlpjo0DeIV85dPpQ+1kU6va5ZwGspj9
OSJFJ8z+Gv8iqtvYAF6qd9+YS0obHjN6tJANXu4HuBYwPPqPNYWPgT2zIL+pC4wZ
dPTTaHaB937MNZpk
-----END CERTIFICATE-----
Generated at Mon Jun 16 04:26:11 2025 by rpki-client