Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cnYDbCoY9fVsHUVFouoqbPwci2Q.roa
File: cnYDbCoY9fVsHUVFouoqbPwci2Q.roa (raw, json)
Hash identifier: QKwzYNQUMFhLzN2t+2lokLDaaAz78mzrrRND3Dk/UoU=
Subject key identifier: 72:76:03:6C:2A:18:F5:F5:6C:1D:45:45:A2:EA:2A:6C:FC:1C:8B:64
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0196156439D7DB32AE4A611151E1CBE37CF8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cnYDbCoY9fVsHUVFouoqbPwci2Q.roa
Signing time: Tue 08 Apr 2025 12:33:32 +0000
ROA not before: Tue 08 Apr 2025 12:33:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 06:15:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:15:64:39:d7:db:32:ae:4a:61:11:51:e1:cb:e3:7c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 8 12:33:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7276036c2a18f5f56c1d4545a2ea2a6cfc1c8b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:aa:85:81:61:97:5d:8e:be:e1:bc:c4:a6:d4:
05:39:da:78:0d:af:6d:52:8e:23:3b:30:aa:53:d4:
f2:9e:bb:fc:14:8f:4b:f9:91:ea:6c:40:53:94:b8:
89:f7:a3:1a:da:23:ba:89:4c:34:e5:d2:30:2d:42:
d6:4d:a5:73:e5:2a:15:25:1c:d1:77:27:b9:74:e8:
68:f3:26:a9:91:b6:22:f0:e4:8f:4b:73:93:f4:70:
c2:45:5e:45:c4:c3:e4:42:ee:26:2b:65:6b:bc:d1:
ea:25:76:4b:9f:8e:f9:d7:70:a1:cd:73:ee:77:5b:
a0:cf:3f:aa:4d:a0:ca:04:80:cd:16:56:00:cc:64:
18:8d:c0:71:ce:ea:29:d9:64:34:01:07:a8:53:a3:
fd:b0:fc:83:ef:3f:0b:67:45:f9:48:c4:91:df:c0:
32:8e:68:12:1d:22:02:de:55:06:1c:89:d5:53:12:
43:bd:48:2d:18:d5:d5:7b:d1:dc:20:8a:b5:30:e8:
d8:c5:f8:18:7c:63:49:eb:97:51:6c:14:02:b3:ed:
dd:67:21:47:ad:be:69:c9:17:40:cb:c4:6a:50:02:
d0:b0:8f:7f:87:d1:87:4d:d0:24:de:8d:4d:7c:fc:
56:7b:22:95:cd:db:af:62:3d:29:b8:0d:10:5e:3e:
24:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:76:03:6C:2A:18:F5:F5:6C:1D:45:45:A2:EA:2A:6C:FC:1C:8B:64
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cnYDbCoY9fVsHUVFouoqbPwci2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.34.0/24
163.5.59.0/24
163.5.66.0/24
163.5.73.0/24
163.5.97.0/24
163.5.112.0/23
163.5.118.0/23
163.5.121.0/24
163.5.128.0/23
163.5.131.0/24
163.5.133.0/24
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.156.0/24
163.5.158.0/24
163.5.160.0/24
163.5.162.0/24
163.5.164.0/24
163.5.167.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.216.0/24
163.5.218.0/24
163.5.221.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
163.5.246.0/24
Signature Algorithm: sha256WithRSAEncryption
45:70:86:7f:0c:3d:e7:74:80:b2:24:a2:d5:26:82:87:2e:75:
d7:19:65:01:fa:93:ff:6e:c9:3b:53:7a:8a:d1:de:07:77:1e:
69:e6:b1:dc:f4:63:61:12:ca:e3:bd:fc:7a:57:39:1c:99:19:
25:4b:df:2d:86:7e:19:d1:df:dc:2c:42:66:13:bc:64:b0:a4:
9d:63:01:e1:e1:06:ab:ce:4e:b5:aa:8a:4e:f0:cf:f6:53:b3:
03:3e:e3:4d:43:cc:d6:b3:ab:63:28:39:3d:ba:af:9e:96:34:
0c:31:c7:ed:25:a7:f9:64:9f:64:91:e5:b3:80:27:e3:6f:6e:
c9:74:38:d6:d0:3f:b3:68:af:6d:93:5c:6a:fd:51:e2:26:bc:
29:f7:9e:6a:66:86:58:06:2e:72:2e:c1:b7:de:af:48:15:17:
25:e5:01:db:97:e2:fc:4e:8e:60:e9:d7:6c:dd:b4:fd:62:63:
07:cb:fd:97:a0:c7:3e:85:ab:b0:f6:51:6a:6b:90:e4:73:6f:
8c:64:5b:6d:fc:2d:2c:41:c5:dd:ca:38:1b:1a:a6:a7:a4:75:
42:6c:98:4e:88:a7:f7:b4:3b:f2:b6:0f:56:ca:c3:0f:2c:9f:
8b:c9:4e:dc:2a:76:12:81:e6:6b:9c:bf:d7:86:63:63:9e:d8:
74:a4:11:69
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAZYVZDnX2zKuSmERUeHL43z4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNDA4MTIzMzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjc2MDM2YzJhMThmNWY1NmMxZDQ1NDVhMmVhMmE2Y2ZjMWM4YjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraqFgWGXXY6+4bzEptQFOdp4Da9t
Uo4jOzCqU9Tynrv8FI9L+ZHqbEBTlLiJ96Ma2iO6iUw05dIwLULWTaVz5SoVJRzR
dye5dOho8yapkbYi8OSPS3OT9HDCRV5FxMPkQu4mK2VrvNHqJXZLn47513ChzXPu
d1ugzz+qTaDKBIDNFlYAzGQYjcBxzuop2WQ0AQeoU6P9sPyD7z8LZ0X5SMSR38Ay
jmgSHSIC3lUGHInVUxJDvUgtGNXVe9HcIIq1MOjYxfgYfGNJ65dRbBQCs+3dZyFH
rb5pyRdAy8RqUALQsI9/h9GHTdAk3o1NfPxWeyKVzduvYj0puA0QXj4kfwIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFHJ2A2wqGPX1bB1FRaLqKmz8HItkMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvY25ZRGJDb1k5ZlZzSFVWRm91b3FiUHdjaTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEAKMFHgMEAKMFIgMEAKMFOwMEAKMFQgMEAKMFSQMEAKMFYQMEAaMFcAMEAaMF
dgMEAKMFeQMEAaMFgAMEAKMFgwMEAKMFhQMEAaMFijAMAwQBowWOAwQAowWQAwQA
owWSAwQAowWXAwQAowWcAwQAowWeAwQAowWgAwQAowWiAwQAowWkAwQAowWnAwQA
owWtAwQAowWvAwQBowWyAwQAowW2AwQAowW6AwQAowW9AwQAowW/AwQBowXIMAwD
BACjBcsDBACjBc4DBACjBdEDBACjBdgDBACjBdoDBACjBd0DBACjBeADBACjBeQD
BACjBekDBACjBfEDBACjBfYwDQYJKoZIhvcNAQELBQADggEBAEVwhn8MPed0gLIk
otUmgocuddcZZQH6k/9uyTtTeorR3gd3Hmnmsdz0Y2ESyuO9/HpXORyZGSVL3y2G
fhnR39wsQmYTvGSwpJ1jAeHhBqvOTrWqik7wz/ZTswM+401DzNazq2MoOT26r56W
NAwxx+0lp/lkn2SR5bOAJ+Nvbsl0ONbQP7Nor22TXGr9UeImvCn3nmpmhlgGLnIu
wbfer0gVFyXlAduX4vxOjmDp12zdtP1iYwfL/Zegxz6Fq7D2UWprkORzb4xkW238
LSxBxd3KOBsapqekdUJsmE6Ip/e0O/K2D1bKww8sn4vJTtwqdhKB5mucv9eGY2Oe
2HSkEWk=
-----END CERTIFICATE-----
Generated at Sun Jun 15 22:19:11 2025 by rpki-client