Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mP1CUNEcPbUVBsq-nUiWvgIzkXo.roa
File: mP1CUNEcPbUVBsq-nUiWvgIzkXo.roa (raw, json)
Hash identifier: rqIH8k2Lbd3XpiiQnb0RJ+dotu83zX22ZeRKP6I0+Bc=
Subject key identifier: 98:FD:42:50:D1:1C:3D:B5:15:06:CA:BE:9D:48:96:BE:02:33:91:7A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01963933FD5A38077B228616B3E10C1004D7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mP1CUNEcPbUVBsq-nUiWvgIzkXo.roa
Signing time: Tue 15 Apr 2025 11:27:10 +0000
ROA not before: Tue 15 Apr 2025 11:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.63.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.133.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Apr 2025 01:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:33:fd:5a:38:07:7b:22:86:16:b3:e1:0c:10:04:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 15 11:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98fd4250d11c3db51506cabe9d4896be0233917a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:a4:7e:55:d6:53:df:ac:fd:44:17:e1:b5:
c7:50:4e:9a:a0:32:da:e9:cc:12:07:bc:49:70:58:
1d:48:05:d6:a3:e4:0d:14:15:d2:35:d0:37:c9:cb:
1d:d6:2d:10:89:8d:e6:e6:d0:f1:7b:f5:b7:f2:71:
08:ce:b0:9d:3a:5f:b9:4a:51:68:7a:b1:03:da:96:
ec:0b:1f:a0:63:a3:c0:92:f0:88:b1:d4:19:18:18:
e0:63:66:89:f0:4d:58:3a:96:70:42:c3:0a:c4:7b:
00:1a:59:49:aa:db:e7:c1:bb:11:51:4e:43:a5:0d:
c5:e0:a8:ca:a5:d0:e1:b3:e1:3d:d9:1c:9e:ba:c8:
27:08:91:5e:ad:d5:ef:a4:8a:b8:f2:a1:3c:51:f7:
77:03:f4:c4:a6:60:6f:4a:09:9e:49:97:ae:5e:2b:
84:e6:7b:3e:f1:c6:00:6c:c5:d6:66:5c:7c:75:3a:
11:99:21:e8:62:f5:77:d7:aa:bd:09:70:06:2e:39:
db:17:b9:7c:2a:43:28:97:89:52:ea:cd:9d:7a:a5:
16:0f:7b:50:77:e9:0f:e0:5d:a1:67:eb:e9:e2:f4:
88:30:a1:8c:d0:86:56:bd:88:07:62:3d:bf:a8:3f:
34:27:04:b3:b7:43:07:6d:b3:54:38:e8:0b:81:bb:
77:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FD:42:50:D1:1C:3D:B5:15:06:CA:BE:9D:48:96:BE:02:33:91:7A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mP1CUNEcPbUVBsq-nUiWvgIzkXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.34.0/24
163.5.59.0/24
163.5.63.0/24
163.5.66.0/24
163.5.73.0/24
163.5.97.0/24
163.5.112.0/23
163.5.118.0/23
163.5.121.0/24
163.5.128.0/23
163.5.133.0/24
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.156.0/24
163.5.158.0/24
163.5.160.0/24
163.5.162.0/24
163.5.164.0/24
163.5.167.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.216.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
163.5.246.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:63:00:58:ee:3f:d9:7b:bf:1d:95:68:83:3c:ed:7a:4c:dc:
6f:f4:7b:21:17:20:df:aa:8b:33:ad:93:d3:73:42:f8:bf:39:
ea:51:31:d4:9d:da:8a:40:d9:93:c7:d9:c4:21:b2:f9:82:f2:
79:ab:56:ac:19:43:e9:de:e5:97:7b:79:7c:13:e9:e0:91:d4:
96:09:db:5f:6a:64:7b:08:99:93:4e:2c:9e:2e:a4:aa:11:bf:
d1:c2:ef:2e:ed:50:36:3c:94:2d:3f:23:39:dc:e8:f7:0b:8c:
8f:8d:bc:f6:03:14:82:41:22:15:6b:2d:2a:c6:9c:1b:d9:98:
d4:b8:01:8b:d1:7a:2a:65:9c:a4:40:36:fe:38:dd:0d:3c:42:
6b:fe:db:97:01:84:3b:2d:84:63:b0:b7:d9:cf:68:2c:5a:0d:
0c:d7:03:db:e7:55:37:28:aa:5b:3a:25:f5:8d:ea:f8:cb:9e:
41:ea:16:38:78:98:57:71:5e:f6:08:15:7e:56:57:95:ca:ff:
e0:01:cf:f8:8e:2e:ed:75:fd:b7:cf:5d:6b:c7:f8:0a:fb:cf:
b4:d0:b7:f1:ab:b9:55:a4:10:e2:8a:e8:b5:b7:a5:63:c1:55:
4c:29:f5:28:06:f8:7d:3b:7e:a6:5c:42:37:c4:fe:46:8c:43:
4a:f5:2a:5a
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAZY5M/1aOAd7IoYWs+EMEATXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNDE1MTEyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGZkNDI1MGQxMWMzZGI1MTUwNmNhYmU5ZDQ4OTZiZTAyMzM5MTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEykflXWU9+s/UQX4bXHUE6aoDLa
6cwSB7xJcFgdSAXWo+QNFBXSNdA3ycsd1i0QiY3m5tDxe/W38nEIzrCdOl+5SlFo
erED2pbsCx+gY6PAkvCIsdQZGBjgY2aJ8E1YOpZwQsMKxHsAGllJqtvnwbsRUU5D
pQ3F4KjKpdDhs+E92RyeusgnCJFerdXvpIq48qE8Ufd3A/TEpmBvSgmeSZeuXiuE
5ns+8cYAbMXWZlx8dToRmSHoYvV316q9CXAGLjnbF7l8KkMol4lS6s2deqUWD3tQ
d+kP4F2hZ+vp4vSIMKGM0IZWvYgHYj2/qD80JwSzt0MHbbNUOOgLgbt3zwIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFJj9QlDRHD21FQbKvp1Ilr4CM5F6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbVAxQ1VORWNQYlVWQnNxLW5VaVd2Z0l6a1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQAowUeAwQAowUiAwQAowU7AwQAowU/AwQAowVCAwQAowVJAwQAowVhAwQBowVw
AwQBowV2AwQAowV5AwQBowWAAwQAowWFAwQBowWKMAwDBAGjBY4DBACjBZADBACj
BZIDBACjBZcDBACjBZwDBACjBZ4DBACjBaADBACjBaIDBACjBaQDBACjBacDBACj
Ba0DBACjBa8DBAGjBbIDBACjBbYDBACjBboDBACjBb0DBACjBb8DBAGjBcgwDAME
AKMFywMEAKMFzgMEAKMF0QMEAKMF2AMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF6QME
AKMF8QMEAKMF9jANBgkqhkiG9w0BAQsFAAOCAQEAT2MAWO4/2Xu/HZVogzztekzc
b/R7IRcg36qLM62T03NC+L856lEx1J3aikDZk8fZxCGy+YLyeatWrBlD6d7ll3t5
fBPp4JHUlgnbX2pkewiZk04sni6kqhG/0cLvLu1QNjyULT8jOdzo9wuMj4289gMU
gkEiFWstKsacG9mY1LgBi9F6KmWcpEA2/jjdDTxCa/7blwGEOy2EY7C32c9oLFoN
DNcD2+dVNyiqWzol9Y3q+MueQeoWOHiYV3Fe9ggVflZXlcr/4AHP+I4u7XX9t89d
a8f4CvvPtNC38au5VaQQ4orotbelY8FVTCn1KAb4fTt+plxCN8T+RoxDSvUqWg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 12:59:19 2025 by rpki-client