Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xXd7MITeA7d6lduFbqM1irJbp2c.roa
File: xXd7MITeA7d6lduFbqM1irJbp2c.roa (raw, json)
Hash identifier: AJcWuhROU4Ew7KdRB6Cg825kZj4ict645rPHJjQqjok=
Subject key identifier: C5:77:7B:30:84:DE:03:B7:7A:95:DB:85:6E:A3:35:8A:B2:5B:A7:67
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0197645FA02D5781239AAFD6693BCB7DB35C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xXd7MITeA7d6lduFbqM1irJbp2c.roa
Signing time: Thu 12 Jun 2025 13:41:17 +0000
ROA not before: Thu 12 Jun 2025 13:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Jun 2025 22:14:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:64:5f:a0:2d:57:81:23:9a:af:d6:69:3b:cb:7d:b3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 12 13:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5777b3084de03b77a95db856ea3358ab25ba767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e6:c7:c1:97:dc:eb:d4:c4:49:ee:f0:30:21:
31:da:75:66:eb:f7:58:bc:8e:3d:6a:a3:a2:22:73:
26:35:86:49:16:28:1d:a9:3f:fb:02:af:74:8a:4d:
1c:e9:19:3a:98:c3:68:2a:a8:6f:c2:56:7d:c6:30:
45:da:b4:91:32:c3:59:e9:ea:aa:3b:1d:9f:88:97:
17:07:34:4b:5e:2e:d7:f6:f3:9f:5d:c3:a9:5e:d0:
15:bc:4a:bf:55:8b:01:84:c2:73:e6:95:3b:87:38:
93:6a:c8:aa:93:78:91:8b:3e:90:31:e2:1e:bd:41:
3c:39:ac:d7:49:46:23:a6:15:5b:68:88:3f:09:b9:
3f:1e:b8:c7:bf:3d:fc:02:9d:cb:ac:86:d6:52:d4:
9a:16:81:09:5e:0e:ab:b3:1a:bf:05:a0:c9:f8:f3:
c2:2c:24:9e:ab:70:f1:36:a4:56:ad:34:8d:fe:ae:
b4:e7:dc:95:06:a2:16:01:22:42:18:7c:62:46:c8:
84:e2:42:eb:06:b5:19:f2:51:16:87:9f:3f:ea:ac:
9f:cd:91:6c:b4:85:df:32:c1:7f:36:a8:11:39:8e:
c2:28:31:ef:86:f7:a6:85:ed:f1:e3:da:b2:65:ed:
ae:9e:70:d4:1b:d0:62:0c:7d:0b:45:3a:de:1c:35:
68:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:77:7B:30:84:DE:03:B7:7A:95:DB:85:6E:A3:35:8A:B2:5B:A7:67
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xXd7MITeA7d6lduFbqM1irJbp2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/23
163.5.59.0/24
163.5.89.0/24
163.5.109.0/24
163.5.112.0/24
163.5.121.0/24
163.5.128.0/23
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.201.0/24
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.218.0/24
163.5.221.0/24
163.5.223.0-163.5.224.255
163.5.228.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
27:d3:df:20:9f:e4:bc:2e:9d:57:d1:e6:6a:49:e7:23:70:ac:
20:b4:32:ed:b5:3c:08:49:9f:fc:b5:5b:7f:be:e5:03:aa:a0:
6d:c8:37:8b:89:76:16:cb:4a:67:5e:9b:5d:ce:e0:9a:21:05:
a1:ed:6f:7c:b8:1d:6a:77:8b:5c:04:85:90:69:15:f6:26:4f:
4c:40:fd:d5:99:74:45:16:a9:b2:ef:37:81:9b:e1:b7:1e:2f:
cf:71:84:e3:d2:1a:9f:2e:8c:12:87:4f:7d:e9:1c:97:87:ab:
63:a6:27:9f:b4:44:b7:63:be:23:66:a6:a0:92:c5:e2:87:c1:
0c:73:bc:0f:98:b0:39:89:59:59:44:60:2c:13:f0:a5:b2:c1:
65:fa:25:5d:2f:da:d6:60:ec:22:b1:7a:1e:20:1d:c7:ff:30:
17:c2:92:f5:b4:f0:b1:9c:17:90:a6:77:eb:ab:2a:1b:22:9e:
6c:2e:26:4d:f6:6d:1f:f6:12:d8:5b:4f:6d:d1:78:d3:ec:e2:
4b:9e:82:4c:3f:df:bd:b9:81:bc:7f:2f:09:de:99:27:50:e5:
a0:03:34:9a:c3:ed:3c:ab:fa:5c:d0:46:09:1d:40:85:57:03:
81:75:40:84:79:86:e2:ea:fd:f1:62:1c:8b:82:fa:98:75:d6:
70:f7:fc:a4
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZdkX6AtV4Ejmq/WaTvLfbNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNjEyMTM0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTc3N2IzMDg0ZGUwM2I3N2E5NWRiODU2ZWEzMzU4YWIyNWJhNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqubHwZfc69TESe7wMCEx2nVm6/dY
vI49aqOiInMmNYZJFigdqT/7Aq90ik0c6Rk6mMNoKqhvwlZ9xjBF2rSRMsNZ6eqq
Ox2fiJcXBzRLXi7X9vOfXcOpXtAVvEq/VYsBhMJz5pU7hziTasiqk3iRiz6QMeIe
vUE8OazXSUYjphVbaIg/Cbk/HrjHvz38Ap3LrIbWUtSaFoEJXg6rsxq/BaDJ+PPC
LCSeq3DxNqRWrTSN/q6059yVBqIWASJCGHxiRsiE4kLrBrUZ8lEWh58/6qyfzZFs
tIXfMsF/NqgROY7CKDHvhvemhe3x49qyZe2unnDUG9BiDH0LRTreHDVocQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFMV3ezCE3gO3epXbhW6jNYqyW6dnMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveFhkN01JVGVBN2Q2bGR1RmJxTTFpckpicDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAGj
BR4DBACjBTsDBACjBVkDBACjBW0DBACjBXADBACjBXkDBAGjBYADBACjBYsDBACj
BY8DBACjBZIDBACjBZcDBACjBaADBACjBaIDBACjBacDBACjBbIDBACjBbYDBACj
BboDBACjBb0DBACjBckwDAMEAKMFywMEAKMFzgMEAKMF0QMEAKMF2gMEAKMF3TAM
AwQAowXfAwQAowXgAwQAowXkAwQAowXxMA0GCSqGSIb3DQEBCwUAA4IBAQAn098g
n+S8Lp1X0eZqSecjcKwgtDLttTwISZ/8tVt/vuUDqqBtyDeLiXYWy0pnXptdzuCa
IQWh7W98uB1qd4tcBIWQaRX2Jk9MQP3VmXRFFqmy7zeBm+G3Hi/PcYTj0hqfLowS
h0996RyXh6tjpieftES3Y74jZqagksXih8EMc7wPmLA5iVlZRGAsE/ClssFl+iVd
L9rWYOwisXoeIB3H/zAXwpL1tPCxnBeQpnfrqyobIp5sLiZN9m0f9hLYW09t0XjT
7OJLnoJMP9+9uYG8fy8J3pknUOWgAzSaw+08q/pc0EYJHUCFVwOBdUCEeYbi6v3x
YhyLgvqYddZw9/yk
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:43:57 2025 by rpki-client