Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8KUXR98xA8DniAmwSG6p93vi1jc.roa
File: 8KUXR98xA8DniAmwSG6p93vi1jc.roa (raw, json)
Hash identifier: nqVZip9r0FSb32zh6DrP7V0tJK1r1pG7o7slOtvs3pY=
Subject key identifier: F0:A5:17:47:DF:31:03:C0:E7:88:09:B0:48:6E:A9:F7:7B:E2:D6:37
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018B149CB452BD0D344DE517F906C8A70D10
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8KUXR98xA8DniAmwSG6p93vi1jc.roa
Signing time: Mon 09 Oct 2023 13:24:55 +0000
ROA not before: Mon 09 Oct 2023 13:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 163.5.194.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Oct 2023 18:23:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:9c:b4:52:bd:0d:34:4d:e5:17:f9:06:c8:a7:0d:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 9 13:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0a51747df3103c0e78809b0486ea9f77be2d637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:87:d8:08:79:02:9f:0e:aa:a4:db:08:5e:61:
1f:c2:65:7f:52:b7:c8:e0:76:ee:89:5d:2e:2e:58:
7e:39:7b:1a:46:cd:bb:49:9e:93:ca:b4:a6:7c:d7:
77:3b:f8:e3:6f:0e:6f:97:4f:77:ed:d6:c6:1b:06:
a1:97:0d:99:f9:57:fd:72:14:1a:04:18:f0:8a:51:
4e:f4:a9:af:11:83:67:d3:3f:04:b9:37:64:cf:1f:
bc:eb:84:36:ec:d0:93:29:8f:8a:64:ff:03:cf:b5:
17:b8:aa:4a:b4:a5:a3:ab:1a:b5:3f:a6:54:c6:0b:
90:b4:94:fd:28:12:ac:0a:d7:fa:1b:89:84:61:5c:
fc:01:83:bf:bf:42:b7:17:0d:49:dc:da:07:c1:76:
7a:99:bb:52:f2:ce:5e:7b:02:e8:97:37:ba:1b:6b:
7e:d5:f8:86:6d:23:52:c5:a8:bf:7d:22:f4:5a:8b:
f4:50:c2:be:a4:7a:ab:5d:3c:89:81:31:dc:62:23:
63:a9:17:c5:e3:aa:56:56:67:4b:51:5f:b8:73:9a:
cc:e1:66:71:d5:3f:d6:fa:a8:9f:30:c3:50:00:37:
cc:fa:f2:aa:62:43:e6:a7:82:80:a5:bf:59:51:dd:
1d:94:3a:16:94:f1:c6:9e:5a:21:8a:63:61:09:9a:
e9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A5:17:47:DF:31:03:C0:E7:88:09:B0:48:6E:A9:F7:7B:E2:D6:37
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8KUXR98xA8DniAmwSG6p93vi1jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.129.0/24
163.5.157.0/24
163.5.194.0/24
Signature Algorithm: sha256WithRSAEncryption
08:01:79:07:44:5e:df:87:8f:23:76:49:da:d0:ff:0c:60:46:
a9:45:cc:56:61:3b:70:34:ae:f8:8a:2f:ef:69:46:52:a9:da:
05:2b:dd:8f:a8:cd:64:ba:2e:de:45:c2:3c:ac:8b:a2:1b:40:
35:e0:98:d1:d9:4d:d4:09:1c:f6:b1:0d:7f:23:bf:cb:df:fa:
df:fc:3b:bb:f5:74:2f:e6:21:ea:82:4c:7b:1c:f4:90:57:13:
5f:51:16:0e:95:6f:b2:ba:e9:10:b3:db:13:e9:cc:58:44:17:
e6:af:47:ab:8e:ce:87:cb:b6:0f:62:63:f2:92:7e:78:de:a8:
40:85:fa:22:94:7a:d3:38:e7:36:33:41:ab:42:a8:df:8e:34:
6e:99:33:f6:9d:8b:80:32:3d:4a:a0:d6:bd:c4:e9:74:e4:61:
7c:b7:82:85:68:5f:e7:46:00:fd:48:93:d6:53:69:90:b7:f0:
ec:a2:37:0e:09:a2:a1:69:64:a8:9e:34:05:82:75:8c:4b:1f:
3f:2a:a3:05:fc:42:07:63:16:7c:34:59:26:2b:78:79:f1:37:
9e:c5:7d:a3:da:b2:60:ab:53:84:72:de:94:94:73:56:00:7f:
28:4a:54:4c:30:eb:f8:eb:ae:38:b5:30:f5:8f:ba:a7:b9:c1:
14:20:01:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsUnLRSvQ00TeUX+QbIpw0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDA5MTMyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGE1MTc0N2RmMzEwM2MwZTc4ODA5YjA0ODZlYTlmNzdiZTJkNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIfYCHkCnw6qpNsIXmEfwmV/UrfI
4HbuiV0uLlh+OXsaRs27SZ6TyrSmfNd3O/jjbw5vl0937dbGGwahlw2Z+Vf9chQa
BBjwilFO9KmvEYNn0z8EuTdkzx+864Q27NCTKY+KZP8Dz7UXuKpKtKWjqxq1P6ZU
xguQtJT9KBKsCtf6G4mEYVz8AYO/v0K3Fw1J3NoHwXZ6mbtS8s5eewLolze6G2t+
1fiGbSNSxai/fSL0Wov0UMK+pHqrXTyJgTHcYiNjqRfF46pWVmdLUV+4c5rM4WZx
1T/W+qifMMNQADfM+vKqYkPmp4KApb9ZUd0dlDoWlPHGnlohimNhCZrpZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPClF0ffMQPA54gJsEhuqfd74tY3MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOEtVWFI5OHhBOERuaUFtd1NHNnA5M3ZpMWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowWBAwQA
owWdAwQAowXCMA0GCSqGSIb3DQEBCwUAA4IBAQAIAXkHRF7fh48jdkna0P8MYEap
RcxWYTtwNK74ii/vaUZSqdoFK92PqM1kui7eRcI8rIuiG0A14JjR2U3UCRz2sQ1/
I7/L3/rf/Du79XQv5iHqgkx7HPSQVxNfURYOlW+yuukQs9sT6cxYRBfmr0erjs6H
y7YPYmPykn543qhAhfoilHrTOOc2M0GrQqjfjjRumTP2nYuAMj1KoNa9xOl05GF8
t4KFaF/nRgD9SJPWU2mQt/DsojcOCaKhaWSonjQFgnWMSx8/KqMF/EIHYxZ8NFkm
K3h58TeexX2j2rJgq1OEct6UlHNWAH8oSlRMMOv46644tTD1j7qnucEUIAF+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org