Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8TH59haQW4l3eLLgh_BaAkgTImE.roa
File: 8TH59haQW4l3eLLgh_BaAkgTImE.roa (raw, json)
Hash identifier: onbGRx0IrIhUqPdmPkuI+4X5Mfj7TSQWxdXZ+hb3uw4=
Subject key identifier: F1:31:F9:F6:16:90:5B:89:77:78:B2:E0:87:F0:5A:02:48:13:22:61
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191C30EF4C45BDB32D34611C079006589C2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8TH59haQW4l3eLLgh_BaAkgTImE.roa
Signing time: Thu 05 Sep 2024 16:40:22 +0000
ROA not before: Thu 05 Sep 2024 16:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.31.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:0e:f4:c4:5b:db:32:d3:46:11:c0:79:00:65:89:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 5 16:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f131f9f616905b897778b2e087f05a0248132261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:34:ca:17:b0:a2:19:fa:54:37:28:ea:82:02:
f5:e9:b1:93:3e:ea:16:a8:70:8a:c6:d2:fa:7c:36:
62:da:5c:85:fd:64:a3:98:ff:da:1e:b5:34:26:87:
90:b3:4a:35:49:54:ad:6c:3c:a4:41:1a:0e:ee:c1:
dd:f8:bf:8d:fc:8a:9b:d7:af:41:ba:ee:f6:a8:ae:
62:68:dd:6f:61:3c:a1:1f:11:ce:a8:5d:a7:e3:72:
19:4a:e7:52:cc:f6:b4:7a:91:41:f1:d7:06:70:58:
fa:5f:6f:2e:3c:95:88:bc:a3:d8:c4:d2:36:9c:5f:
45:05:d1:15:f2:db:df:30:77:cf:ed:6d:94:aa:4b:
8d:31:82:ed:b5:e5:b1:9d:00:31:45:c8:9d:77:5c:
dd:84:b4:ee:bd:28:69:42:7d:9f:5c:57:43:33:e4:
03:2c:02:7d:a9:65:75:8e:76:96:10:c6:a2:ec:2e:
e8:4a:a4:72:ae:b7:3e:15:92:e3:c6:45:13:e8:5c:
30:55:4a:d2:e6:fc:01:84:b3:36:ea:af:e8:09:4a:
65:fd:02:e3:23:77:cc:99:28:0a:b6:39:17:5b:0d:
dc:a9:93:00:76:df:3a:1b:31:be:72:64:cb:67:25:
b1:9a:52:7a:9a:81:5d:5a:c1:6d:bf:9c:0a:b6:bd:
08:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:31:F9:F6:16:90:5B:89:77:78:B2:E0:87:F0:5A:02:48:13:22:61
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8TH59haQW4l3eLLgh_BaAkgTImE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.62.0/24
163.5.99.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:bb:93:0d:2c:4a:c5:96:89:fe:5d:ec:c8:04:76:b9:f5:71:
9d:91:33:b8:67:4a:98:72:35:2d:e4:cf:a9:f8:ed:b5:c1:9c:
1c:18:fe:40:63:72:5a:7c:73:40:b0:1f:1b:4c:b4:1c:a4:f5:
73:57:de:ac:c8:4b:99:fb:ce:7c:af:5f:2f:ca:b7:09:1a:6a:
19:1f:e9:e5:90:cd:8e:86:de:df:44:5e:2c:fe:14:e6:c4:64:
08:06:3b:7d:a8:f6:f7:c4:ac:74:7c:56:09:ba:3e:ea:07:fe:
e5:cb:28:7a:e1:40:b4:55:93:3d:8c:54:f1:f1:3e:44:3e:a5:
95:21:de:60:8f:8f:88:4d:ab:18:b9:d4:77:d5:cc:3c:cb:6f:
35:a9:12:28:00:74:3e:3d:8c:5b:bb:b9:82:be:46:f6:41:9d:
94:85:5c:c2:97:65:44:44:7f:76:62:56:7c:25:e2:5b:5b:e1:
fa:88:bf:13:b8:13:b3:a0:cf:fe:4b:c7:68:07:de:be:58:af:
06:19:76:a9:8c:fd:f2:75:f7:29:9f:d3:b7:01:b6:ec:9a:b6:
93:94:de:22:58:0c:ec:f0:35:40:9d:bf:52:3f:c1:e5:c0:59:
47:99:7d:d5:9d:b3:e3:bf:74:7b:5e:d7:0b:b9:22:bc:88:89:
8c:b2:f6:4c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHDDvTEW9sy00YRwHkAZYnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTA1MTY0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTMxZjlmNjE2OTA1Yjg5Nzc3OGIyZTA4N2YwNWEwMjQ4MTMyMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDTKF7CiGfpUNyjqggL16bGTPuoW
qHCKxtL6fDZi2lyF/WSjmP/aHrU0JoeQs0o1SVStbDykQRoO7sHd+L+N/Iqb169B
uu72qK5iaN1vYTyhHxHOqF2n43IZSudSzPa0epFB8dcGcFj6X28uPJWIvKPYxNI2
nF9FBdEV8tvfMHfP7W2UqkuNMYLtteWxnQAxRcidd1zdhLTuvShpQn2fXFdDM+QD
LAJ9qWV1jnaWEMai7C7oSqRyrrc+FZLjxkUT6FwwVUrS5vwBhLM26q/oCUpl/QLj
I3fMmSgKtjkXWw3cqZMAdt86GzG+cmTLZyWxmlJ6moFdWsFtv5wKtr0I3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPEx+fYWkFuJd3iy4IfwWgJIEyJhMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOFRINTloYVFXNGwzZUxMZ2hfQmFBa2dUSW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUfAwQA
owU+AwQAowVjAwQAowXdMA0GCSqGSIb3DQEBCwUAA4IBAQBtu5MNLErFlon+XezI
BHa59XGdkTO4Z0qYcjUt5M+p+O21wZwcGP5AY3JafHNAsB8bTLQcpPVzV96syEuZ
+858r18vyrcJGmoZH+nlkM2Oht7fRF4s/hTmxGQIBjt9qPb3xKx0fFYJuj7qB/7l
yyh64UC0VZM9jFTx8T5EPqWVId5gj4+ITasYudR31cw8y281qRIoAHQ+PYxbu7mC
vkb2QZ2UhVzCl2VERH92YlZ8JeJbW+H6iL8TuBOzoM/+S8doB96+WK8GGXapjP3y
dfcpn9O3AbbsmraTlN4iWAzs8DVAnb9SP8HlwFlHmX3VnbPjv3R7XtcLuSK8iImM
svZM
-----END CERTIFICATE-----
Generated at Wed Sep 11 18:35:55 2024 by rpki-client on console-ams.rpki-client.org