Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8q8tKVOdPLuRNPho-4Nv80nYRfQ.roa
File: 8q8tKVOdPLuRNPho-4Nv80nYRfQ.roa (raw, json)
Hash identifier: ceEKITLVMEnKfUwP+YaQfGoCEWv4CAX+gf/1JL7rHlo=
Subject key identifier: F2:AF:2D:29:53:9D:3C:BB:91:34:F8:68:FB:83:6F:F3:49:D8:45:F4
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191C30EF46B65FB70F71CB9F19D40524428
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8q8tKVOdPLuRNPho-4Nv80nYRfQ.roa
Signing time: Thu 05 Sep 2024 16:40:22 +0000
ROA not before: Thu 05 Sep 2024 16:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 163.5.31.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:0e:f4:6b:65:fb:70:f7:1c:b9:f1:9d:40:52:44:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 5 16:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2af2d29539d3cbb9134f868fb836ff349d845f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3b:79:ee:a3:1c:b6:9f:95:13:bc:53:f4:ca:
49:16:c4:9f:cc:92:fe:f2:63:70:5c:74:2e:fe:cc:
fe:ff:26:7c:13:3a:b7:39:3a:1f:d0:b6:7c:c0:ec:
f4:64:15:e0:2d:31:5e:b0:66:56:70:bc:7f:d4:e1:
19:e8:7b:8c:fc:fb:41:01:d9:83:ca:40:d4:11:c8:
a3:68:87:dd:60:7b:c2:0b:3c:96:47:39:a6:0e:d5:
f1:5b:3d:aa:ae:c0:3a:74:e5:70:9f:0d:cc:e6:35:
b8:78:09:09:99:73:39:6f:d7:2d:ac:03:bb:41:78:
0d:2b:02:1e:6b:5a:82:70:fb:ed:27:b1:14:e2:83:
5c:f8:c6:62:39:a3:c8:fa:4f:cd:37:10:40:b7:8e:
4b:ac:c8:f4:cc:1e:56:51:0f:4e:56:a8:fa:c4:aa:
16:67:e9:95:fe:f6:07:45:76:93:10:d1:ae:2f:b0:
ba:0c:d3:b2:09:66:5c:50:d5:99:49:37:00:f1:16:
80:31:ad:f0:9e:89:20:57:40:2f:ca:21:d6:ce:1a:
d2:c3:95:cb:0f:8b:ca:82:8f:53:86:63:25:b1:f7:
1c:53:52:3e:3f:2d:7a:78:88:e6:13:ae:61:97:58:
03:30:e6:e3:00:34:98:df:19:e1:c1:59:a1:da:0a:
1d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AF:2D:29:53:9D:3C:BB:91:34:F8:68:FB:83:6F:F3:49:D8:45:F4
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8q8tKVOdPLuRNPho-4Nv80nYRfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.62.0/24
163.5.142.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:67:26:12:43:a1:20:3a:13:9a:52:a5:4a:f5:55:a0:d2:22:
2d:2a:68:38:c3:b5:16:f7:79:18:7d:db:bb:41:5b:89:b0:51:
62:08:84:27:26:a9:ce:ff:b7:02:ca:fc:c6:3f:74:44:ed:0f:
51:ff:09:4e:ac:7d:3e:bf:c3:47:19:eb:af:f1:01:24:b6:a3:
3a:31:d9:4c:b1:ae:df:85:5e:10:55:83:72:1a:6d:da:a8:3a:
b6:4c:b7:62:4d:f6:24:9f:ac:50:60:e4:a3:1d:27:22:e8:a4:
23:c3:86:08:c9:9c:0a:1c:96:ab:81:6d:9a:37:83:10:b1:ed:
6e:2c:01:a2:61:4b:0c:b9:bf:83:7e:aa:d6:15:75:84:64:64:
3d:62:9f:67:b8:47:8e:74:c9:c2:1a:f1:fa:4d:4a:c7:a3:d4:
1a:23:41:1a:d4:c5:4f:45:14:2b:5e:53:c5:c3:0a:9f:30:b7:
63:2e:fe:3c:35:f9:c6:19:6c:66:b5:4f:f5:31:32:35:6f:37:
2b:2f:76:4d:dc:93:3e:0e:9a:8f:0b:37:35:dd:4e:b1:70:d2:
09:36:a9:64:e3:18:d8:c6:8d:a6:f8:eb:a4:bc:31:84:d0:9c:
8d:6b:41:66:38:22:4d:f0:7a:87:7d:59:78:2e:ed:ea:f7:24:
d5:e6:00:ec
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHDDvRrZftw9xy58Z1AUkQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTA1MTY0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFmMmQyOTUzOWQzY2JiOTEzNGY4NjhmYjgzNmZmMzQ5ZDg0NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzt57qMctp+VE7xT9MpJFsSfzJL+
8mNwXHQu/sz+/yZ8Ezq3OTof0LZ8wOz0ZBXgLTFesGZWcLx/1OEZ6HuM/PtBAdmD
ykDUEcijaIfdYHvCCzyWRzmmDtXxWz2qrsA6dOVwnw3M5jW4eAkJmXM5b9ctrAO7
QXgNKwIea1qCcPvtJ7EU4oNc+MZiOaPI+k/NNxBAt45LrMj0zB5WUQ9OVqj6xKoW
Z+mV/vYHRXaTENGuL7C6DNOyCWZcUNWZSTcA8RaAMa3wnokgV0AvyiHWzhrSw5XL
D4vKgo9ThmMlsfccU1I+Py16eIjmE65hl1gDMObjADSY3xnhwVmh2godjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPKvLSlTnTy7kTT4aPuDb/NJ2EX0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOHE4dEtWT2RQTHVSTlBoby00TnY4MG5ZUmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUfAwQA
owU+AwQAowWOAwQAowXdMA0GCSqGSIb3DQEBCwUAA4IBAQCqZyYSQ6EgOhOaUqVK
9VWg0iItKmg4w7UW93kYfdu7QVuJsFFiCIQnJqnO/7cCyvzGP3RE7Q9R/wlOrH0+
v8NHGeuv8QEktqM6MdlMsa7fhV4QVYNyGm3aqDq2TLdiTfYkn6xQYOSjHSci6KQj
w4YIyZwKHJargW2aN4MQse1uLAGiYUsMub+DfqrWFXWEZGQ9Yp9nuEeOdMnCGvH6
TUrHo9QaI0Ea1MVPRRQrXlPFwwqfMLdjLv48NfnGGWxmtU/1MTI1bzcrL3ZN3JM+
DpqPCzc13U6xcNIJNqlk4xjYxo2m+OukvDGE0JyNa0FmOCJN8HqHfVl4Lu3q9yTV
5gDs
-----END CERTIFICATE-----
Generated at Wed Sep 11 18:35:55 2024 by rpki-client on console-ams.rpki-client.org