Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HMgBpsytIqb1Okoff513CLoM_KY.roa
File: HMgBpsytIqb1Okoff513CLoM_KY.roa (raw, json)
Hash identifier: JWicu+QgCYgUMaqJfeHEvEhu0A+lXTbFYtjqd2Tv0QY=
Subject key identifier: 1C:C8:01:A6:CC:AD:22:A6:F5:3A:4A:1F:7F:9D:77:08:BA:0C:FC:A6
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019127ABEEC61CFD9524734D3A3DF9F1DA18
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HMgBpsytIqb1Okoff513CLoM_KY.roa
Signing time: Tue 06 Aug 2024 12:31:04 +0000
ROA not before: Tue 06 Aug 2024 12:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.66.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 15:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:ab:ee:c6:1c:fd:95:24:73:4d:3a:3d:f9:f1:da:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 6 12:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cc801a6ccad22a6f53a4a1f7f9d7708ba0cfca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e6:f2:2a:7f:13:b3:10:f4:7e:fb:9c:58:aa:
35:15:e0:ad:d8:73:d5:e7:57:17:4f:2a:4a:bc:bd:
21:16:57:1b:9f:f5:1c:6c:25:f4:d8:9e:25:f0:4a:
ae:24:97:99:d9:c9:78:69:71:79:bc:df:ff:4b:31:
08:9d:da:05:e8:bb:9b:1c:07:d7:0b:14:a8:51:68:
ae:2f:da:74:70:a8:69:89:48:1d:95:85:ff:e3:b8:
94:59:b5:d0:2b:80:5e:3c:41:61:f7:20:db:30:c2:
86:a1:ef:48:dc:02:f1:88:c2:31:f5:68:65:9c:da:
58:af:47:96:2d:d6:11:cc:fe:c0:eb:d9:a6:52:22:
67:4a:55:86:d0:ba:b2:df:d5:dd:f3:e5:e5:8a:18:
ed:7a:5a:ce:51:5c:d4:c1:18:ac:d6:46:e6:58:40:
1f:ea:e6:b0:86:66:42:73:4c:16:a9:96:59:4d:84:
cf:a4:5d:ac:06:65:9c:c3:af:24:0c:30:89:d9:66:
ec:fe:a3:3c:18:b5:aa:e4:ea:9e:4b:5e:52:9f:0e:
dc:56:7b:32:85:09:2b:df:0f:8b:ad:b1:ca:99:d5:
e3:dd:10:9f:f8:32:e1:17:7e:77:d8:54:1c:ef:35:
c3:8b:64:a5:48:c8:ba:ea:52:79:61:b9:0a:3f:8a:
f6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C8:01:A6:CC:AD:22:A6:F5:3A:4A:1F:7F:9D:77:08:BA:0C:FC:A6
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HMgBpsytIqb1Okoff513CLoM_KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.66.0/24
163.5.156.0/24
163.5.170.0/24
163.5.186.0/24
163.5.220.0/24
Signature Algorithm: sha256WithRSAEncryption
17:3a:f1:17:d0:10:09:59:05:8a:ee:66:04:56:ab:7b:93:14:
8c:ad:1b:6c:6b:90:85:b6:c1:c0:78:bd:24:03:c8:8a:ad:c5:
1e:35:50:7f:1f:67:46:4c:b0:ee:7d:9e:30:15:99:a8:1d:48:
0f:09:03:e7:98:80:63:f2:b2:fd:4f:6a:6f:2d:08:aa:85:ef:
43:81:cb:98:33:12:14:7a:30:9b:26:6c:08:19:7b:fd:43:fc:
27:96:93:e8:47:82:fc:81:46:63:e4:5b:35:47:65:c7:e5:08:
28:3b:18:5d:75:f6:db:e0:34:9b:1e:93:33:99:53:86:0c:4d:
03:18:1d:09:db:cf:04:c4:ff:b8:32:c9:85:07:af:72:22:4e:
a7:b3:b3:cb:38:09:d9:1b:85:df:19:ea:ae:41:79:dc:f0:2a:
62:ce:f6:87:85:9f:1a:0f:53:94:f9:4c:6f:4d:9d:f0:1a:45:
01:08:b3:82:75:89:31:e9:37:31:7e:cf:bb:c3:6f:b3:04:90:
a5:59:84:83:92:87:6e:fa:df:d0:a2:3c:a4:4f:54:ca:c4:e2:
ad:1f:78:ff:16:cb:44:20:fc:79:a9:ce:e6:6e:d2:15:bf:88:
60:61:22:10:f6:84:4c:c2:4d:a1:22:33:1b:31:e7:bc:c1:75:
09:29:1d:e3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZEnq+7GHP2VJHNNOj358doYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwODA2MTIzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M4MDFhNmNjYWQyMmE2ZjUzYTRhMWY3ZjlkNzcwOGJhMGNmY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ObyKn8TsxD0fvucWKo1FeCt2HPV
51cXTypKvL0hFlcbn/UcbCX02J4l8EquJJeZ2cl4aXF5vN//SzEIndoF6LubHAfX
CxSoUWiuL9p0cKhpiUgdlYX/47iUWbXQK4BePEFh9yDbMMKGoe9I3ALxiMIx9Whl
nNpYr0eWLdYRzP7A69mmUiJnSlWG0Lqy39Xd8+XlihjtelrOUVzUwRis1kbmWEAf
6uawhmZCc0wWqZZZTYTPpF2sBmWcw68kDDCJ2Wbs/qM8GLWq5OqeS15Snw7cVnsy
hQkr3w+LrbHKmdXj3RCf+DLhF3532FQc7zXDi2SlSMi66lJ5YbkKP4r2awIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBzIAabMrSKm9TpKH3+ddwi6DPymMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSE1nQnBzeXRJcWIxT2tvZmY1MTNDTG9NX0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowVCAwQA
owWcAwQAowWqAwQAowW6AwQAowXcMA0GCSqGSIb3DQEBCwUAA4IBAQAXOvEX0BAJ
WQWK7mYEVqt7kxSMrRtsa5CFtsHAeL0kA8iKrcUeNVB/H2dGTLDufZ4wFZmoHUgP
CQPnmIBj8rL9T2pvLQiqhe9DgcuYMxIUejCbJmwIGXv9Q/wnlpPoR4L8gUZj5Fs1
R2XH5QgoOxhddfbb4DSbHpMzmVOGDE0DGB0J288ExP+4MsmFB69yIk6ns7PLOAnZ
G4XfGequQXnc8CpizvaHhZ8aD1OU+UxvTZ3wGkUBCLOCdYkx6Tcxfs+7w2+zBJCl
WYSDkodu+t/QojykT1TKxOKtH3j/FstEIPx5qc7mbtIVv4hgYSIQ9oRMwk2hIjMb
Mee8wXUJKR3j
-----END CERTIFICATE-----
Generated at Wed Oct 2 19:58:40 2024 by rpki-client on console-ams.rpki-client.org