Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QEyEy123A4ySXVAthkQWPOSnwTA.roa
File: QEyEy123A4ySXVAthkQWPOSnwTA.roa (raw, json)
Hash identifier: 0qOqJwskO6VVaW57qnPaWeTNsE69YByiI04krA74k1o=
Subject key identifier: 40:4C:84:CB:5D:B7:03:8C:92:5D:50:2D:86:44:16:3C:E4:A7:C1:30
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D98DBC3A33C127E964574B44C69E54899
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QEyEy123A4ySXVAthkQWPOSnwTA.roa
Signing time: Sun 11 Feb 2024 15:49:15 +0000
ROA not before: Sun 11 Feb 2024 15:49:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 163.5.26.0/24 maxlen: 24
163.5.28.0/24 maxlen: 24
163.5.180.0/24 maxlen: 24
163.5.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 15:38:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:98:db:c3:a3:3c:12:7e:96:45:74:b4:4c:69:e5:48:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 11 15:49:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=404c84cb5db7038c925d502d8644163ce4a7c130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:56:ab:48:2e:e6:a7:98:d6:48:f4:87:41:52:
a8:4b:6f:28:53:73:6a:4b:a8:c1:cf:21:70:e2:0c:
90:55:b7:a1:d9:ac:75:34:db:52:a1:b9:0f:63:0f:
93:cb:aa:7f:ac:38:eb:68:d2:c7:5d:11:ff:9b:b8:
9d:53:bd:82:50:d4:4c:17:a4:c1:54:4b:5e:14:5f:
e1:35:ac:f5:bc:3d:cf:62:16:19:05:08:f2:c9:14:
a7:6f:a8:24:9d:61:91:eb:7d:c2:81:e7:8b:69:90:
a7:50:ab:c6:59:0e:5d:e8:18:1c:a0:2a:78:f7:f8:
a6:bd:5b:46:63:8b:75:8a:2f:9b:3c:da:2f:ce:ea:
df:1c:6f:f5:81:23:f5:5f:63:30:d6:21:66:51:e1:
fa:f9:3b:e6:26:c0:c9:9d:a2:c3:7a:bd:e4:af:e0:
5c:1c:5b:b1:01:d1:d7:4b:93:92:c0:21:22:0c:16:
1a:93:4c:eb:fe:75:8e:6f:9c:97:c9:e5:47:86:2b:
5e:3f:27:a6:d9:c7:5b:5f:c4:19:a7:24:b6:c8:9d:
eb:ee:f9:8e:74:77:64:fa:1c:f8:17:ec:d8:58:7d:
39:c5:d1:9e:46:9b:43:69:28:4a:48:f2:77:da:c9:
2e:3f:ab:16:b8:cc:f2:a3:37:e2:c4:3a:25:33:6b:
7a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4C:84:CB:5D:B7:03:8C:92:5D:50:2D:86:44:16:3C:E4:A7:C1:30
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QEyEy123A4ySXVAthkQWPOSnwTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.26.0/24
163.5.28.0/24
163.5.180.0/24
163.5.183.0/24
Signature Algorithm: sha256WithRSAEncryption
46:ee:08:63:e1:b5:d9:ff:bd:91:a5:24:e8:ee:bb:7a:61:23:
19:d8:d0:23:79:1b:6f:54:01:74:df:2a:95:b0:a7:7f:1a:db:
0b:d5:ee:93:20:83:70:2b:8b:96:45:33:04:6b:e0:fc:15:68:
4e:41:43:4d:67:49:0a:f8:35:a0:1e:af:06:35:da:6c:e3:d9:
a7:9c:77:f9:31:29:a9:31:87:2b:ca:35:f6:51:9e:b7:52:41:
af:2e:2b:e1:f9:cf:f6:48:10:87:42:03:1b:d5:5d:6e:9b:09:
5c:e4:ad:ee:81:00:f2:c1:d5:94:55:f9:d5:20:d5:6b:d3:b9:
cd:c5:97:cc:f9:d0:7f:8c:ad:f7:ee:79:d8:22:91:ee:9b:75:
ab:d9:61:a0:7e:82:c8:50:ad:d6:5e:86:c0:b2:52:07:6b:88:
14:c4:12:39:54:d3:e1:4f:93:17:88:0b:c3:57:e0:21:07:ed:
96:80:a1:ec:0f:3a:73:c4:c4:55:9a:aa:61:b9:b5:c2:25:cf:
59:a4:3f:ff:24:0c:94:b3:42:29:4c:49:19:cf:f9:fd:61:50:
da:f8:ed:0a:e3:34:8f:2f:25:ca:e7:09:1d:ff:9a:88:c5:28:
4f:c7:84:17:13:60:d0:a8:19:83:4c:96:cb:df:b6:fc:89:bf:
40:88:ee:5a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2Y28OjPBJ+lkV0tExp5UiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjExMTU0OTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDRjODRjYjVkYjcwMzhjOTI1ZDUwMmQ4NjQ0MTYzY2U0YTdjMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFarSC7mp5jWSPSHQVKoS28oU3Nq
S6jBzyFw4gyQVbeh2ax1NNtSobkPYw+Ty6p/rDjraNLHXRH/m7idU72CUNRMF6TB
VEteFF/hNaz1vD3PYhYZBQjyyRSnb6gknWGR633CgeeLaZCnUKvGWQ5d6BgcoCp4
9/imvVtGY4t1ii+bPNovzurfHG/1gSP1X2Mw1iFmUeH6+TvmJsDJnaLDer3kr+Bc
HFuxAdHXS5OSwCEiDBYak0zr/nWOb5yXyeVHhitePyem2cdbX8QZpyS2yJ3r7vmO
dHdk+hz4F+zYWH05xdGeRptDaShKSPJ32skuP6sWuMzyozfixDolM2t6owIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEBMhMtdtwOMkl1QLYZEFjzkp8EwMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUUV5RXkxMjNBNHlTWFZBdGhrUVdQT1Nud1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUaAwQA
owUcAwQAowW0AwQAowW3MA0GCSqGSIb3DQEBCwUAA4IBAQBG7ghj4bXZ/72RpSTo
7rt6YSMZ2NAjeRtvVAF03yqVsKd/GtsL1e6TIINwK4uWRTMEa+D8FWhOQUNNZ0kK
+DWgHq8GNdps49mnnHf5MSmpMYcryjX2UZ63UkGvLivh+c/2SBCHQgMb1V1umwlc
5K3ugQDywdWUVfnVINVr07nNxZfM+dB/jK337nnYIpHum3Wr2WGgfoLIUK3WXobA
slIHa4gUxBI5VNPhT5MXiAvDV+AhB+2WgKHsDzpzxMRVmqphubXCJc9ZpD//JAyU
s0IpTEkZz/n9YVDa+O0K4zSPLyXK5wkd/5qIxShPx4QXE2DQqBmDTJbL37b8ib9A
iO5a
-----END CERTIFICATE-----
Generated at Wed Feb 14 21:22:11 2024 by rpki-client on console-fra.rpki-client.org