Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QOB35r04w6wl9EkhwE-OjzHORLg.roa
File: QOB35r04w6wl9EkhwE-OjzHORLg.roa (raw, json)
Hash identifier: RhItQaUq5GuJEwNo+areWDf9BPKPFBQ547mWEEhKQSA=
Subject key identifier: 40:E0:77:E6:BD:38:C3:AC:25:F4:49:21:C0:4F:8E:8F:31:CE:44:B8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191C304E2252606DB50EAD529774CF8AD2F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QOB35r04w6wl9EkhwE-OjzHORLg.roa
Signing time: Thu 05 Sep 2024 16:29:22 +0000
ROA not before: Thu 05 Sep 2024 16:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 13:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:04:e2:25:26:06:db:50:ea:d5:29:77:4c:f8:ad:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 5 16:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40e077e6bd38c3ac25f44921c04f8e8f31ce44b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:56:09:21:ce:ef:97:0a:03:f3:32:c7:0d:16:
53:a5:f3:3b:3f:e2:72:f4:94:2c:2b:70:2b:7f:35:
da:7b:44:da:9d:11:90:b7:4a:8f:b9:53:af:aa:4e:
b5:3b:45:0d:87:43:f7:a5:2f:92:0b:d9:e2:fb:b1:
68:0c:d6:6e:ba:0d:69:23:07:41:94:67:e6:75:2e:
29:94:a1:7b:c5:c8:d7:50:6c:c7:2f:e6:ff:a8:c0:
f5:10:7b:50:1a:75:f8:6a:0e:c0:12:ab:3d:92:1e:
a8:19:d2:d8:74:39:3d:8d:76:b5:65:d3:c2:10:b2:
52:fb:a9:c9:57:25:2a:8f:c3:8c:a9:4b:b3:3f:f1:
c4:76:bd:bc:dd:0d:ac:9d:34:0e:21:af:b5:71:f5:
6f:35:92:e5:f8:6a:48:05:1d:12:43:f8:01:0d:a6:
1e:8a:c9:8f:46:c8:d7:cc:e0:bc:f1:80:00:6f:ad:
30:f9:80:16:61:1f:87:d0:72:6b:51:3c:b8:05:40:
22:9d:65:39:74:8e:76:88:8c:b0:3b:17:52:77:18:
8a:94:4a:29:3d:9e:ae:ad:1b:e3:f9:1d:ed:13:2a:
ea:bc:f1:d3:15:d5:cd:9e:07:7f:68:91:f7:f4:15:
27:15:1b:34:60:bb:74:33:cf:cf:4b:e3:8a:8b:68:
f3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E0:77:E6:BD:38:C3:AC:25:F4:49:21:C0:4F:8E:8F:31:CE:44:B8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QOB35r04w6wl9EkhwE-OjzHORLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.86.0/24
163.5.97.0/24
Signature Algorithm: sha256WithRSAEncryption
71:b6:ff:af:13:2c:7a:2a:31:09:f9:28:50:f9:4d:17:f0:47:
3c:ab:5c:ae:a8:cf:e2:3a:f0:d7:42:b5:30:ef:52:57:2b:4b:
88:7d:eb:46:40:ba:f8:f7:16:f8:9a:66:43:d3:00:c3:9a:a0:
a6:c3:84:13:10:20:8d:f5:eb:00:92:e6:5b:57:fd:32:49:e4:
c8:0e:96:bd:3a:71:4b:97:2b:04:54:4c:c0:04:a1:7d:00:e4:
a0:d6:b3:ec:8b:e8:1b:2c:f3:10:a9:9f:da:31:32:93:70:6d:
aa:c6:7f:8d:2a:8c:f1:ea:d0:db:20:a7:51:92:67:4b:b4:f5:
39:09:9f:78:01:00:1d:94:7b:3e:db:87:d9:48:a0:52:25:53:
dd:7a:b4:ae:06:a1:1e:06:6e:fb:d1:80:02:76:a3:91:88:6c:
53:d8:1b:9c:32:5f:d6:e0:ce:8e:d2:67:4f:2b:b0:3c:f6:09:
99:11:b4:06:53:7b:fc:4d:56:99:e9:52:21:05:e2:7f:cd:30:
85:e0:05:47:94:e7:3c:f0:79:24:ee:13:82:2d:5e:7b:19:ba:
8d:1d:94:db:c1:63:ba:f4:8f:df:b9:a5:09:58:d0:ca:ff:54:
76:9f:5b:be:63:c8:d9:75:19:ae:7c:ce:be:73:9a:62:7d:15:
c5:62:16:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHDBOIlJgbbUOrVKXdM+K0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTA1MTYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGUwNzdlNmJkMzhjM2FjMjVmNDQ5MjFjMDRmOGU4ZjMxY2U0NGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlYJIc7vlwoD8zLHDRZTpfM7P+Jy
9JQsK3ArfzXae0TanRGQt0qPuVOvqk61O0UNh0P3pS+SC9ni+7FoDNZuug1pIwdB
lGfmdS4plKF7xcjXUGzHL+b/qMD1EHtQGnX4ag7AEqs9kh6oGdLYdDk9jXa1ZdPC
ELJS+6nJVyUqj8OMqUuzP/HEdr283Q2snTQOIa+1cfVvNZLl+GpIBR0SQ/gBDaYe
ismPRsjXzOC88YAAb60w+YAWYR+H0HJrUTy4BUAinWU5dI52iIywOxdSdxiKlEop
PZ6urRvj+R3tEyrqvPHTFdXNngd/aJH39BUnFRs0YLt0M8/PS+OKi2jzWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDgd+a9OMOsJfRJIcBPjo8xzkS4MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUU9CMzVyMDR3NndsOUVraHdFLU9qekhPUkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVWAwQA
owVhMA0GCSqGSIb3DQEBCwUAA4IBAQBxtv+vEyx6KjEJ+ShQ+U0X8Ec8q1yuqM/i
OvDXQrUw71JXK0uIfetGQLr49xb4mmZD0wDDmqCmw4QTECCN9esAkuZbV/0ySeTI
Dpa9OnFLlysEVEzABKF9AOSg1rPsi+gbLPMQqZ/aMTKTcG2qxn+NKozx6tDbIKdR
kmdLtPU5CZ94AQAdlHs+24fZSKBSJVPderSuBqEeBm770YACdqORiGxT2BucMl/W
4M6O0mdPK7A89gmZEbQGU3v8TVaZ6VIhBeJ/zTCF4AVHlOc88Hkk7hOCLV57GbqN
HZTbwWO69I/fuaUJWNDK/1R2n1u+Y8jZdRmufM6+c5pifRXFYhbJ
-----END CERTIFICATE-----
Generated at Wed Oct 2 17:25:50 2024 by rpki-client on console-ams.rpki-client.org