Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QaKpjr0cS8mDA4fF4huKXGehR5k.roa
File: QaKpjr0cS8mDA4fF4huKXGehR5k.roa (raw, json)
Hash identifier: qa+zN9RtZI8RLrCDysOvAUK4NK94yCYeTgZwt7QRKZQ=
Subject key identifier: 41:A2:A9:8E:BD:1C:4B:C9:83:03:87:C5:E2:1B:8A:5C:67:A1:47:99
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01857042CA57EBB0F033D1701FA68DE23569
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QaKpjr0cS8mDA4fF4huKXGehR5k.roa
Signing time: Mon 02 Jan 2023 02:15:03 +0000
ROA not before: Mon 02 Jan 2023 02:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 163.5.184.0/24 maxlen: 24
163.5.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Feb 2023 10:04:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:ca:57:eb:b0:f0:33:d1:70:1f:a6:8d:e2:35:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 2 02:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41a2a98ebd1c4bc9830387c5e21b8a5c67a14799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:38:9b:eb:46:27:bf:a5:5e:56:b2:f4:dd:03:
83:3e:93:9a:b5:0f:20:d7:be:24:cd:d6:ea:93:58:
83:2e:83:d7:c0:9b:a3:02:35:1e:6b:5c:c6:7c:9f:
c5:5f:64:14:38:c8:04:09:4a:92:89:bd:a7:f4:ed:
a2:c3:e2:a4:de:9c:ee:ac:4c:8d:7b:02:5f:e2:9a:
b8:8d:17:7f:ea:89:f1:cb:28:4a:35:c9:d4:83:ce:
9c:ef:38:a4:7e:09:ce:e4:fa:f1:f9:4f:d5:42:90:
62:d5:ec:eb:85:7a:85:5d:95:29:b1:42:c0:16:91:
49:36:f6:86:d5:61:dd:e6:99:db:cf:e9:f2:11:ed:
c7:29:01:62:9d:de:4d:84:30:07:37:2f:c2:d3:d8:
f9:1c:19:d2:da:2b:a2:e5:18:f4:11:61:25:94:5f:
5d:69:bb:a5:e1:03:c1:33:c9:81:ce:9c:82:d0:9a:
16:9e:f3:68:95:d2:9f:47:71:5f:5a:61:d7:b9:70:
69:2c:ac:68:44:bd:4a:79:3a:de:cd:42:06:cb:78:
be:d3:3f:74:f7:36:59:db:2e:af:6f:87:5c:67:de:
15:98:91:08:3d:be:42:2b:47:ec:d9:44:16:78:c6:
57:1f:34:58:5a:84:53:96:be:9d:48:4d:5d:df:93:
24:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A2:A9:8E:BD:1C:4B:C9:83:03:87:C5:E2:1B:8A:5C:67:A1:47:99
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QaKpjr0cS8mDA4fF4huKXGehR5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.184.0/24
163.5.217.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:80:d0:bf:28:a8:3d:18:3c:01:71:09:80:c5:71:e5:f5:8b:
5b:6f:ac:7c:8f:8e:1a:2b:61:df:6e:2b:52:d3:56:f4:fe:88:
00:f0:0a:cb:99:98:e4:62:e7:d6:c4:18:4d:96:46:e8:18:85:
cf:77:ae:7c:0f:11:51:e9:e7:39:27:d3:5c:a7:ea:6c:af:67:
c3:6e:94:de:41:d3:f1:bf:55:02:2f:1b:91:9d:04:83:3c:f4:
b7:57:12:ad:23:f2:13:6d:cc:e6:09:54:52:18:84:87:9f:68:
0d:f2:68:87:56:35:23:d6:31:dd:69:90:81:98:2a:65:f6:6f:
19:89:28:d8:5f:a5:1a:72:81:b0:61:eb:86:78:66:3b:e2:91:
a1:8e:30:19:9f:84:96:26:5d:c9:b3:cb:ee:0e:f3:92:ef:26:
81:64:0e:0d:f3:da:c5:e2:ea:8a:e8:2c:e0:40:20:c5:b2:fa:
24:80:60:d6:de:a2:dd:b8:32:e1:51:97:b2:8a:82:ca:65:25:
e6:49:3f:a0:b9:42:ea:11:d1:5c:94:45:e3:be:31:8d:03:a7:
9b:0f:6d:b1:62:af:47:e4:a6:7d:06:73:ed:89:0c:a9:cc:3b:
76:5a:07:87:b8:40:5f:ce:63:1d:ff:27:f8:8c:49:2e:61:44:
7d:08:86:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwQspX67DwM9FwH6aN4jVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWEyYTk4ZWJkMWM0YmM5ODMwMzg3YzVlMjFiOGE1YzY3YTE0Nzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDib60Ynv6VeVrL03QODPpOatQ8g
174kzdbqk1iDLoPXwJujAjUea1zGfJ/FX2QUOMgECUqSib2n9O2iw+Kk3pzurEyN
ewJf4pq4jRd/6onxyyhKNcnUg86c7zikfgnO5Prx+U/VQpBi1ezrhXqFXZUpsULA
FpFJNvaG1WHd5pnbz+nyEe3HKQFind5NhDAHNy/C09j5HBnS2iui5Rj0EWEllF9d
abul4QPBM8mBzpyC0JoWnvNoldKfR3FfWmHXuXBpLKxoRL1KeTrezUIGy3i+0z90
9zZZ2y6vb4dcZ94VmJEIPb5CK0fs2UQWeMZXHzRYWoRTlr6dSE1d35Mk6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEGiqY69HEvJgwOHxeIbilxnoUeZMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUWFLcGpyMGNTOG1EQTRmRjRodUtYR2VoUjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowW4AwQA
owXZMA0GCSqGSIb3DQEBCwUAA4IBAQArgNC/KKg9GDwBcQmAxXHl9Ytbb6x8j44a
K2HfbitS01b0/ogA8ArLmZjkYufWxBhNlkboGIXPd658DxFR6ec5J9Ncp+psr2fD
bpTeQdPxv1UCLxuRnQSDPPS3VxKtI/ITbczmCVRSGISHn2gN8miHVjUj1jHdaZCB
mCpl9m8ZiSjYX6UacoGwYeuGeGY74pGhjjAZn4SWJl3Js8vuDvOS7yaBZA4N89rF
4uqK6CzgQCDFsvokgGDW3qLduDLhUZeyioLKZSXmST+guULqEdFclEXjvjGNA6eb
D22xYq9H5KZ9BnPtiQypzDt2WgeHuEBfzmMd/yf4jEkuYUR9CIaP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org