Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QcSHODKX74GykA3-7CLN4xP3vYY.roa
File: QcSHODKX74GykA3-7CLN4xP3vYY.roa (raw, json)
Hash identifier: Si0nGJgIVlYbcE8XUPgvAjvsoFRjgN8wb1EYPgfx8Jg=
Subject key identifier: 41:C4:87:38:32:97:EF:81:B2:90:0D:FE:EC:22:CD:E3:13:F7:BD:86
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A2BD8AAB52A3D406D053624FE9D53
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QcSHODKX74GykA3-7CLN4xP3vYY.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30781
IP address blocks: 163.5.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 12:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2b:d8:aa:b5:2a:3d:40:6d:05:36:24:fe:9d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41c487383297ef81b2900dfeec22cde313f7bd86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:20:4c:38:a9:98:bf:ea:06:64:68:86:6b:a9:
cd:9a:47:b7:d3:2b:b0:5c:6d:02:66:1e:3c:f0:b7:
65:67:11:4f:19:e2:5b:8c:6e:c3:36:dd:74:36:2d:
a2:93:27:79:c0:e7:8b:ca:02:6c:9c:cc:3d:2f:48:
a8:2a:2e:2a:80:eb:0b:78:c9:db:7e:95:7c:cc:97:
44:a5:bb:fb:48:5e:87:13:6a:37:3a:c6:3b:62:94:
15:ce:f7:7e:51:32:f0:91:b9:b2:df:46:01:a8:80:
b1:ee:b7:4c:61:dd:14:3d:e1:ec:5b:cc:ad:70:a6:
28:b4:e5:fe:75:73:6f:95:a7:75:69:c5:fa:89:fc:
21:3e:69:c9:06:3f:1b:b0:c4:d5:ea:66:07:22:eb:
0a:18:22:79:20:d5:1b:8c:55:8a:ad:6f:01:41:ef:
5d:7b:ee:e1:c5:7e:b3:19:51:01:af:53:4c:d4:73:
c7:bf:7a:d7:3e:c9:ae:b8:83:a5:74:cd:55:05:d2:
9d:ec:20:08:7f:ca:53:ef:a6:c9:46:9d:b8:fa:6c:
f4:54:9a:e3:f9:37:b4:2b:98:91:8d:30:a3:b6:b1:
1f:2b:61:e1:0c:1e:97:03:26:bb:68:96:ff:17:38:
71:3e:8c:df:b8:75:fd:aa:b3:23:60:f7:89:9e:eb:
ac:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C4:87:38:32:97:EF:81:B2:90:0D:FE:EC:22:CD:E3:13:F7:BD:86
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QcSHODKX74GykA3-7CLN4xP3vYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.142.0/24
Signature Algorithm: sha256WithRSAEncryption
97:a9:df:6b:8a:d9:b4:f8:24:dd:27:59:5f:b6:85:ed:b1:00:
d5:af:2b:2b:5d:b4:33:39:0b:74:44:96:ba:ce:e3:1c:01:e7:
b6:2c:7e:78:1f:e5:31:bc:29:65:30:b8:92:72:7a:73:42:ef:
37:66:3b:4b:a4:6d:22:10:90:62:d2:55:73:18:3a:11:47:36:
3b:94:84:ff:89:b9:41:d1:af:c1:3b:cc:be:ef:c2:60:db:7c:
57:10:eb:5f:e8:e1:61:4e:71:92:65:ab:13:2c:fc:79:f7:14:
21:c1:64:eb:8d:ba:ce:4d:d3:fe:80:be:2a:6f:82:c0:22:17:
cc:44:7f:f4:15:05:5e:bc:92:b4:7b:4b:ec:11:a0:80:ce:2b:
04:07:89:da:90:84:22:f9:b3:3c:72:76:d4:b5:d2:5c:a6:ff:
ce:0c:fc:41:b3:47:57:3e:bf:5f:e0:cc:0f:93:c0:42:d7:71:
44:3d:70:45:37:0d:de:57:c3:1e:57:f5:d8:4a:7f:5f:05:e1:
39:33:ff:8d:3c:d0:c6:d0:79:c8:90:ee:4f:bf:08:aa:96:1b:
6e:db:c1:8d:85:28:0c:a1:e2:fb:fa:b3:11:16:78:a0:8e:bc:
37:6d:3a:11:36:8d:01:49:bb:e8:3f:4f:68:18:a0:71:88:8b:
8c:6c:7f:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaivYqrUqPUBtBTYk/p1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM0ODczODMyOTdlZjgxYjI5MDBkZmVlYzIyY2RlMzEzZjdiZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyBMOKmYv+oGZGiGa6nNmke30yuw
XG0CZh488LdlZxFPGeJbjG7DNt10Ni2ikyd5wOeLygJsnMw9L0ioKi4qgOsLeMnb
fpV8zJdEpbv7SF6HE2o3OsY7YpQVzvd+UTLwkbmy30YBqICx7rdMYd0UPeHsW8yt
cKYotOX+dXNvlad1acX6ifwhPmnJBj8bsMTV6mYHIusKGCJ5INUbjFWKrW8BQe9d
e+7hxX6zGVEBr1NM1HPHv3rXPsmuuIOldM1VBdKd7CAIf8pT76bJRp24+mz0VJrj
+Te0K5iRjTCjtrEfK2HhDB6XAya7aJb/FzhxPozfuHX9qrMjYPeJnuuseQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHEhzgyl++BspAN/uwizeMT972GMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUWNTSE9ES1g3NEd5a0EzLTdDTE40eFAzdllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWOMA0G
CSqGSIb3DQEBCwUAA4IBAQCXqd9ritm0+CTdJ1lftoXtsQDVrysrXbQzOQt0RJa6
zuMcAee2LH54H+UxvCllMLiScnpzQu83ZjtLpG0iEJBi0lVzGDoRRzY7lIT/iblB
0a/BO8y+78Jg23xXEOtf6OFhTnGSZasTLPx59xQhwWTrjbrOTdP+gL4qb4LAIhfM
RH/0FQVevJK0e0vsEaCAzisEB4nakIQi+bM8cnbUtdJcpv/ODPxBs0dXPr9f4MwP
k8BC13FEPXBFNw3eV8MeV/XYSn9fBeE5M/+NPNDG0HnIkO5Pvwiqlhtu28GNhSgM
oeL7+rMRFnigjrw3bToRNo0BSbvoP09oGKBxiIuMbH9I
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:36:33 2025 by rpki-client