Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UTRk5I9mOwX93JqyvKQU4KJUi2w.roa
File: UTRk5I9mOwX93JqyvKQU4KJUi2w.roa (raw, json)
Hash identifier: yfePrd4ITA4uyGJGfxWUblwtkxoY2yEJvokMEnMRpSQ=
Subject key identifier: 51:34:64:E4:8F:66:3B:05:FD:DC:9A:B2:BC:A4:14:E0:A2:54:8B:6C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0191E1ED45A42FF697D867CFF55D86674859
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UTRk5I9mOwX93JqyvKQU4KJUi2w.roa
Signing time: Wed 11 Sep 2024 16:31:48 +0000
ROA not before: Wed 11 Sep 2024 16:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 163.5.31.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:ed:45:a4:2f:f6:97:d8:67:cf:f5:5d:86:67:48:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 11 16:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=513464e48f663b05fddc9ab2bca414e0a2548b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:eb:34:e7:7b:96:cb:30:39:ef:4f:59:ab:2a:
ab:a9:4f:17:fb:5b:d2:c6:f8:4f:15:60:55:66:f7:
da:91:e7:b4:f1:5f:d2:55:27:de:d0:1d:f3:af:7d:
25:fb:62:b2:56:6a:c0:10:1b:aa:76:d3:8a:a8:f6:
41:e4:b9:ff:6f:20:ab:44:64:2a:58:a2:2e:d9:34:
d8:c4:7e:7e:bf:3e:f7:aa:a3:49:74:68:ec:78:27:
d9:18:55:80:34:ad:cd:4e:f8:84:cd:f6:89:e1:63:
ef:d7:72:6f:8e:57:57:c8:5e:3a:28:4c:89:2b:9c:
60:dd:46:c4:66:e7:ea:69:ef:3f:86:a9:8a:75:16:
5c:09:6a:ed:1c:71:e7:89:0c:66:2a:a1:44:0c:45:
e0:83:12:03:ef:c8:29:bf:a1:48:a6:73:b3:39:00:
a5:2b:df:3a:ff:c4:99:b7:ab:bb:26:94:3b:98:b0:
78:1b:c4:db:f2:dc:85:98:a8:53:90:f9:44:56:00:
76:c4:4b:a2:d9:20:9d:db:01:53:0d:5e:10:73:8c:
1c:85:d4:f5:a4:6a:c9:52:b2:88:a9:7f:89:66:59:
60:cf:21:53:4c:36:f5:4a:1e:f8:cd:ab:ad:ab:7d:
13:1b:cf:d0:61:4a:22:5b:1d:ec:21:51:ee:7f:94:
1b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:34:64:E4:8F:66:3B:05:FD:DC:9A:B2:BC:A4:14:E0:A2:54:8B:6C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/UTRk5I9mOwX93JqyvKQU4KJUi2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.62.0/24
163.5.142.0/24
Signature Algorithm: sha256WithRSAEncryption
98:2b:6c:38:6d:0c:ef:57:6c:2b:c9:8a:6f:7b:04:dc:1f:1e:
14:87:0c:cc:94:d7:bc:ed:63:30:79:64:ba:5c:46:78:7a:01:
66:fb:b1:d6:54:3b:09:a2:54:27:25:1e:6f:09:57:0d:cb:8b:
56:6a:6c:64:c4:de:c7:11:a8:3f:d9:3d:f2:b7:45:15:d3:85:
ec:2c:76:f3:2f:89:ba:d9:a9:56:a6:07:2d:2a:a2:c3:75:c5:
be:1d:d6:4a:6b:aa:a5:aa:29:5d:e7:c0:85:f4:db:90:35:49:
55:18:de:d1:16:53:5f:57:6d:03:5d:fc:36:d1:07:77:5d:25:
e4:33:8f:91:61:e0:7c:c8:61:88:df:bb:44:b1:d2:5b:e8:4a:
a7:13:10:98:c4:da:c1:37:e7:4a:72:be:ad:c0:61:15:81:d0:
d1:da:7b:d3:8e:85:04:1c:0b:69:0c:2f:23:29:e8:19:47:87:
3e:56:fa:6a:d1:bd:19:8c:ef:33:b5:63:64:b4:85:1a:40:74:
14:99:8b:57:76:2d:bd:f7:3b:5e:1c:59:d6:70:a7:0c:0b:39:
7b:39:9c:38:7d:4b:40:fe:aa:0f:62:8b:f6:d3:70:9c:fc:b4:
51:f6:3b:99:5d:f6:e8:42:77:50:be:b1:db:d8:ec:e1:05:3e:
c2:4d:46:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHh7UWkL/aX2GfP9V2GZ0hZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwOTExMTYzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM0NjRlNDhmNjYzYjA1ZmRkYzlhYjJiY2E0MTRlMGEyNTQ4YjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Os053uWyzA5709ZqyqrqU8X+1vS
xvhPFWBVZvfakee08V/SVSfe0B3zr30l+2KyVmrAEBuqdtOKqPZB5Ln/byCrRGQq
WKIu2TTYxH5+vz73qqNJdGjseCfZGFWANK3NTviEzfaJ4WPv13JvjldXyF46KEyJ
K5xg3UbEZufqae8/hqmKdRZcCWrtHHHniQxmKqFEDEXggxID78gpv6FIpnOzOQCl
K986/8SZt6u7JpQ7mLB4G8Tb8tyFmKhTkPlEVgB2xEui2SCd2wFTDV4Qc4wchdT1
pGrJUrKIqX+JZllgzyFTTDb1Sh74zautq30TG8/QYUoiWx3sIVHuf5Qb7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFE0ZOSPZjsF/dyasrykFOCiVItsMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVVRSazVJOW1Pd1g5M0pxeXZLUVU0S0pVaTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowUfAwQA
owU+AwQAowWOMA0GCSqGSIb3DQEBCwUAA4IBAQCYK2w4bQzvV2wryYpvewTcHx4U
hwzMlNe87WMweWS6XEZ4egFm+7HWVDsJolQnJR5vCVcNy4tWamxkxN7HEag/2T3y
t0UV04XsLHbzL4m62alWpgctKqLDdcW+HdZKa6qlqild58CF9NuQNUlVGN7RFlNf
V20DXfw20Qd3XSXkM4+RYeB8yGGI37tEsdJb6EqnExCYxNrBN+dKcr6twGEVgdDR
2nvTjoUEHAtpDC8jKegZR4c+Vvpq0b0ZjO8ztWNktIUaQHQUmYtXdi299zteHFnW
cKcMCzl7OZw4fUtA/qoPYov203Cc/LRR9juZXfboQndQvrHb2OzhBT7CTUZ8
-----END CERTIFICATE-----
Generated at Thu Nov 7 23:22:10 2024 by rpki-client on console-ams.rpki-client.org