Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/q2qZVuC1wQSCqMG0kT4_lHdyeqI.roa
File: q2qZVuC1wQSCqMG0kT4_lHdyeqI.roa (raw, json)
Hash identifier: TUn045ti6RjSItaQDg6EK776eAWnd6+Pc0gVrsloEcU=
Subject key identifier: AB:6A:99:56:E0:B5:C1:04:82:A8:C1:B4:91:3E:3F:94:77:72:7A:A2
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A2DE8D87D768438F7C9770105CBB9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/q2qZVuC1wQSCqMG0kT4_lHdyeqI.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 163.5.51.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 10:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2d:e8:d8:7d:76:84:38:f7:c9:77:01:05:cb:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab6a9956e0b5c10482a8c1b4913e3f9477727aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d4:90:69:02:db:23:b7:18:06:4c:eb:3b:93:
89:7d:d5:71:a1:6c:0b:3a:48:fc:57:7c:70:a5:c6:
14:6e:e5:ec:28:0c:73:85:08:34:23:9b:92:06:2d:
e0:63:c1:f5:eb:85:bc:4e:31:2a:1d:53:03:6a:b4:
48:4f:23:55:86:ba:20:bd:3d:da:79:36:f6:d8:b0:
2c:6a:c1:76:8a:29:f8:3a:fc:ad:1d:41:fb:39:63:
43:7c:1c:96:63:ba:b5:1c:60:a5:4b:45:7c:f6:bc:
35:52:7a:f5:74:6f:47:f8:7d:dc:bd:f3:26:e9:9e:
f3:6d:f2:66:4e:8c:67:c8:dd:26:87:e0:f9:cb:18:
08:45:bd:2c:e8:22:35:55:89:49:e4:9a:6c:e8:13:
b9:26:d5:d3:7e:ca:78:cd:b5:ce:56:ca:3f:f2:42:
41:b2:03:da:2b:0c:3b:34:cb:dc:75:82:11:24:1d:
b2:17:16:cd:48:91:04:8f:53:88:be:45:13:0a:98:
37:30:48:11:4c:3d:ee:14:c7:e1:32:48:63:5e:ff:
7b:8e:2d:d1:09:ec:eb:2d:a7:30:3e:b1:63:c4:5d:
a7:64:25:31:de:19:2b:9c:ab:91:4e:0d:f8:65:fc:
80:37:bd:ca:c2:ce:54:5a:df:20:ca:08:81:10:e2:
2a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:6A:99:56:E0:B5:C1:04:82:A8:C1:B4:91:3E:3F:94:77:72:7A:A2
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/q2qZVuC1wQSCqMG0kT4_lHdyeqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.51.0/24
163.5.134.0/24
163.5.244.0/24
Signature Algorithm: sha256WithRSAEncryption
70:6b:6e:ae:67:20:bd:9f:a5:94:df:ea:ea:ca:e3:70:cd:ef:
5b:57:f5:ca:18:c2:c6:53:16:f4:62:d1:78:e2:6d:bf:9b:dd:
f6:a1:2e:12:62:f4:7f:24:5f:14:8b:92:9e:91:6a:25:6f:9f:
2e:2c:86:c4:39:e3:13:d0:33:bc:26:81:dc:9e:66:30:e1:46:
63:35:fd:08:db:62:3a:f9:4b:6c:e1:5c:10:9c:b3:72:49:fb:
8d:62:6a:c2:99:b2:3b:53:20:1a:56:98:f5:d8:59:dd:64:7a:
3b:8c:24:d5:36:ca:96:a0:a0:dd:11:d2:fb:89:c4:07:a4:a2:
55:0b:e6:39:67:d7:7f:62:37:ba:a4:7c:fe:7f:40:f3:80:12:
b2:01:f2:97:94:02:fe:29:0d:7a:4f:17:94:45:ee:e6:c7:e7:
e3:54:59:22:0b:59:2d:4c:ca:3f:25:75:20:04:fb:0d:7a:cf:
82:6e:47:ff:56:3c:d1:fc:40:ba:01:fb:a5:83:b5:cd:16:62:
aa:26:b8:40:72:60:2e:3b:44:46:08:ec:15:a6:b4:fb:55:55:
26:dc:d2:75:2a:83:6f:4a:b0:e0:d3:09:06:7e:2f:43:89:66:
af:07:67:31:ea:67:9c:28:c0:94:db:6d:4b:d3:ec:de:d9:5e:
93:1c:6d:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjai3o2H12hDj3yXcBBcu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjZhOTk1NmUwYjVjMTA0ODJhOGMxYjQ5MTNlM2Y5NDc3NzI3YWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntSQaQLbI7cYBkzrO5OJfdVxoWwL
Okj8V3xwpcYUbuXsKAxzhQg0I5uSBi3gY8H164W8TjEqHVMDarRITyNVhrogvT3a
eTb22LAsasF2iin4OvytHUH7OWNDfByWY7q1HGClS0V89rw1Unr1dG9H+H3cvfMm
6Z7zbfJmToxnyN0mh+D5yxgIRb0s6CI1VYlJ5Jps6BO5JtXTfsp4zbXOVso/8kJB
sgPaKww7NMvcdYIRJB2yFxbNSJEEj1OIvkUTCpg3MEgRTD3uFMfhMkhjXv97ji3R
CezrLacwPrFjxF2nZCUx3hkrnKuRTg34ZfyAN73Kws5UWt8gygiBEOIqPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKtqmVbgtcEEgqjBtJE+P5R3cnqiMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcTJxWlZ1QzF3UVNDcU1HMGtUNF9sSGR5ZXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowUzAwQA
owWGAwQAowX0MA0GCSqGSIb3DQEBCwUAA4IBAQBwa26uZyC9n6WU3+rqyuNwze9b
V/XKGMLGUxb0YtF44m2/m932oS4SYvR/JF8Ui5KekWolb58uLIbEOeMT0DO8JoHc
nmYw4UZjNf0I22I6+Uts4VwQnLNySfuNYmrCmbI7UyAaVpj12FndZHo7jCTVNsqW
oKDdEdL7icQHpKJVC+Y5Z9d/Yje6pHz+f0DzgBKyAfKXlAL+KQ16TxeURe7mx+fj
VFkiC1ktTMo/JXUgBPsNes+Cbkf/VjzR/EC6Afulg7XNFmKqJrhAcmAuO0RGCOwV
prT7VVUm3NJ1KoNvSrDg0wkGfi9DiWavB2cx6mecKMCU221L0+ze2V6THG3K
-----END CERTIFICATE-----
Generated at Wed Apr 9 10:23:32 2025 by rpki-client