Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qdVlow70Xs9Z01XiJtg9X_vemSQ.roa
File: qdVlow70Xs9Z01XiJtg9X_vemSQ.roa (raw, json)
Hash identifier: jcsf7KXZOC92IrInZHUrowIohjQsgv3HWEuYnTEPGKs=
Subject key identifier: A9:D5:65:A3:0E:F4:5E:CF:59:D3:55:E2:26:D8:3D:5F:FB:DE:99:24
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC402FA6D4BC4586BBB00B90317351B81
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qdVlow70Xs9Z01XiJtg9X_vemSQ.roa
Signing time: Mon 01 Jan 2024 07:52:58 +0000
ROA not before: Mon 01 Jan 2024 07:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 163.5.220.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:02:fa:6d:4b:c4:58:6b:bb:00:b9:03:17:35:1b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 07:52:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9d565a30ef45ecf59d355e226d83d5ffbde9924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:da:a3:9a:43:49:c0:d8:71:59:6b:56:05:66:
6b:b7:e7:16:92:e3:ff:1f:29:80:a1:78:1c:41:e1:
8b:63:85:b8:94:a4:f5:ab:3d:d6:7d:a2:61:f1:d2:
59:14:bd:e6:97:6a:8d:09:30:3c:00:88:24:d6:a8:
26:ad:0a:a2:79:15:67:90:bf:23:75:ec:61:0f:69:
ef:58:01:46:e2:71:21:01:ac:ec:e7:33:c7:7e:d2:
df:b2:87:d5:28:41:50:e7:aa:65:d0:d3:b4:1c:a2:
6d:fe:fa:80:63:10:ab:9d:67:95:43:f3:12:2b:bc:
70:55:49:98:ae:d9:0d:85:6c:08:44:66:65:1e:d3:
57:a3:c1:c9:6f:40:29:1b:99:f1:ed:92:d4:4b:e8:
53:9c:4c:ec:89:66:2d:ac:6e:b6:19:36:d0:c1:59:
c4:f2:e4:b1:ca:35:1d:1d:22:6b:0f:a8:0b:f9:ff:
44:c9:c6:cc:ba:5e:61:37:a9:b1:4c:fa:e0:94:93:
c2:c4:d0:5a:d2:5b:b1:dc:6e:aa:e2:24:0b:f2:60:
c6:6b:7f:32:65:6b:8a:74:dc:3f:f3:8a:6b:71:45:
15:a4:af:66:32:ff:8b:04:51:8a:fc:f0:09:30:a2:
98:24:d0:6f:07:63:3a:ec:30:97:cb:ec:4c:80:0e:
67:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D5:65:A3:0E:F4:5E:CF:59:D3:55:E2:26:D8:3D:5F:FB:DE:99:24
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qdVlow70Xs9Z01XiJtg9X_vemSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.155.0/24
163.5.220.0/24
Signature Algorithm: sha256WithRSAEncryption
55:70:0a:76:a0:9c:dd:7a:86:8e:f4:be:af:f5:72:df:6e:d3:
d7:48:21:56:64:cf:0c:02:04:83:d9:1c:e7:41:ca:7d:00:66:
35:ac:f3:e5:61:18:70:fe:2a:dd:55:dc:2e:07:61:1c:75:c2:
44:aa:1e:e8:bb:2e:f3:56:a4:5a:c7:25:1c:93:f5:bb:61:20:
64:e0:3b:dc:57:95:b7:34:17:1f:9f:2c:0a:9d:98:fc:af:9f:
d7:f8:d6:25:21:54:e8:44:b5:0d:cd:38:ff:c8:04:dd:a1:37:
a3:6b:80:2f:5a:e4:fe:f2:61:9b:39:b7:2d:63:c9:21:bf:b3:
03:a3:09:15:0c:34:e5:59:e1:b8:b1:ae:99:e6:b5:35:80:0a:
f4:53:4f:99:dc:b9:ba:21:74:5c:e2:2d:0f:14:fe:01:c6:db:
57:7c:8e:f4:4b:14:04:6f:35:67:ee:bc:e1:e6:09:03:fd:82:
85:9e:f8:27:0b:5d:2f:92:dc:29:33:88:c0:9f:e2:1b:c0:93:
25:25:76:3c:89:09:7c:9b:8a:d1:b6:e6:67:8c:0a:c6:6f:cb:
16:41:e4:5b:9d:e0:b9:8a:44:13:a0:78:73:7c:08:b3:2a:e3:
60:0b:51:7e:73:61:b1:8c:76:d6:f7:b4:2a:19:75:ad:90:f8:
1f:df:94:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEAvptS8RYa7sAuQMXNRuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDc1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWQ1NjVhMzBlZjQ1ZWNmNTlkMzU1ZTIyNmQ4M2Q1ZmZiZGU5OTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNqjmkNJwNhxWWtWBWZrt+cWkuP/
HymAoXgcQeGLY4W4lKT1qz3WfaJh8dJZFL3ml2qNCTA8AIgk1qgmrQqieRVnkL8j
dexhD2nvWAFG4nEhAazs5zPHftLfsofVKEFQ56pl0NO0HKJt/vqAYxCrnWeVQ/MS
K7xwVUmYrtkNhWwIRGZlHtNXo8HJb0ApG5nx7ZLUS+hTnEzsiWYtrG62GTbQwVnE
8uSxyjUdHSJrD6gL+f9EycbMul5hN6mxTPrglJPCxNBa0lux3G6q4iQL8mDGa38y
ZWuKdNw/84prcUUVpK9mMv+LBFGK/PAJMKKYJNBvB2M67DCXy+xMgA5nLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKnVZaMO9F7PWdNV4ibYPV/73pkkMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcWRWbG93NzBYczlaMDFYaUp0ZzlYX3ZlbVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWbAwQA
owXcMA0GCSqGSIb3DQEBCwUAA4IBAQBVcAp2oJzdeoaO9L6v9XLfbtPXSCFWZM8M
AgSD2RznQcp9AGY1rPPlYRhw/irdVdwuB2EcdcJEqh7ouy7zVqRaxyUck/W7YSBk
4DvcV5W3NBcfnywKnZj8r5/X+NYlIVToRLUNzTj/yATdoTeja4AvWuT+8mGbObct
Y8khv7MDowkVDDTlWeG4sa6Z5rU1gAr0U0+Z3Lm6IXRc4i0PFP4BxttXfI70SxQE
bzVn7rzh5gkD/YKFnvgnC10vktwpM4jAn+IbwJMlJXY8iQl8m4rRtuZnjArGb8sW
QeRbneC5ikQToHhzfAizKuNgC1F+c2GxjHbW97QqGXWtkPgf35TV
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org