Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qkAcnhnt-1fJAKlAFLH5hY75kjo.roa
File: qkAcnhnt-1fJAKlAFLH5hY75kjo.roa (raw, json)
Hash identifier: aHJEGQNbQdRydc+o+mFekFhn4xKkX/Cd8dfdAGpUHHo=
Subject key identifier: AA:40:1C:9E:19:ED:FB:57:C9:00:A9:40:14:B1:F9:85:8E:F9:92:3A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01909ADE3F7DBA49E609A182B96A4277402A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qkAcnhnt-1fJAKlAFLH5hY75kjo.roa
Signing time: Wed 10 Jul 2024 04:19:34 +0000
ROA not before: Wed 10 Jul 2024 04:19:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.166.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 21:43:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9a:de:3f:7d:ba:49:e6:09:a1:82:b9:6a:42:77:40:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 10 04:19:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa401c9e19edfb57c900a94014b1f9858ef9923a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0a:b8:11:bb:9f:c8:fb:fb:d0:3b:9c:11:5e:
8a:5d:c6:9e:3f:d6:58:72:e4:e8:48:ce:d5:de:20:
82:11:69:25:a9:f4:4e:87:dc:f9:fa:95:23:56:5c:
9c:34:4d:e3:29:6b:63:f6:1d:e4:2f:f4:1e:a0:16:
0f:e6:2f:b6:54:cb:ee:83:1f:7e:9c:30:8a:8f:af:
6d:88:2e:75:d0:35:4a:8a:9f:d9:8b:b0:99:ab:10:
b4:06:48:f2:6e:18:a1:86:03:97:70:db:61:b2:a4:
58:66:fd:73:24:48:c2:62:b5:5c:6b:c0:fa:a9:c5:
25:b2:bb:c9:32:64:9b:e0:dc:e1:1d:33:dc:44:55:
e4:26:77:ba:e1:f6:e2:64:14:f3:ff:3e:5b:dc:ba:
01:6d:d3:52:73:df:71:1a:30:41:7d:0c:37:db:9d:
39:b7:e1:21:0b:94:25:06:76:5e:bb:35:fb:bb:3b:
4b:f4:3a:cd:73:f2:c1:a4:d0:8c:fd:95:26:42:7a:
ab:0b:32:43:39:ad:43:9f:ba:4d:4a:1f:99:5c:c1:
1c:3f:15:4a:a1:37:bb:33:f6:29:c9:79:45:23:9c:
1d:80:b8:5e:f3:4b:71:ab:cc:11:56:7c:5d:9e:64:
78:69:d7:41:49:e0:96:bf:f5:e3:bd:d6:37:ff:75:
c2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:40:1C:9E:19:ED:FB:57:C9:00:A9:40:14:B1:F9:85:8E:F9:92:3A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qkAcnhnt-1fJAKlAFLH5hY75kjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.124.0/23
163.5.134.0/24
163.5.136.0/24
163.5.162.0/23
163.5.166.0/24
163.5.173.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:6b:64:c0:74:be:6f:b4:41:6f:37:b6:f4:24:26:a3:bd:ca:
4c:8e:ca:0d:f4:cf:15:44:73:fd:e3:75:71:82:35:1b:28:4c:
14:08:f7:f2:b7:ae:f9:7f:87:be:19:31:06:0b:1d:44:2c:80:
68:43:e3:d6:ea:01:4e:3b:96:63:d5:a1:8b:c0:29:6f:17:c2:
0e:f9:88:91:e7:7f:72:06:3b:17:1c:17:f4:70:a8:67:64:1b:
02:ce:6b:50:eb:a2:3c:71:5f:80:dd:79:55:5e:04:bb:4e:31:
7a:3f:41:b9:5c:c7:fb:83:5f:64:43:5b:b3:e2:74:f3:fb:8a:
3e:a5:16:64:68:d4:27:8b:36:a3:29:bd:32:d4:4b:79:37:e0:
41:f5:69:4e:2f:96:07:b4:3d:be:77:1c:0d:60:1e:7b:db:7b:
66:6d:d9:e9:cf:87:1e:d7:e0:dd:61:fb:b9:a7:2d:f8:db:6b:
95:de:cb:1a:52:6e:3c:ad:1c:cb:80:df:eb:16:c5:69:c4:38:
bc:cb:0f:62:ce:ef:42:98:06:7a:9a:2b:ef:fc:e9:76:ae:72:
d2:30:73:fa:99:87:80:a7:fb:48:c7:17:45:96:24:ae:5d:d2:
d2:95:8c:5c:48:79:99:31:6d:b9:b2:5d:59:5b:b5:e5:f2:10:
de:2a:d6:f3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZCa3j99uknmCaGCuWpCd0AqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNzEwMDQxOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTQwMWM5ZTE5ZWRmYjU3YzkwMGE5NDAxNGIxZjk4NThlZjk5MjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwq4EbufyPv70DucEV6KXcaeP9ZY
cuToSM7V3iCCEWklqfROh9z5+pUjVlycNE3jKWtj9h3kL/QeoBYP5i+2VMvugx9+
nDCKj69tiC510DVKip/Zi7CZqxC0BkjybhihhgOXcNthsqRYZv1zJEjCYrVca8D6
qcUlsrvJMmSb4NzhHTPcRFXkJne64fbiZBTz/z5b3LoBbdNSc99xGjBBfQw32505
t+EhC5QlBnZeuzX7uztL9DrNc/LBpNCM/ZUmQnqrCzJDOa1Dn7pNSh+ZXMEcPxVK
oTe7M/YpyXlFI5wdgLhe80txq8wRVnxdnmR4addBSeCWv/XjvdY3/3XCiQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKpAHJ4Z7ftXyQCpQBSx+YWO+ZI6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcWtBY25obnQtMWZKQUtsQUZMSDVoWTc1a2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBowV8AwQA
owWGAwQAowWIAwQBowWiAwQAowWmAwQAowWtMA0GCSqGSIb3DQEBCwUAA4IBAQAO
a2TAdL5vtEFvN7b0JCajvcpMjsoN9M8VRHP943VxgjUbKEwUCPfyt675f4e+GTEG
Cx1ELIBoQ+PW6gFOO5Zj1aGLwClvF8IO+YiR539yBjsXHBf0cKhnZBsCzmtQ66I8
cV+A3XlVXgS7TjF6P0G5XMf7g19kQ1uz4nTz+4o+pRZkaNQnizajKb0y1Et5N+BB
9WlOL5YHtD2+dxwNYB5723tmbdnpz4ce1+DdYfu5py3422uV3ssaUm48rRzLgN/r
FsVpxDi8yw9izu9CmAZ6mivv/Ol2rnLSMHP6mYeAp/tIxxdFliSuXdLSlYxcSHmZ
MW25sl1ZW7Xl8hDeKtbz
-----END CERTIFICATE-----
Generated at Fri Jul 12 00:08:14 2024 by rpki-client on console-ams.rpki-client.org