Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0KqGgaxalzSu2LTUxE7SZbFjaD0.roa
File: 0KqGgaxalzSu2LTUxE7SZbFjaD0.roa (raw, json)
Hash identifier: +5hp5By+4DUT6lFQAQQFa3vPgzwejrA8qtvAeb1YG/s=
Subject key identifier: D0:AA:86:81:AC:5A:97:34:AE:D8:B4:D4:C4:4E:D2:65:B1:63:68:3D
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189AD69A0D2AAC648C03F5EFF1D606D2296
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0KqGgaxalzSu2LTUxE7SZbFjaD0.roa
Signing time: Mon 31 Jul 2023 19:25:28 +0000
ROA not before: Mon 31 Jul 2023 19:25:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 5.105.132.0/24 maxlen: 24
5.105.141.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ad:69:a0:d2:aa:c6:48:c0:3f:5e:ff:1d:60:6d:22:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 31 19:25:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0aa8681ac5a9734aed8b4d4c44ed265b163683d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e3:dd:58:6b:8a:31:cf:74:53:7b:b0:c9:e6:
49:c0:2c:81:a1:79:fc:08:3d:0e:1e:3b:26:c3:2f:
c1:89:bc:f6:9c:0a:8f:64:a0:85:ca:41:b7:4d:b9:
6e:08:79:dc:f8:cd:53:74:e9:63:07:56:12:40:89:
a2:1c:da:5a:6e:d1:44:ac:6f:8f:db:c2:ea:ef:02:
4c:25:92:0c:cb:ef:f5:e3:0c:56:f3:88:53:c8:aa:
ed:e5:5b:b7:b4:4e:91:60:3f:c3:6a:93:a8:38:dd:
3b:2a:84:c8:6c:f2:78:89:a0:85:26:15:1e:c0:a1:
89:ee:79:4a:da:fa:72:78:23:7b:d1:78:7d:3d:ef:
1f:96:bf:b1:37:44:e4:09:5f:a6:ae:23:1b:2b:a4:
05:58:52:f3:10:88:ff:0c:a3:65:83:53:2a:8c:20:
32:a3:da:90:c5:71:31:3e:c1:b1:e3:76:19:32:a3:
8e:16:c4:19:2b:9e:32:a0:86:aa:d6:73:30:96:e4:
5d:d2:69:b6:32:8a:c4:4f:c3:3a:95:3c:0f:9a:8e:
c4:a7:52:5b:1c:4a:8d:de:ba:94:64:78:53:28:06:
c1:7d:41:3a:7d:54:69:65:04:64:7b:89:b8:69:b5:
79:12:d9:21:da:c3:99:17:27:28:0e:2a:55:fa:57:
83:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AA:86:81:AC:5A:97:34:AE:D8:B4:D4:C4:4E:D2:65:B1:63:68:3D
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0KqGgaxalzSu2LTUxE7SZbFjaD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.132.0/24
5.105.141.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:0b:f5:83:5c:64:df:d9:4c:55:98:0b:d3:78:b6:aa:8d:d3:
d6:41:e1:e4:fe:27:1d:bd:4d:ee:4f:21:f5:e4:6c:c1:48:46:
9b:f6:ec:84:9e:d1:5c:84:5a:ac:db:aa:76:50:0b:14:65:f8:
6e:13:68:10:84:64:7c:67:26:fc:f0:2c:28:b6:ac:e2:e0:57:
02:60:7d:05:25:83:3a:34:73:3f:b8:e8:9f:38:06:cc:0e:4c:
a2:f1:0c:4e:bb:cf:15:59:e5:05:f3:b0:74:88:5b:b0:6a:96:
b9:f4:34:20:bd:c6:01:67:ea:1a:f7:45:a6:35:01:11:c1:a1:
87:f5:52:41:ec:3e:f6:33:3a:37:21:2a:b0:e9:ff:da:0e:03:
81:6d:4c:2f:92:da:39:fe:40:30:74:f8:77:fb:4b:6f:14:b0:
5c:99:de:90:74:a3:b4:7f:8b:a2:2a:4d:e3:37:0a:ab:43:3a:
6f:38:e1:b1:8d:35:f2:12:75:12:5d:18:98:bf:5f:e6:22:43:
e0:dc:9b:c4:8e:7f:d3:f3:3f:2f:d5:b6:e8:c7:35:5c:12:96:
2b:0b:e3:82:e5:29:ab:ef:54:97:f5:79:ba:ce:82:1d:19:39:
d3:e7:09:1d:54:54:c7:3c:d2:ef:35:f1:fc:1c:3e:a7:7c:e5:
aa:ec:b6:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmtaaDSqsZIwD9e/x1gbSKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzMxMTkyNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGFhODY4MWFjNWE5NzM0YWVkOGI0ZDRjNDRlZDI2NWIxNjM2ODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuPdWGuKMc90U3uwyeZJwCyBoXn8
CD0OHjsmwy/Bibz2nAqPZKCFykG3TbluCHnc+M1TdOljB1YSQImiHNpabtFErG+P
28Lq7wJMJZIMy+/14wxW84hTyKrt5Vu3tE6RYD/DapOoON07KoTIbPJ4iaCFJhUe
wKGJ7nlK2vpyeCN70Xh9Pe8flr+xN0TkCV+mriMbK6QFWFLzEIj/DKNlg1MqjCAy
o9qQxXExPsGx43YZMqOOFsQZK54yoIaq1nMwluRd0mm2MorET8M6lTwPmo7Ep1Jb
HEqN3rqUZHhTKAbBfUE6fVRpZQRke4m4abV5Etkh2sOZFycoDipV+leDWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNCqhoGsWpc0rti01MRO0mWxY2g9MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMEtxR2dheGFselN1MkxUVXhFN1NaYkZqYUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWmEAwQA
BWmNMA0GCSqGSIb3DQEBCwUAA4IBAQBsC/WDXGTf2UxVmAvTeLaqjdPWQeHk/icd
vU3uTyH15GzBSEab9uyEntFchFqs26p2UAsUZfhuE2gQhGR8Zyb88Cwotqzi4FcC
YH0FJYM6NHM/uOifOAbMDkyi8QxOu88VWeUF87B0iFuwapa59DQgvcYBZ+oa90Wm
NQERwaGH9VJB7D72Mzo3ISqw6f/aDgOBbUwvkto5/kAwdPh3+0tvFLBcmd6QdKO0
f4uiKk3jNwqrQzpvOOGxjTXyEnUSXRiYv1/mIkPg3JvEjn/T8z8v1bboxzVcEpYr
C+OC5Smr71SX9Xm6zoIdGTnT5wkdVFTHPNLvNfH8HD6nfOWq7LZH
-----END CERTIFICATE-----
Generated at Fri Aug 18 09:22:46 2023 by rpki-client on console-ams.rpki-client.org