Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2FGuzl36r1LpAwqpE4BkvPISTYg.roa
File: 2FGuzl36r1LpAwqpE4BkvPISTYg.roa (raw, json)
Hash identifier: zn6UvOlBywXL8CG4IIaVObBI8TRRHiNr1J/gXkuhNpM=
Subject key identifier: D8:51:AE:CE:5D:FA:AF:52:E9:03:0A:A9:13:80:64:BC:F2:12:4D:88
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018713E4D65C0728144BA6D3AA15B3746FC5
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2FGuzl36r1LpAwqpE4BkvPISTYg.roa
Signing time: Fri 24 Mar 2023 13:52:56 +0000
ROA not before: Fri 24 Mar 2023 13:52:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 5.105.131.0/24 maxlen: 24
5.105.29.0/24 maxlen: 24
5.105.134.0/24 maxlen: 24
5.105.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:13:e4:d6:5c:07:28:14:4b:a6:d3:aa:15:b3:74:6f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Mar 24 13:52:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d851aece5dfaaf52e9030aa9138064bcf2124d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b2:22:7b:97:ec:a8:3d:a9:40:cd:4c:6b:00:
bd:c1:63:b2:12:95:3e:ed:2c:42:20:98:4e:b2:ea:
4a:42:d2:1c:1f:ac:6f:92:65:31:1b:60:49:af:07:
85:aa:7e:86:7e:9b:40:53:82:2a:e6:0e:d2:5e:7b:
ee:a4:20:08:eb:ae:2f:75:70:8b:ea:62:01:33:69:
15:e3:53:af:32:b7:92:b7:ff:df:0c:99:b8:82:1d:
8a:48:ec:bf:d4:52:d4:2a:f8:cd:2b:a1:2e:27:51:
88:6d:74:79:5a:f1:6d:14:c4:be:bd:ef:6d:f4:af:
44:a7:96:98:f9:68:6e:f7:8c:38:6c:05:d7:63:ab:
0b:ae:2e:3d:2b:d5:bd:ab:18:7a:96:c7:bd:d5:b3:
68:23:a5:ba:97:84:ba:96:09:72:c2:7f:95:88:c7:
7b:3c:ac:fd:13:07:e8:6d:9e:e6:03:78:c8:58:a1:
e7:4c:94:78:98:c9:dc:7b:99:50:6a:c0:aa:51:c3:
66:a2:ec:b1:9e:b5:69:eb:61:15:96:0d:96:c2:b6:
99:ed:c4:43:2c:3f:e1:48:3f:f6:2e:22:66:b2:c8:
f3:b9:f9:a0:fd:60:ed:d5:2f:39:e3:46:e9:60:03:
59:16:b6:43:f5:0e:89:c0:4c:a3:67:ab:35:c2:a9:
f8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:51:AE:CE:5D:FA:AF:52:E9:03:0A:A9:13:80:64:BC:F2:12:4D:88
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2FGuzl36r1LpAwqpE4BkvPISTYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.29.0/24
5.105.131.0/24
5.105.134.0/24
5.105.156.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:de:05:96:5e:54:30:f0:85:0d:eb:db:5d:31:a7:ee:5b:62:
f1:20:4b:98:22:5e:77:26:ad:50:08:1b:99:42:3c:d2:8f:8b:
57:5c:59:21:a5:71:e5:d1:76:a9:7e:fc:04:23:29:88:af:b2:
28:44:a0:77:84:70:8b:3b:f0:84:43:2b:25:8a:5e:62:78:30:
51:40:b0:ac:44:46:2f:82:14:9b:17:96:88:02:a1:ef:4d:08:
e1:77:42:f7:8e:87:fd:90:c8:58:18:55:0e:1b:10:c0:9f:b1:
64:0c:3f:7c:73:13:73:e7:cd:40:64:64:80:dc:0d:d7:81:6b:
95:ec:e7:75:c3:58:ed:38:ec:c4:2c:18:0c:9a:58:ff:52:5d:
32:f0:c8:df:83:9a:9b:54:1e:d0:05:3d:3b:f1:11:c5:49:eb:
ae:60:b5:ad:aa:cb:a0:ae:c2:a0:26:f8:79:db:b7:b6:ae:7d:
c5:3f:2e:1d:9b:48:d0:8c:12:8b:21:fb:1a:2b:7e:d1:69:bb:
5d:bf:93:ac:39:1b:19:d6:7c:2d:b4:70:52:ef:cb:ab:49:9f:
c4:18:17:0f:0d:e1:6f:eb:bd:33:03:cb:3c:d9:1d:22:dd:f4:
b2:fd:79:dd:36:ee:08:ef:d0:a1:af:68:39:df:e6:2b:31:8d:
c5:d8:bf:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYcT5NZcBygUS6bTqhWzdG/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzI0MTM1MjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODUxYWVjZTVkZmFhZjUyZTkwMzBhYTkxMzgwNjRiY2YyMTI0ZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrIie5fsqD2pQM1MawC9wWOyEpU+
7SxCIJhOsupKQtIcH6xvkmUxG2BJrweFqn6GfptAU4Iq5g7SXnvupCAI664vdXCL
6mIBM2kV41OvMreSt//fDJm4gh2KSOy/1FLUKvjNK6EuJ1GIbXR5WvFtFMS+ve9t
9K9Ep5aY+Whu94w4bAXXY6sLri49K9W9qxh6lse91bNoI6W6l4S6lglywn+ViMd7
PKz9EwfobZ7mA3jIWKHnTJR4mMnce5lQasCqUcNmouyxnrVp62EVlg2WwraZ7cRD
LD/hSD/2LiJmssjzufmg/WDt1S8540bpYANZFrZD9Q6JwEyjZ6s1wqn4mwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNhRrs5d+q9S6QMKqROAZLzyEk2IMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMkZHdXpsMzZyMUxwQXdxcEU0Qmt2UElTVFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWkdAwQA
BWmDAwQABWmGAwQABWmcMA0GCSqGSIb3DQEBCwUAA4IBAQC83gWWXlQw8IUN69td
MafuW2LxIEuYIl53Jq1QCBuZQjzSj4tXXFkhpXHl0XapfvwEIymIr7IoRKB3hHCL
O/CEQyslil5ieDBRQLCsREYvghSbF5aIAqHvTQjhd0L3jof9kMhYGFUOGxDAn7Fk
DD98cxNz581AZGSA3A3XgWuV7Od1w1jtOOzELBgMmlj/Ul0y8Mjfg5qbVB7QBT07
8RHFSeuuYLWtqsugrsKgJvh527e2rn3FPy4dm0jQjBKLIfsaK37Rabtdv5OsORsZ
1nwttHBS78urSZ/EGBcPDeFv670zA8s82R0i3fSy/XndNu4I79Chr2g53+YrMY3F
2L/V
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:16 2023 by rpki-client on console-fra.rpki-client.org