Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2LjRxWeJFOTQKnOGMgXXzngksZw.roa
File: 2LjRxWeJFOTQKnOGMgXXzngksZw.roa (raw, json)
Hash identifier: BsZWNxyifmUMORGR6wihLgEijgjufcg94CsjySsjQwY=
Subject key identifier: D8:B8:D1:C5:67:89:14:E4:D0:2A:73:86:32:05:D7:CE:78:24:B1:9C
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A3C2D5EA8E30B6991FF1D90498B1494AD
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2LjRxWeJFOTQKnOGMgXXzngksZw.roa
Signing time: Mon 28 Aug 2023 12:45:20 +0000
ROA not before: Mon 28 Aug 2023 12:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 5.105.24.0/24 maxlen: 24
5.105.25.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 19:25:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:2d:5e:a8:e3:0b:69:91:ff:1d:90:49:8b:14:94:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 28 12:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8b8d1c5678914e4d02a73863205d7ce7824b19c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:42:48:41:3c:ea:9a:a6:b9:fc:61:1a:3c:07:
30:72:94:c7:fd:2e:27:dc:2a:f2:08:46:81:85:c4:
db:ef:9e:7a:f4:b8:57:a4:94:fb:b2:8b:f8:36:1c:
c6:03:c9:90:0b:17:50:ef:6e:2b:47:2a:84:5b:37:
fd:71:6d:f1:ea:46:e1:74:cf:9b:1c:a8:4b:a0:c0:
f6:c7:cb:37:fb:79:58:a9:af:c2:11:23:29:e9:88:
3c:86:9d:7d:72:fe:82:6e:76:99:80:df:97:3b:e8:
bc:fb:bf:7b:ec:7e:56:ad:be:0c:bc:0f:a3:09:ca:
8d:70:9e:ba:dd:64:d4:bd:c0:a4:bd:86:01:25:7e:
5b:d0:c8:eb:46:7c:e9:f2:b0:58:54:ed:4d:97:86:
5d:06:7e:f1:01:9e:a7:6c:29:b7:97:d9:81:aa:76:
b9:84:5f:4e:bd:f3:bb:4c:46:77:dc:ee:74:ef:aa:
63:49:a7:4f:3e:da:04:38:6a:dd:1e:a4:8f:e1:d8:
bc:0f:1f:0d:8d:f7:dd:61:fb:70:e0:d2:aa:fb:95:
7c:00:81:61:d3:11:a3:e7:3a:13:c0:d4:2b:c3:57:
ce:2d:fd:e3:aa:0f:f3:92:04:93:d6:07:ed:48:02:
8b:90:50:c8:be:d9:b5:e2:09:3f:6a:f6:73:dc:3a:
af:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B8:D1:C5:67:89:14:E4:D0:2A:73:86:32:05:D7:CE:78:24:B1:9C
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2LjRxWeJFOTQKnOGMgXXzngksZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.24.0/23
5.105.81.0/24
5.105.96.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:84:d0:e6:72:c3:10:1b:93:d5:c1:f0:64:e4:d5:f6:b9:4a:
38:d6:69:46:cd:22:02:52:24:fe:44:e5:5e:b3:7e:04:78:84:
08:47:43:63:de:bc:48:7e:ce:1d:2b:22:14:b5:5f:6c:35:12:
09:61:93:49:68:31:f4:1f:93:a5:b6:ba:af:c0:38:a5:f4:8b:
1e:4c:67:43:b7:90:ce:f9:fc:b7:62:87:8c:22:72:c4:58:eb:
94:62:a6:ab:0b:f0:7a:56:7c:8f:d2:f7:66:6d:2c:42:45:8c:
5a:1f:7f:04:3d:b1:b1:d3:03:7e:ff:73:1a:45:6a:8e:4b:90:
4e:ef:2f:b1:2c:06:d1:01:51:8a:af:82:84:58:17:28:7f:dc:
f6:5e:49:a8:4f:b0:51:93:ba:fe:d6:ee:a9:ff:73:5e:72:49:
1e:45:e0:ca:06:7d:1c:69:7a:9f:3b:a8:62:7b:d8:f3:30:36:
5b:37:c3:6b:c4:3e:35:fa:03:c1:9a:b8:dc:e5:d2:31:bb:65:
34:3f:1d:59:c5:86:29:98:ac:43:6c:61:b9:b2:78:a8:96:26:
dc:4c:cc:e2:73:b5:41:a6:6c:fc:79:dd:c5:87:4c:97:05:4d:
da:dd:c7:4e:17:1b:2c:41:9b:94:5c:e2:95:d3:2f:2e:28:7a:
92:a2:9f:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYo8LV6o4wtpkf8dkEmLFJStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODI4MTI0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGI4ZDFjNTY3ODkxNGU0ZDAyYTczODYzMjA1ZDdjZTc4MjRiMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkJIQTzqmqa5/GEaPAcwcpTH/S4n
3CryCEaBhcTb75569LhXpJT7sov4NhzGA8mQCxdQ724rRyqEWzf9cW3x6kbhdM+b
HKhLoMD2x8s3+3lYqa/CESMp6Yg8hp19cv6CbnaZgN+XO+i8+7977H5Wrb4MvA+j
CcqNcJ663WTUvcCkvYYBJX5b0MjrRnzp8rBYVO1Nl4ZdBn7xAZ6nbCm3l9mBqna5
hF9OvfO7TEZ33O5076pjSadPPtoEOGrdHqSP4di8Dx8NjffdYftw4NKq+5V8AIFh
0xGj5zoTwNQrw1fOLf3jqg/zkgST1gftSAKLkFDIvtm14gk/avZz3DqvMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNi40cVniRTk0CpzhjIF1854JLGcMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMkxqUnhXZUpGT1RRS25PR01nWFh6bmdrc1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBWkYAwQA
BWlRAwQABWlgMA0GCSqGSIb3DQEBCwUAA4IBAQCthNDmcsMQG5PVwfBk5NX2uUo4
1mlGzSICUiT+ROVes34EeIQIR0Nj3rxIfs4dKyIUtV9sNRIJYZNJaDH0H5Oltrqv
wDil9IseTGdDt5DO+fy3YoeMInLEWOuUYqarC/B6VnyP0vdmbSxCRYxaH38EPbGx
0wN+/3MaRWqOS5BO7y+xLAbRAVGKr4KEWBcof9z2XkmoT7BRk7r+1u6p/3Neckke
ReDKBn0caXqfO6hie9jzMDZbN8NrxD41+gPBmrjc5dIxu2U0Px1ZxYYpmKxDbGG5
sniolibcTMzic7VBpmz8ed3Fh0yXBU3a3cdOFxssQZuUXOKV0y8uKHqSop9t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:55 2024 by rpki-client on console-ams.rpki-client.org