Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2_M6hXLa3Cc7O2FfrIGm3J-TXMI.roa
File: 2_M6hXLa3Cc7O2FfrIGm3J-TXMI.roa (raw, json)
Hash identifier: Yx1hI3o7NE68mu+kCzQADDEQpZ8+vlY9SS2voZ+6AUc=
Subject key identifier: DB:F3:3A:85:72:DA:DC:27:3B:3B:61:5F:AC:81:A6:DC:9F:93:5C:C2
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01856BE5A724447D8DA489233A0F27CBDA09
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2_M6hXLa3Cc7O2FfrIGm3J-TXMI.roa
Signing time: Sun 01 Jan 2023 05:54:50 +0000
ROA not before: Sun 01 Jan 2023 05:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15083
IP address blocks: 5.105.128.0/24 maxlen: 24
5.105.133.0/24 maxlen: 24
5.105.140.0/24 maxlen: 24
5.105.163.0/24 maxlen: 24
5.105.161.0/24 maxlen: 24
5.105.70.0/24 maxlen: 24
5.105.78.0/24 maxlen: 24
5.105.85.0/24 maxlen: 24
5.105.99.0/24 maxlen: 24
5.105.109.0/24 maxlen: 24
5.105.58.0/24 maxlen: 24
5.105.56.0/24 maxlen: 24
5.105.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:a7:24:44:7d:8d:a4:89:23:3a:0f:27:cb:da:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 1 05:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbf33a8572dadc273b3b615fac81a6dc9f935cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f0:a0:77:b6:11:fe:42:22:72:14:11:a8:58:
14:61:8c:05:fb:c1:8e:5a:04:d2:8f:74:a5:7d:85:
8b:04:60:b5:32:bc:e4:42:05:4e:9d:83:78:15:c5:
6c:87:ce:1d:3a:8c:7f:1f:52:34:1d:18:b8:f3:46:
4a:96:f3:6d:38:19:79:e2:db:60:26:79:6b:e8:43:
b2:48:ca:2d:9f:eb:82:9a:52:92:6e:c0:4e:52:be:
88:30:8d:63:80:48:c7:14:32:82:a8:ad:83:15:3a:
60:bd:0d:b2:74:ca:f7:ab:e6:76:44:7e:d1:c5:cf:
1e:de:20:0c:92:a1:04:95:27:78:ae:71:99:7e:39:
95:71:a9:80:e9:6f:96:fc:30:c1:75:2e:ab:17:76:
91:7d:5f:6f:c7:6f:46:91:5b:be:38:b4:30:df:c5:
24:f3:d9:3c:49:09:33:8a:1b:5f:05:7a:21:8f:36:
26:02:2a:97:87:bc:32:5e:9b:72:a8:43:07:b8:36:
d7:b9:73:c0:09:88:80:7c:ec:c1:ea:c9:58:3d:cf:
c1:30:2e:af:b9:bd:a6:5c:4b:43:12:4c:6e:f0:2e:
16:e3:ce:ec:75:f6:85:9f:4f:da:dd:ac:be:12:fb:
fb:4b:d5:ec:ce:9d:ca:fc:8d:dd:3e:5e:00:61:09:
b2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F3:3A:85:72:DA:DC:27:3B:3B:61:5F:AC:81:A6:DC:9F:93:5C:C2
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2_M6hXLa3Cc7O2FfrIGm3J-TXMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.56.0/24
5.105.58.0/24
5.105.60.0/24
5.105.70.0/24
5.105.78.0/24
5.105.85.0/24
5.105.99.0/24
5.105.109.0/24
5.105.128.0/24
5.105.133.0/24
5.105.140.0/24
5.105.161.0/24
5.105.163.0/24
Signature Algorithm: sha256WithRSAEncryption
36:d9:a3:48:f5:e4:66:51:fe:41:3c:ba:fd:f8:08:9e:ce:71:
c6:21:7e:54:60:e7:56:0c:fc:ae:1c:f5:97:b3:f9:f1:90:7f:
62:8a:a9:6b:57:a6:47:d2:fe:0d:c7:52:f8:09:b3:04:bf:8f:
fe:22:c5:e9:a3:fb:3a:ad:5a:55:0e:fd:b3:87:68:df:a4:93:
26:d5:fe:17:91:06:a0:68:64:36:ea:72:1f:57:63:b4:b3:44:
94:9f:d6:ae:ad:f3:d0:df:23:f6:22:da:d7:8c:89:44:94:2a:
b2:94:c9:bc:ab:24:e0:3c:47:c5:8e:fe:0e:43:8d:95:d6:22:
19:fd:70:f7:31:dc:b5:f3:64:df:c6:4b:53:4a:83:59:17:65:
28:82:f5:50:82:a5:f2:50:5b:ad:f2:a3:b7:e1:ac:d2:fd:29:
46:57:1b:81:45:7e:90:4d:a9:9e:a7:40:7e:0b:b2:b0:dc:88:
59:43:1f:63:db:51:c9:d8:c0:cf:0f:60:5a:82:18:76:b0:30:
c7:04:fd:8e:e4:94:65:8e:bc:73:54:21:38:79:85:42:42:64:
65:57:b2:33:29:dc:51:b4:45:34:d2:6c:61:5a:8a:03:96:cb:
78:d4:8a:3d:88:91:3c:b2:3a:4c:44:70:b5:81:33:a3:0e:b6:
1f:a5:dc:00
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYVr5ackRH2NpIkjOg8ny9oJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTAxMDU1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmYzM2E4NTcyZGFkYzI3M2IzYjYxNWZhYzgxYTZkYzlmOTM1Y2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Cgd7YR/kIichQRqFgUYYwF+8GO
WgTSj3SlfYWLBGC1MrzkQgVOnYN4FcVsh84dOox/H1I0HRi480ZKlvNtOBl54ttg
Jnlr6EOySMotn+uCmlKSbsBOUr6IMI1jgEjHFDKCqK2DFTpgvQ2ydMr3q+Z2RH7R
xc8e3iAMkqEElSd4rnGZfjmVcamA6W+W/DDBdS6rF3aRfV9vx29GkVu+OLQw38Uk
89k8SQkzihtfBXohjzYmAiqXh7wyXptyqEMHuDbXuXPACYiAfOzB6slYPc/BMC6v
ub2mXEtDEkxu8C4W487sdfaFn0/a3ay+Evv7S9Xszp3K/I3dPl4AYQmyowIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNvzOoVy2twnOzthX6yBptyfk1zCMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMl9NNmhYTGEzQ2M3TzJGZnJJR20zSi1UWE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABWk4AwQA
BWk6AwQABWk8AwQABWlGAwQABWlOAwQABWlVAwQABWljAwQABWltAwQABWmAAwQA
BWmFAwQABWmMAwQABWmhAwQABWmjMA0GCSqGSIb3DQEBCwUAA4IBAQA22aNI9eRm
Uf5BPLr9+AieznHGIX5UYOdWDPyuHPWXs/nxkH9iiqlrV6ZH0v4Nx1L4CbMEv4/+
IsXpo/s6rVpVDv2zh2jfpJMm1f4XkQagaGQ26nIfV2O0s0SUn9aurfPQ3yP2ItrX
jIlElCqylMm8qyTgPEfFjv4OQ42V1iIZ/XD3Mdy182TfxktTSoNZF2UogvVQgqXy
UFut8qO34azS/SlGVxuBRX6QTamep0B+C7Kw3IhZQx9j21HJ2MDPD2Baghh2sDDH
BP2O5JRljrxzVCE4eYVCQmRlV7IzKdxRtEU00mxhWooDlst41Io9iJE8sjpMRHC1
gTOjDrYfpdwA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:59 2023 by rpki-client on console-ams.rpki-client.org