Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2dTLNNHr1VF7XL3FEykwQtrJPa0.roa
File: 2dTLNNHr1VF7XL3FEykwQtrJPa0.roa (raw, json)
Hash identifier: EgWwBfSRrFyp+v5hL3NjeMAfYqJJEEw/gWL05y2zA4Y=
Subject key identifier: D9:D4:CB:34:D1:EB:D5:51:7B:5C:BD:C5:13:29:30:42:DA:C9:3D:AD
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01896AB8DBA0A24B6FCE75ABE03B307DCCAB
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2dTLNNHr1VF7XL3FEykwQtrJPa0.roa
Signing time: Tue 18 Jul 2023 20:37:26 +0000
ROA not before: Tue 18 Jul 2023 20:37:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 5.105.124.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.166.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.170.0/24 maxlen: 24
5.105.94.0/24 maxlen: 24
5.105.102.0/24 maxlen: 24
5.105.118.0/24 maxlen: 24
5.105.117.0/24 maxlen: 24
5.105.113.0/24 maxlen: 24
5.105.229.0/24 maxlen: 24
5.105.228.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.186.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
193.46.210.0/24 maxlen: 24
5.105.199.0/24 maxlen: 24
5.105.198.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.216.0/24 maxlen: 24
5.105.218.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
5.105.18.0/24 maxlen: 24
5.105.37.0/24 maxlen: 24
5.105.36.0/24 maxlen: 24
5.105.49.0/24 maxlen: 24
5.105.47.0/24 maxlen: 24
5.105.45.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6a:b8:db:a0:a2:4b:6f:ce:75:ab:e0:3b:30:7d:cc:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 18 20:37:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9d4cb34d1ebd5517b5cbdc513293042dac93dad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:eb:c8:9a:d1:2e:3b:f9:89:42:7a:8c:59:c7:
9d:31:1b:40:4f:d8:66:b6:0a:73:12:53:d8:be:ff:
a7:54:ee:94:47:03:ef:e8:7e:15:29:ec:79:c4:2e:
3a:34:b0:6b:6c:0d:8b:36:2d:c4:2a:0f:61:dc:21:
14:13:ac:ad:fd:5e:be:dc:07:2a:b0:06:86:5d:73:
f9:76:5f:b4:0f:bb:09:67:68:7b:a0:93:2b:46:87:
b0:02:7a:03:5d:0f:bc:68:1c:c3:62:9e:b4:74:6b:
91:bc:81:e9:9c:45:2f:a7:65:32:bd:5b:53:6e:37:
c5:99:fb:dd:16:85:ae:fc:bb:31:05:dc:12:d9:aa:
69:3c:ca:27:ac:1b:12:82:5f:43:4b:a6:21:14:03:
3e:74:33:54:0a:ae:9d:a4:31:6e:f0:ce:ce:08:8f:
54:69:f6:a8:cb:b4:18:b4:bf:33:ba:58:ea:46:55:
50:d0:58:cb:c2:c9:bf:8d:90:99:5b:08:a8:01:d2:
a5:c8:6f:8c:b9:9e:c3:01:c2:f2:d5:74:19:38:9a:
ff:0f:ef:c2:cd:2c:ab:9e:43:de:81:ef:99:ea:36:
c4:70:f3:56:32:fd:73:1d:8b:19:a8:92:c5:47:c7:
44:1b:2b:1d:bb:79:16:01:71:7f:23:66:17:45:a1:
43:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D4:CB:34:D1:EB:D5:51:7B:5C:BD:C5:13:29:30:42:DA:C9:3D:AD
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2dTLNNHr1VF7XL3FEykwQtrJPa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.7.0/24
5.105.18.0/24
5.105.21.0/24
5.105.36.0/23
5.105.45.0/24
5.105.47.0/24
5.105.49.0/24
5.105.94.0/24
5.105.102.0/24
5.105.113.0/24
5.105.117.0-5.105.118.255
5.105.124.0/24
5.105.127.0/24
5.105.139.0/24
5.105.157.0/24
5.105.162.0/24
5.105.166.0/24
5.105.170.0/24
5.105.186.0/23
5.105.198.0-5.105.200.255
5.105.202.0/23
5.105.216.0/24
5.105.218.0/24
5.105.228.0/23
5.105.239.0-5.105.240.255
5.105.244.0/23
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
52:0c:e2:8c:84:59:0b:41:02:57:ff:ca:9f:cc:da:14:ac:1e:
ce:0c:1e:6b:74:26:c9:bf:7a:f9:f3:ff:ab:8b:77:5a:19:a1:
0e:72:4d:82:d4:83:28:ec:7c:61:99:f2:71:cc:62:ec:e7:d0:
92:47:97:95:7b:36:fd:38:d8:0c:3b:a1:18:e3:e0:ed:01:32:
01:a7:14:bd:51:b0:a7:aa:60:fb:13:01:47:4b:41:3c:d4:3c:
cc:7d:e2:06:eb:b3:3b:1f:9b:f8:c3:4e:e7:33:9d:8c:cb:f2:
bf:d7:27:7f:18:0a:3a:fa:5d:26:e9:62:7f:61:17:33:29:9c:
97:94:27:e7:e2:42:28:bb:56:15:57:cc:7e:bd:4c:17:56:5e:
da:da:dd:54:eb:b4:23:54:eb:25:c4:12:be:35:ba:8d:09:b1:
ab:70:85:aa:b7:74:78:0c:80:a2:4b:14:0d:cd:1b:a5:75:77:
ff:e7:77:97:9d:55:36:37:b5:94:17:2b:a7:23:13:88:87:5e:
c4:4f:1c:5a:2a:45:bb:77:92:e3:96:8c:fd:b9:dc:fa:ca:38:
e9:e8:85:ef:be:32:94:ea:73:1b:f1:57:30:17:18:72:05:d1:
70:6b:67:9e:2f:91:25:90:c6:81:3a:09:a3:07:bd:c5:0a:13:
f5:d6:c8:a0
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYlquNugoktvznWr4DswfcyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzE4MjAzNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ0Y2IzNGQxZWJkNTUxN2I1Y2JkYzUxMzI5MzA0MmRhYzkzZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uvImtEuO/mJQnqMWcedMRtAT9hm
tgpzElPYvv+nVO6URwPv6H4VKex5xC46NLBrbA2LNi3EKg9h3CEUE6yt/V6+3Acq
sAaGXXP5dl+0D7sJZ2h7oJMrRoewAnoDXQ+8aBzDYp60dGuRvIHpnEUvp2UyvVtT
bjfFmfvdFoWu/LsxBdwS2appPMonrBsSgl9DS6YhFAM+dDNUCq6dpDFu8M7OCI9U
afaoy7QYtL8zuljqRlVQ0FjLwsm/jZCZWwioAdKlyG+MuZ7DAcLy1XQZOJr/D+/C
zSyrnkPege+Z6jbEcPNWMv1zHYsZqJLFR8dEGysdu3kWAXF/I2YXRaFDjQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFNnUyzTR69VRe1y9xRMpMELayT2tMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMmRUTE5OSHIxVkY3WEwzRkV5a3dRdHJKUGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBAAF
aQcDBAAFaRIDBAAFaRUDBAEFaSQDBAAFaS0DBAAFaS8DBAAFaTEDBAAFaV4DBAAF
aWYDBAAFaXEwDAMEAAVpdQMEAAVpdgMEAAVpfAMEAAVpfwMEAAVpiwMEAAVpnQME
AAVpogMEAAVppgMEAAVpqgMEAQVpujAMAwQBBWnGAwQABWnIAwQBBWnKAwQABWnY
AwQABWnaAwQBBWnkMAwDBAAFae8DBAAFafADBAEFafQDBAAFtLADBADBLtIwDQYJ
KoZIhvcNAQELBQADggEBAFIM4oyEWQtBAlf/yp/M2hSsHs4MHmt0Jsm/evnz/6uL
d1oZoQ5yTYLUgyjsfGGZ8nHMYuzn0JJHl5V7Nv042Aw7oRjj4O0BMgGnFL1RsKeq
YPsTAUdLQTzUPMx94gbrszsfm/jDTucznYzL8r/XJ38YCjr6XSbpYn9hFzMpnJeU
J+fiQii7VhVXzH69TBdWXtra3VTrtCNU6yXEEr41uo0Jsatwhaq3dHgMgKJLFA3N
G6V1d//nd5edVTY3tZQXK6cjE4iHXsRPHFoqRbt3kuOWjP253PrKOOnohe++MpTq
cxvxVzAXGHIF0XBrZ54vkSWQxoE6CaMHvcUKE/XWyKA=
-----END CERTIFICATE-----
Generated at Tue Jul 25 09:54:09 2023 by rpki-client on console-fra.rpki-client.org