Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3KGRi1sVYGjb5oJBvoarWmzouvw.roa
File: 3KGRi1sVYGjb5oJBvoarWmzouvw.roa (raw, json)
Hash identifier: q/vYwtpbPmmp5FtQEP9/QepqPz7qdvfyTuquqJs2MFo=
Subject key identifier: DC:A1:91:8B:5B:15:60:68:DB:E6:82:41:BE:86:AB:5A:6C:E8:BA:FC
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A41C7C19C5428B211D866B93868579088
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3KGRi1sVYGjb5oJBvoarWmzouvw.roa
Signing time: Tue 29 Aug 2023 14:52:04 +0000
ROA not before: Tue 29 Aug 2023 14:52:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 5.105.122.0/24 maxlen: 24
5.105.131.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.136.0/24 maxlen: 24
5.105.134.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.84.0/24 maxlen: 24
5.105.82.0/24 maxlen: 24
5.105.110.0/24 maxlen: 24
5.105.115.0/24 maxlen: 24
5.105.114.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.248.0/24 maxlen: 24
193.46.210.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.16.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
5.105.18.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.50.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.62.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:c7:c1:9c:54:28:b2:11:d8:66:b9:38:68:57:90:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 29 14:52:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dca1918b5b156068dbe68241be86ab5a6ce8bafc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:da:4e:8f:7a:95:16:86:23:82:d6:14:5e:43:
15:3b:6c:14:5a:08:53:0b:17:ec:05:de:09:43:3c:
8b:e0:8d:25:21:e2:ff:83:30:23:3c:ec:fd:79:9d:
42:ce:68:87:a1:7b:b1:8e:d0:b1:4e:a8:1f:21:be:
07:bf:d6:35:07:f5:d2:03:61:9b:cd:a3:54:c4:06:
6b:dd:93:e0:d0:1d:cc:be:8f:b9:a5:27:1e:94:cd:
87:d8:a2:89:92:3e:db:ef:cb:bf:10:a3:d9:4d:55:
91:03:e6:38:9b:a9:35:b0:da:ee:c0:56:9f:6d:3f:
7d:fb:1f:3e:f2:73:7c:28:12:88:f5:46:97:3f:72:
21:f9:ef:65:5a:ad:1b:b4:50:7c:fc:dd:63:eb:f3:
94:e5:e4:e1:81:0a:3b:b8:40:5a:62:5d:ea:fb:0b:
db:2a:4b:31:da:7f:ad:1f:f7:65:3a:97:cd:19:f8:
96:da:2d:5a:60:33:ae:2b:41:c5:f8:2e:92:94:1c:
2c:d6:54:2c:6b:39:a1:fa:76:d6:be:52:14:f7:dd:
6a:4f:71:cf:fe:fa:58:a4:3e:a3:6b:cf:86:37:99:
c5:ba:1a:e5:a5:49:dd:dd:39:dc:fc:13:ea:47:02:
89:94:a8:b9:cf:23:c4:45:c2:09:f2:7f:62:4e:19:
03:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A1:91:8B:5B:15:60:68:DB:E6:82:41:BE:86:AB:5A:6C:E8:BA:FC
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3KGRi1sVYGjb5oJBvoarWmzouvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.16.0/24
5.105.18.0/24
5.105.21.0/24
5.105.40.0/24
5.105.50.0/24
5.105.57.0/24
5.105.62.0/24
5.105.82.0/24
5.105.84.0/24
5.105.110.0/24
5.105.114.0/23
5.105.122.0/24
5.105.127.0/24
5.105.131.0/24
5.105.134.0/24
5.105.136.0/24
5.105.138.0/23
5.105.157.0/24
5.105.162.0/24
5.105.203.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.248.0/23
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
04:ce:70:5f:82:e1:7b:f6:b5:0e:96:13:7f:38:d8:e4:a7:fc:
d9:0a:79:4b:60:f5:63:7a:5f:53:7c:7e:1a:48:4b:45:51:74:
16:12:a6:2b:81:9d:fa:88:9d:f3:76:f5:b8:29:42:14:1c:0c:
75:47:68:59:f6:fe:fd:2c:15:ac:8e:52:a1:2f:db:36:2a:ab:
aa:0d:56:90:41:f1:02:f7:3d:15:f2:1b:94:0f:8f:fe:9e:51:
e8:f3:13:ab:03:a8:b0:56:05:ce:a1:65:29:8d:c8:3e:a7:83:
7b:7e:ec:76:12:e4:cd:d1:13:49:00:11:be:23:e9:ac:19:ff:
0e:92:03:01:4e:72:81:e5:eb:94:a3:ea:fe:d7:36:e1:80:ab:
ad:0f:50:af:06:c6:b1:6d:73:af:ed:b9:58:5c:fc:63:f8:d5:
da:87:e5:24:a3:3b:ff:d1:7a:b9:ff:1c:a7:ba:fa:86:7b:f6:
5d:35:1b:7b:93:e4:70:d9:77:23:d1:b7:9a:05:49:1b:bf:52:
47:26:63:65:40:d6:27:4b:db:38:ae:0b:74:45:da:57:c3:ec:
7f:97:48:b4:61:62:3c:45:f8:9f:21:4f:ba:57:d6:fe:84:29:
97:e0:22:eb:8f:b2:ea:d0:51:81:cc:d0:c5:b4:3a:83:d6:72:
a1:a8:64:4c
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYpBx8GcVCiyEdhmuThoV5CIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODI5MTQ1MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ExOTE4YjViMTU2MDY4ZGJlNjgyNDFiZTg2YWI1YTZjZThiYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtpOj3qVFoYjgtYUXkMVO2wUWghT
CxfsBd4JQzyL4I0lIeL/gzAjPOz9eZ1CzmiHoXuxjtCxTqgfIb4Hv9Y1B/XSA2Gb
zaNUxAZr3ZPg0B3Mvo+5pScelM2H2KKJkj7b78u/EKPZTVWRA+Y4m6k1sNruwFaf
bT99+x8+8nN8KBKI9UaXP3Ih+e9lWq0btFB8/N1j6/OU5eThgQo7uEBaYl3q+wvb
Kksx2n+tH/dlOpfNGfiW2i1aYDOuK0HF+C6SlBws1lQsazmh+nbWvlIU991qT3HP
/vpYpD6ja8+GN5nFuhrlpUnd3Tnc/BPqRwKJlKi5zyPERcIJ8n9iThkDIQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFNyhkYtbFWBo2+aCQb6Gq1ps6Lr8MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvM0tHUmkxc1ZZR2piNW9KQnZvYXJXbXpvdXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAF
aRADBAAFaRIDBAAFaRUDBAAFaSgDBAAFaTIDBAAFaTkDBAAFaT4DBAAFaVIDBAAF
aVQDBAAFaW4DBAEFaXIDBAAFaXoDBAAFaX8DBAAFaYMDBAAFaYYDBAAFaYgDBAEF
aYoDBAAFaZ0DBAAFaaIDBAAFacswDAMEAAVp7wMEAAVp8AMEAQVp9AMEAQVp+AME
AAW0sAMEAMEu0jANBgkqhkiG9w0BAQsFAAOCAQEABM5wX4Lhe/a1DpYTfzjY5Kf8
2Qp5S2D1Y3pfU3x+GkhLRVF0FhKmK4Gd+oid83b1uClCFBwMdUdoWfb+/SwVrI5S
oS/bNiqrqg1WkEHxAvc9FfIblA+P/p5R6PMTqwOosFYFzqFlKY3IPqeDe37sdhLk
zdETSQARviPprBn/DpIDAU5ygeXrlKPq/tc24YCrrQ9QrwbGsW1zr+25WFz8Y/jV
2oflJKM7/9F6uf8cp7r6hnv2XTUbe5PkcNl3I9G3mgVJG79SRyZjZUDWJ0vbOK4L
dEXaV8Psf5dItGFiPEX4nyFPulfW/oQpl+Ai64+y6tBRgczQxbQ6g9ZyoahkTA==
-----END CERTIFICATE-----
Generated at Thu Aug 31 07:31:25 2023 by rpki-client on console-fra.rpki-client.org