Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/43w6vQ3cwxMWMtohtYgl6rLex10.roa
File: 43w6vQ3cwxMWMtohtYgl6rLex10.roa (raw, json)
Hash identifier: 08kEiMT6MhJJF5kfj9TzBkG/FoMAEzrwm/o4T8LMfRE=
Subject key identifier: E3:7C:3A:BD:0D:DC:C3:13:16:32:DA:21:B5:88:25:EA:B2:DE:C7:5D
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A3C2D5BFA9E09B5193E51810143E88CFF
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/43w6vQ3cwxMWMtohtYgl6rLex10.roa
Signing time: Mon 28 Aug 2023 12:45:20 +0000
ROA not before: Mon 28 Aug 2023 12:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 5.105.35.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.164.0/24 maxlen: 24
5.105.101.0/24 maxlen: 24
5.105.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Aug 2023 14:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:2d:5b:fa:9e:09:b5:19:3e:51:81:01:43:e8:8c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 28 12:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e37c3abd0ddcc3131632da21b58825eab2dec75d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f6:06:f0:2a:60:f6:4b:04:dc:93:23:71:eb:
84:3f:c2:1c:7b:ea:aa:b8:09:9c:e0:06:0f:d2:3d:
b2:d5:7a:38:4d:1f:ae:fa:ea:5b:fd:cb:f0:cc:72:
bc:1d:78:ea:40:84:81:16:95:59:95:ac:ec:aa:dc:
3c:01:f1:80:06:35:aa:c7:55:cb:be:d1:12:61:ff:
4c:11:cf:5a:e4:d2:24:9b:b3:b4:fd:ac:ce:9a:05:
82:60:5e:27:9a:88:69:5d:8f:d3:1e:fd:5c:21:24:
20:f6:30:87:a1:e4:ff:7e:fc:e3:86:c4:c2:3b:d0:
bc:85:46:56:40:be:41:ab:d5:66:f1:5d:58:4b:40:
77:18:2f:0b:b6:fa:98:b8:f5:aa:77:36:f4:aa:94:
9b:d3:77:cb:fc:50:b4:0c:fc:d7:96:08:83:ee:e4:
aa:8f:93:f3:f8:0a:85:8e:a7:75:d4:c1:23:1b:fd:
bd:eb:e2:e2:a0:d9:3c:f2:7e:04:fe:ca:0c:f7:16:
24:fe:d6:39:82:60:20:02:9b:7a:77:76:70:0c:df:
ec:d8:10:32:3e:7a:28:04:c8:6a:09:ef:81:25:5c:
40:b5:27:6c:81:58:72:c8:db:8a:1a:42:de:c0:e1:
57:e2:af:a6:6e:ae:9c:0a:2d:19:2e:bd:2e:78:29:
cf:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7C:3A:BD:0D:DC:C3:13:16:32:DA:21:B5:88:25:EA:B2:DE:C7:5D
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/43w6vQ3cwxMWMtohtYgl6rLex10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.35.0/24
5.105.43.0/24
5.105.101.0/24
5.105.111.0/24
5.105.164.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:1e:7e:3e:b8:6e:f8:0d:ea:ae:90:77:ed:5e:d3:98:c5:a7:
62:9c:51:85:1f:c8:a6:87:23:6f:6d:66:68:63:f5:92:5c:fb:
f5:3a:12:14:33:ac:af:95:40:ee:41:02:95:0b:a1:42:80:8f:
75:e1:be:80:f5:d8:35:45:25:d5:08:87:9f:5a:78:cf:7b:2a:
fc:7f:07:88:29:77:80:6d:e1:a4:25:72:da:4f:d5:c2:29:89:
24:56:41:93:38:ff:40:04:fd:68:51:5a:ea:48:4a:04:48:e1:
93:6a:0f:f2:ac:4b:4e:ae:ea:31:6a:86:26:dc:d8:d0:7a:b1:
00:6e:bc:62:4f:cd:7f:17:67:d5:ac:db:39:5b:17:cc:08:05:
70:ae:08:c9:2c:63:9f:00:81:04:f9:81:66:2c:a1:7a:94:49:
8d:03:9f:d1:13:80:ee:91:cb:e2:05:1c:e7:93:be:f9:3d:45:
bc:6a:f8:62:9d:ca:c3:e2:3a:bb:26:2e:07:17:4e:a6:86:0b:
66:f9:e2:46:55:6e:c6:8b:6d:ad:11:4e:b7:fc:0f:3f:f7:5d:
93:65:bf:e7:d0:63:d6:f7:89:65:90:a8:b2:83:fa:32:44:36:
ad:96:00:30:a3:be:7e:e8:eb:8a:68:95:15:c9:ba:4b:ed:14:
f4:ec:d9:ce
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYo8LVv6ngm1GT5RgQFD6Iz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODI4MTI0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzdjM2FiZDBkZGNjMzEzMTYzMmRhMjFiNTg4MjVlYWIyZGVjNzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/YG8Cpg9ksE3JMjceuEP8Ice+qq
uAmc4AYP0j2y1Xo4TR+u+upb/cvwzHK8HXjqQISBFpVZlazsqtw8AfGABjWqx1XL
vtESYf9MEc9a5NIkm7O0/azOmgWCYF4nmohpXY/THv1cISQg9jCHoeT/fvzjhsTC
O9C8hUZWQL5Bq9Vm8V1YS0B3GC8LtvqYuPWqdzb0qpSb03fL/FC0DPzXlgiD7uSq
j5Pz+AqFjqd11MEjG/296+LioNk88n4E/soM9xYk/tY5gmAgApt6d3ZwDN/s2BAy
PnooBMhqCe+BJVxAtSdsgVhyyNuKGkLewOFX4q+mbq6cCi0ZLr0ueCnPpQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFON8Or0N3MMTFjLaIbWIJeqy3sddMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvNDN3NnZRM2N3eE1XTXRvaHRZZ2w2ckxleDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABWkjAwQA
BWkrAwQABWllAwQABWlvAwQABWmkMA0GCSqGSIb3DQEBCwUAA4IBAQCaHn4+uG74
DequkHftXtOYxadinFGFH8imhyNvbWZoY/WSXPv1OhIUM6yvlUDuQQKVC6FCgI91
4b6A9dg1RSXVCIefWnjPeyr8fweIKXeAbeGkJXLaT9XCKYkkVkGTOP9ABP1oUVrq
SEoESOGTag/yrEtOruoxaoYm3NjQerEAbrxiT81/F2fVrNs5WxfMCAVwrgjJLGOf
AIEE+YFmLKF6lEmNA5/RE4DukcviBRznk775PUW8avhincrD4jq7Ji4HF06mhgtm
+eJGVW7Gi22tEU63/A8/912TZb/n0GPW94llkKiyg/oyRDatlgAwo75+6OuKaJUV
ybpL7RT07NnO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:55 2024 by rpki-client on console-ams.rpki-client.org