Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/BaWW9mqotzyEoJHVXWD5QWnVnoU.roa
File: BaWW9mqotzyEoJHVXWD5QWnVnoU.roa (raw, json)
Hash identifier: 2on8OLifB+iq1QKptDD6nENapfvENNL7Zo1wU2dXCpU=
Subject key identifier: 05:A5:96:F6:6A:A8:B7:3C:84:A0:91:D5:5D:60:F9:41:69:D5:9E:85
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01877584789E6E68CFD6FFAC86DF96A030E9
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/BaWW9mqotzyEoJHVXWD5QWnVnoU.roa
Signing time: Wed 12 Apr 2023 12:50:28 +0000
ROA not before: Wed 12 Apr 2023 12:50:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 193.46.210.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.124.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.134.0/24 maxlen: 24
5.105.143.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.165.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.170.0/24 maxlen: 24
5.105.172.0/24 maxlen: 24
5.105.69.0/24 maxlen: 24
5.105.68.0/24 maxlen: 24
5.105.82.0/24 maxlen: 24
5.105.94.0/24 maxlen: 24
5.105.104.0/24 maxlen: 24
5.105.102.0/24 maxlen: 24
5.105.112.0/24 maxlen: 24
5.105.118.0/24 maxlen: 24
5.105.115.0/24 maxlen: 24
5.105.114.0/24 maxlen: 24
5.105.113.0/24 maxlen: 24
5.105.228.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.248.0/24 maxlen: 24
5.105.186.0/24 maxlen: 24
5.105.185.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
5.105.199.0/24 maxlen: 24
5.105.198.0/24 maxlen: 24
5.105.197.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.206.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.216.0/24 maxlen: 24
5.105.215.0/24 maxlen: 24
5.105.218.0/24 maxlen: 24
5.105.17.0/24 maxlen: 24
5.105.31.0/24 maxlen: 24
5.105.30.0/24 maxlen: 24
5.105.4.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:84:78:9e:6e:68:cf:d6:ff:ac:86:df:96:a0:30:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Apr 12 12:50:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05a596f66aa8b73c84a091d55d60f94169d59e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:93:eb:58:8f:f2:14:f8:fd:2e:50:47:17:bd:
cf:74:6f:26:f2:df:78:8a:20:c2:65:28:8f:e5:fb:
44:51:8e:71:ab:81:74:14:ae:8e:2c:19:20:f8:cf:
f2:d2:30:ae:c8:2d:8f:66:d1:28:d5:3b:85:30:23:
dc:64:73:a0:c2:bf:91:5a:33:98:f5:02:33:da:9a:
45:6c:04:de:40:6e:e9:78:a3:9f:9a:c0:53:da:66:
32:e7:9f:01:e0:f4:da:2c:ac:93:99:cd:64:c4:cc:
62:d1:fc:fb:b1:f3:62:fd:0e:f0:61:33:0d:d1:e9:
1c:29:d0:cd:87:e6:bc:a7:ee:48:b0:de:de:cb:43:
3c:a3:9a:b8:51:ab:58:db:b4:b6:20:0e:61:87:77:
50:37:46:8f:07:22:84:8d:75:ce:72:4a:ac:8b:4f:
f8:8b:08:fe:96:15:22:05:69:06:e0:33:8c:b4:57:
21:46:50:a3:0a:86:b1:9b:0c:56:c5:1b:9e:e3:bb:
35:87:ee:0f:27:ca:c1:00:e9:33:fa:cd:96:15:73:
f3:c1:4f:3f:23:53:23:71:2a:6f:e3:bf:d9:3b:4f:
61:f8:18:84:7b:53:92:9b:b1:da:bb:ab:d7:54:25:
2b:be:29:ae:dc:fb:4a:61:da:9e:e9:68:de:16:8a:
54:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A5:96:F6:6A:A8:B7:3C:84:A0:91:D5:5D:60:F9:41:69:D5:9E:85
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/BaWW9mqotzyEoJHVXWD5QWnVnoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.4.0/24
5.105.17.0/24
5.105.30.0/23
5.105.68.0/23
5.105.82.0/24
5.105.94.0/24
5.105.102.0/24
5.105.104.0/24
5.105.112.0/22
5.105.118.0/24
5.105.124.0/24
5.105.127.0/24
5.105.134.0/24
5.105.138.0/23
5.105.142.0/23
5.105.157.0/24
5.105.162.0/24
5.105.165.0/24
5.105.170.0/24
5.105.172.0/24
5.105.185.0-5.105.187.255
5.105.197.0-5.105.199.255
5.105.202.0/23
5.105.206.0/23
5.105.215.0-5.105.216.255
5.105.218.0/24
5.105.228.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.248.0/23
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
94:38:f8:52:40:56:66:f5:a7:19:52:84:df:4d:6f:2b:c7:9c:
6d:73:87:84:7d:7c:61:7a:a8:db:b2:7e:b0:2c:de:13:22:e7:
19:c3:4a:3d:d9:45:55:10:a3:28:1b:d3:28:de:fe:76:5c:96:
49:3f:3e:94:8e:ff:dd:48:e8:e5:72:98:11:65:94:31:16:ed:
f4:cd:8e:76:a7:59:10:b0:d0:b7:f1:06:51:94:aa:f9:e1:67:
6d:1b:b7:24:52:c0:aa:33:4c:cb:38:08:0b:bd:60:0a:9a:65:
aa:d8:1e:a2:e4:0b:93:7d:9f:ac:8b:18:74:3d:81:18:7e:74:
32:a1:cf:2c:d8:75:71:50:be:24:4c:6f:5a:f7:d1:8a:2e:eb:
47:8d:b7:f4:87:9c:1c:10:12:e9:93:71:8d:bd:62:58:d6:98:
65:24:94:af:2c:b6:cc:69:10:ca:87:0f:9e:58:7c:a6:47:33:
92:e1:f6:b4:8f:ec:a6:fa:13:6e:bf:a7:cb:60:aa:b8:05:07:
40:f2:14:86:df:a9:a1:7b:80:54:ab:d1:38:59:52:61:aa:29:
70:b1:c7:11:69:ff:3e:40:4f:26:00:db:ab:d1:f9:f6:35:d1:
fc:05:3d:9a:e5:b8:6b:7d:ef:61:86:e4:ce:be:9b:0a:04:0b:
ab:a4:2e:82
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYd1hHiebmjP1v+sht+WoDDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNDEyMTI1MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE1OTZmNjZhYThiNzNjODRhMDkxZDU1ZDYwZjk0MTY5ZDU5ZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZPrWI/yFPj9LlBHF73PdG8m8t94
iiDCZSiP5ftEUY5xq4F0FK6OLBkg+M/y0jCuyC2PZtEo1TuFMCPcZHOgwr+RWjOY
9QIz2ppFbATeQG7peKOfmsBT2mYy558B4PTaLKyTmc1kxMxi0fz7sfNi/Q7wYTMN
0ekcKdDNh+a8p+5IsN7ey0M8o5q4UatY27S2IA5hh3dQN0aPByKEjXXOckqsi0/4
iwj+lhUiBWkG4DOMtFchRlCjCoaxmwxWxRue47s1h+4PJ8rBAOkz+s2WFXPzwU8/
I1MjcSpv47/ZO09h+BiEe1OSm7Hau6vXVCUrvimu3PtKYdqe6WjeFopUWwIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFAWllvZqqLc8hKCR1V1g+UFp1Z6FMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvQmFXVzltcW90enlFb0pIVlhXRDVRV25Wbm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBAAF
aQQDBAAFaREDBAEFaR4DBAEFaUQDBAAFaVIDBAAFaV4DBAAFaWYDBAAFaWgDBAIF
aXADBAAFaXYDBAAFaXwDBAAFaX8DBAAFaYYDBAEFaYoDBAEFaY4DBAAFaZ0DBAAF
aaIDBAAFaaUDBAAFaaoDBAAFaawwDAMEAAVpuQMEAgVpuDAMAwQABWnFAwQDBWnA
AwQBBWnKAwQBBWnOMAwDBAAFadcDBAAFadgDBAAFadoDBAAFaeQwDAMEAAVp7wME
AAVp8AMEAQVp9AMEAQVp+AMEAAW0sAMEAMEu0jANBgkqhkiG9w0BAQsFAAOCAQEA
lDj4UkBWZvWnGVKE301vK8ecbXOHhH18YXqo27J+sCzeEyLnGcNKPdlFVRCjKBvT
KN7+dlyWST8+lI7/3Ujo5XKYEWWUMRbt9M2OdqdZELDQt/EGUZSq+eFnbRu3JFLA
qjNMyzgIC71gCpplqtgeouQLk32frIsYdD2BGH50MqHPLNh1cVC+JExvWvfRii7r
R4239IecHBAS6ZNxjb1iWNaYZSSUryy2zGkQyocPnlh8pkczkuH2tI/spvoTbr+n
y2CquAUHQPIUht+poXuAVKvROFlSYaopcLHHEWn/PkBPJgDbq9H59jXR/AU9muW4
a33vYYbkzr6bCgQLq6Qugg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:59 2023 by rpki-client on console-ams.rpki-client.org