Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CDzdVKha3aofEJk-yYfMzHENQEE.roa
File: CDzdVKha3aofEJk-yYfMzHENQEE.roa (raw, json)
Hash identifier: eKlEOcGfWLYv9+fJQNxF8WjTe+xkThptuFlYDcDFWk4=
Subject key identifier: 08:3C:DD:54:A8:5A:DD:AA:1F:10:99:3E:C9:87:CC:CC:71:0D:40:41
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01856BE5A36FBB3FE449A3E8D19541C5DA83
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CDzdVKha3aofEJk-yYfMzHENQEE.roa
Signing time: Sun 01 Jan 2023 05:54:49 +0000
ROA not before: Sun 01 Jan 2023 05:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 5.105.250.0/24 maxlen: 24
5.105.251.0/24 maxlen: 24
5.105.255.0/24 maxlen: 24
5.105.254.0/24 maxlen: 24
5.105.160.0/24 maxlen: 24
5.105.191.0/24 maxlen: 24
5.105.190.0/24 maxlen: 24
5.105.192.0/24 maxlen: 24
5.105.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Mar 2023 07:45:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:a3:6f:bb:3f:e4:49:a3:e8:d1:95:41:c5:da:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 1 05:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=083cdd54a85addaa1f10993ec987cccc710d4041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ed:bb:7d:e9:4e:03:1a:bb:db:8b:2a:b2:6b:
1f:44:c1:bf:48:d0:fa:8f:8f:97:c6:9b:bb:06:5c:
33:a7:99:4b:57:88:a5:97:e6:bf:5b:1b:4e:41:e9:
d9:4a:a2:01:59:c7:95:c9:07:da:f2:e7:74:13:7a:
91:9e:9e:82:e1:01:c1:9e:da:3f:2c:d9:de:5b:f9:
7e:8a:5d:16:c9:b2:c4:c1:8e:0c:71:a4:33:4d:32:
ee:ff:60:18:ac:20:11:b5:25:e4:e2:d0:37:55:c0:
63:27:ec:08:7c:4e:5d:62:71:54:40:ca:d3:24:81:
f0:f7:ba:18:0a:58:5b:f2:7b:00:2f:4d:70:06:d9:
a2:9e:9a:78:74:31:66:af:cd:da:9f:f0:66:25:b1:
41:17:6f:d3:83:14:f1:aa:92:1e:b8:f4:c2:f4:94:
b6:b3:b5:47:5a:18:11:ef:b4:b1:90:8c:5e:3c:b6:
3a:04:6c:22:65:37:28:f9:d2:69:0d:40:25:a1:17:
6f:6c:72:90:7c:75:ba:a4:00:67:39:42:28:fb:21:
29:71:50:85:b5:f0:c1:d6:ef:41:e9:0b:cb:1a:a1:
6f:40:f1:8b:a9:41:d5:9c:31:02:ec:f6:21:1f:95:
a3:4e:88:9f:5a:5d:b7:c1:96:d4:69:44:ce:95:8f:
81:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:3C:DD:54:A8:5A:DD:AA:1F:10:99:3E:C9:87:CC:CC:71:0D:40:41
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CDzdVKha3aofEJk-yYfMzHENQEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.160.0/24
5.105.190.0-5.105.192.255
5.105.194.0/24
5.105.250.0/23
5.105.254.0/23
Signature Algorithm: sha256WithRSAEncryption
21:6c:66:80:f2:8b:cf:5e:a6:e6:ce:0b:20:7c:b7:1b:cc:e4:
7f:c6:9c:1b:4e:7a:e8:c8:e6:17:e9:28:74:8c:33:46:f1:e3:
fa:f2:e9:47:49:1e:54:fc:b9:f4:38:40:26:6a:4c:14:e8:5c:
ee:9a:c4:e0:48:ff:dd:48:cb:4f:3a:9a:94:15:4a:61:af:01:
f3:c5:00:6a:a5:75:d0:25:92:92:70:f8:87:58:fa:32:8d:99:
8f:14:ff:fd:2e:ac:c7:e5:13:f0:c1:61:67:86:58:49:77:4e:
80:32:ff:91:e2:98:24:19:0f:5d:47:b2:20:f3:51:b1:b9:11:
a9:dc:d0:9e:96:a7:d8:94:48:e4:2e:5f:14:1e:92:12:dc:94:
7f:08:6e:e0:81:c7:44:3d:e5:74:fe:73:52:fd:cc:70:3b:c5:
79:f2:39:27:4b:6b:bf:e2:a0:24:3d:49:f7:00:28:53:38:70:
18:29:89:fd:a4:08:4f:2d:e9:da:26:e3:fd:d3:03:30:ef:e8:
53:21:60:7d:4e:1a:80:74:8c:62:b9:66:b9:ab:b2:dd:2e:2f:
f4:e7:04:14:03:5f:47:65:fc:2b:b3:39:c3:bc:e6:e4:70:ff:
bf:bc:f0:b6:de:f3:4f:65:f5:97:bf:6e:b9:c3:bb:91:d6:3b:
3d:af:c9:e2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVr5aNvuz/kSaPo0ZVBxdqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTAxMDU1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODNjZGQ1NGE4NWFkZGFhMWYxMDk5M2VjOTg3Y2NjYzcxMGQ0MDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru27felOAxq724sqsmsfRMG/SND6
j4+Xxpu7Blwzp5lLV4ill+a/WxtOQenZSqIBWceVyQfa8ud0E3qRnp6C4QHBnto/
LNneW/l+il0WybLEwY4McaQzTTLu/2AYrCARtSXk4tA3VcBjJ+wIfE5dYnFUQMrT
JIHw97oYClhb8nsAL01wBtminpp4dDFmr83an/BmJbFBF2/TgxTxqpIeuPTC9JS2
s7VHWhgR77SxkIxePLY6BGwiZTco+dJpDUAloRdvbHKQfHW6pABnOUIo+yEpcVCF
tfDB1u9B6QvLGqFvQPGLqUHVnDEC7PYhH5WjToifWl23wZbUaUTOlY+BGQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAg83VSoWt2qHxCZPsmHzMxxDUBBMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvQ0R6ZFZLaGEzYW9mRUprLXlZZk16SEVOUUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABWmgMAwD
BAEFab4DBAAFacADBAAFacIDBAEFafoDBAEFaf4wDQYJKoZIhvcNAQELBQADggEB
ACFsZoDyi89epubOCyB8txvM5H/GnBtOeujI5hfpKHSMM0bx4/ry6UdJHlT8ufQ4
QCZqTBToXO6axOBI/91Iy086mpQVSmGvAfPFAGqlddAlkpJw+IdY+jKNmY8U//0u
rMflE/DBYWeGWEl3ToAy/5HimCQZD11HsiDzUbG5Eanc0J6Wp9iUSOQuXxQekhLc
lH8IbuCBx0Q95XT+c1L9zHA7xXnyOSdLa7/ioCQ9SfcAKFM4cBgpif2kCE8t6dom
4/3TAzDv6FMhYH1OGoB0jGK5Zrmrst0uL/TnBBQDX0dl/CuzOcO85uRw/7+88Lbe
809l9Ze/brnDu5HWOz2vyeI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:27 2024 by rpki-client on console-fra.rpki-client.org