Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JTJsembZkP_nZt7l-8DAk9SW25I.roa
File: JTJsembZkP_nZt7l-8DAk9SW25I.roa (raw, json)
Hash identifier: Zg84yAl67TpVuwi7Kw+EA0uLDtTXOPv0lR4w6T/OEYQ=
Subject key identifier: 25:32:6C:7A:66:D9:90:FF:E7:66:DE:E5:FB:C0:C0:93:D4:96:DB:92
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0185C05033B16CFF46FD3B39C2F79A0E0BD9
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JTJsembZkP_nZt7l-8DAk9SW25I.roa
Signing time: Tue 17 Jan 2023 15:19:19 +0000
ROA not before: Tue 17 Jan 2023 15:19:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46573
IP address blocks: 5.105.15.0/24 maxlen: 24
5.105.28.0/24 maxlen: 24
5.105.42.0/24 maxlen: 24
5.105.77.0/24 maxlen: 24
5.105.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Feb 2023 09:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c0:50:33:b1:6c:ff:46:fd:3b:39:c2:f7:9a:0e:0b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 17 15:19:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25326c7a66d990ffe766dee5fbc0c093d496db92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1d:0b:b0:35:c5:86:ca:19:1f:0f:3b:42:a2:
b9:1a:13:14:1b:ec:50:f8:ab:52:91:a0:0e:c5:a5:
19:27:90:09:d6:a0:f1:8c:06:f7:69:c3:65:ec:c7:
67:1b:ea:fa:71:00:15:25:d4:4d:dd:81:a4:d8:01:
0b:8f:b8:f6:ab:61:89:09:5a:05:ec:45:9c:8f:02:
23:8b:15:d7:cc:f8:e5:f2:eb:1c:6f:ae:c9:99:d8:
d6:e9:ad:fc:59:0c:c7:2d:81:4c:0a:21:2c:c7:2e:
8a:11:d8:05:71:13:a8:c4:ed:b7:4d:23:3e:8d:54:
1c:ea:38:ec:24:b9:d5:fc:85:56:c3:91:40:c0:e9:
30:50:4c:75:c8:5f:01:0a:43:37:3f:26:3b:02:2d:
2f:64:5d:14:73:ed:c9:80:6a:cc:5a:a6:1f:c9:43:
75:c5:26:9d:cd:27:b9:c1:c7:40:24:82:c7:c4:5c:
ce:15:c0:ef:4d:54:a4:99:4f:ea:ad:5a:b9:a3:17:
ac:fc:94:9b:ca:d0:2e:67:1e:44:d8:b9:47:c6:c0:
8f:52:2d:9f:14:c7:74:ae:ff:49:4b:b0:ee:2c:a4:
44:ba:5d:29:90:60:6c:6e:3a:de:f5:0f:47:ac:24:
ad:91:74:4a:75:46:ab:80:3f:6d:68:aa:11:60:37:
75:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:32:6C:7A:66:D9:90:FF:E7:66:DE:E5:FB:C0:C0:93:D4:96:DB:92
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JTJsembZkP_nZt7l-8DAk9SW25I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.15.0/24
5.105.28.0/24
5.105.42.0/24
5.105.77.0/24
5.105.218.0/24
Signature Algorithm: sha256WithRSAEncryption
38:66:17:29:a0:27:f0:4f:d7:9e:7b:dc:9e:52:68:7a:6c:14:
c0:44:f3:48:d9:8a:7d:e7:a9:d0:ae:24:4c:64:a2:d0:f7:32:
c0:d9:6a:af:eb:dd:41:2c:53:4e:fc:ac:8e:d4:29:46:c2:9a:
82:ae:1b:59:bf:9a:f5:77:ce:db:ed:bd:a0:f9:ee:b7:ed:d6:
3e:bf:a3:dd:15:ce:5d:a4:11:6a:e3:b1:42:35:20:d9:a8:69:
2a:e7:1d:98:b6:c6:6e:d4:8b:2c:a2:0a:12:80:10:70:39:87:
08:95:b8:b4:95:1d:56:f1:6d:ca:17:9b:26:a0:aa:9f:f2:d8:
2e:2c:50:82:6d:98:57:64:b3:14:bb:6c:de:dc:43:a4:c7:01:
d9:87:40:97:a5:63:0f:65:d1:ba:e1:d2:64:dc:47:8d:18:2a:
74:b2:43:0b:2d:80:f7:49:0d:3f:c6:05:0a:c8:de:aa:cb:34:
f3:f7:11:ea:80:7f:7e:f9:4b:b4:6a:96:aa:5e:86:6c:49:d7:
fe:d4:83:f7:a1:b1:29:ab:fe:3b:f8:3f:38:12:89:12:8e:89:
66:72:6a:4b:3e:ae:7c:cc:9e:9c:36:76:b4:58:16:65:6d:47:
e5:87:5a:58:0c:3b:63:23:a6:b1:72:7a:b2:a6:8a:d8:2a:97:
54:ed:b2:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYXAUDOxbP9G/Ts5wveaDgvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTE3MTUxOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTMyNmM3YTY2ZDk5MGZmZTc2NmRlZTVmYmMwYzA5M2Q0OTZkYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh0LsDXFhsoZHw87QqK5GhMUG+xQ
+KtSkaAOxaUZJ5AJ1qDxjAb3acNl7MdnG+r6cQAVJdRN3YGk2AELj7j2q2GJCVoF
7EWcjwIjixXXzPjl8uscb67JmdjW6a38WQzHLYFMCiEsxy6KEdgFcROoxO23TSM+
jVQc6jjsJLnV/IVWw5FAwOkwUEx1yF8BCkM3PyY7Ai0vZF0Uc+3JgGrMWqYfyUN1
xSadzSe5wcdAJILHxFzOFcDvTVSkmU/qrVq5oxes/JSbytAuZx5E2LlHxsCPUi2f
FMd0rv9JS7DuLKREul0pkGBsbjre9Q9HrCStkXRKdUargD9taKoRYDd15QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCUybHpm2ZD/52be5fvAwJPUltuSMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSlRKc2VtYlprUF9uWnQ3bC04REFrOVNXMjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABWkPAwQA
BWkcAwQABWkqAwQABWlNAwQABWnaMA0GCSqGSIb3DQEBCwUAA4IBAQA4ZhcpoCfw
T9eee9yeUmh6bBTARPNI2Yp956nQriRMZKLQ9zLA2Wqv691BLFNO/KyO1ClGwpqC
rhtZv5r1d87b7b2g+e637dY+v6PdFc5dpBFq47FCNSDZqGkq5x2YtsZu1IssogoS
gBBwOYcIlbi0lR1W8W3KF5smoKqf8tguLFCCbZhXZLMUu2ze3EOkxwHZh0CXpWMP
ZdG64dJk3EeNGCp0skMLLYD3SQ0/xgUKyN6qyzTz9xHqgH9++Uu0apaqXoZsSdf+
1IP3obEpq/47+D84EokSjolmcmpLPq58zJ6cNna0WBZlbUflh1pYDDtjI6axcnqy
porYKpdU7bIf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:27 2024 by rpki-client on console-fra.rpki-client.org