Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Kv1wDWEZo7BjW-q2jTecW23OlTY.roa
File: Kv1wDWEZo7BjW-q2jTecW23OlTY.roa (raw, json)
Hash identifier: J4uhj5pzKEGp+wG4i/g12aOAhAs8gBC8cMZXhtqTxYE=
Subject key identifier: 2A:FD:70:0D:61:19:A3:B0:63:5B:EA:B6:8D:37:9C:5B:6D:CE:95:36
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018842442FA93D98B2F33403A6F015363D6B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Kv1wDWEZo7BjW-q2jTecW23OlTY.roa
Signing time: Mon 22 May 2023 07:02:24 +0000
ROA not before: Mon 22 May 2023 07:02:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198883
IP address blocks: 5.105.168.0/24 maxlen: 24
5.105.65.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
5.105.230.0/24 maxlen: 24
5.105.24.0/24 maxlen: 24
5.105.19.0/24 maxlen: 24
5.105.25.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.50.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:44:2f:a9:3d:98:b2:f3:34:03:a6:f0:15:36:3d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: May 22 07:02:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2afd700d6119a3b0635beab68d379c5b6dce9536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4a:22:26:69:ea:06:5f:1c:71:fd:c9:af:51:
6c:dd:58:a8:6a:59:4e:04:f8:4d:8d:0b:21:41:4b:
bd:3e:b6:cf:24:01:8c:1f:cc:a2:eb:da:d1:f0:ee:
88:46:ec:75:b9:22:5f:4b:e2:0b:59:99:ec:c4:b5:
09:68:26:5c:e5:e5:01:36:49:40:1a:ee:a5:18:9b:
e3:49:6e:9f:cd:26:4e:e5:ab:03:f0:ce:72:f5:7a:
78:30:ca:05:3e:88:e7:9f:cc:67:21:79:8d:6a:e5:
1b:5c:06:00:c2:b1:e2:95:1a:f0:cd:06:a7:1c:b4:
ec:76:56:b3:e3:3a:35:e4:c3:89:b8:c7:9a:16:d1:
6a:73:b4:5f:f7:8a:05:ee:d0:fc:b5:6d:e5:17:ba:
e7:df:d7:06:7a:84:8e:07:f0:58:d1:81:38:6a:28:
e4:35:8a:6a:6d:84:af:6e:29:6a:2f:f0:7d:36:59:
02:6b:b1:31:3e:32:db:6c:29:93:62:96:f0:65:19:
3e:98:44:1d:ff:a8:65:fa:37:81:31:b8:95:75:1d:
ba:15:7d:fa:19:77:d6:2f:ef:bf:11:88:c3:4f:11:
8c:21:b7:b6:5c:d8:16:98:d0:cb:fd:a0:9b:38:fd:
ee:95:16:59:b9:97:47:f3:3b:70:74:ca:a5:26:68:
36:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FD:70:0D:61:19:A3:B0:63:5B:EA:B6:8D:37:9C:5B:6D:CE:95:36
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Kv1wDWEZo7BjW-q2jTecW23OlTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.19.0/24
5.105.24.0/23
5.105.33.0/24
5.105.40.0/24
5.105.43.0/24
5.105.50.0/24
5.105.57.0/24
5.105.65.0/24
5.105.81.0/24
5.105.96.0/24
5.105.168.0/24
5.105.184.0/24
5.105.230.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:24:b3:e7:09:59:82:0a:c0:05:89:b5:6b:8a:6e:37:08:4a:
dc:b6:cd:20:72:da:0d:71:76:e8:ac:cf:32:ef:5d:10:4f:53:
d2:19:cf:eb:91:c0:83:6a:5b:27:6e:5f:cd:26:5c:3c:d5:4a:
ee:38:c4:34:d4:c1:0a:2a:ad:7c:97:58:52:38:b9:c2:30:ce:
50:3e:7e:c3:ea:e9:7a:dd:79:94:29:35:7d:e9:64:33:ae:6e:
93:ba:68:50:a5:74:de:81:c1:bd:d3:f5:a3:01:47:78:ef:ec:
14:4f:54:ff:9b:51:98:f2:66:15:32:0d:07:86:93:bf:7c:95:
5d:79:d0:de:cd:52:b4:75:23:6a:99:5f:cb:87:7c:d7:77:08:
38:b4:d0:99:c0:94:9b:30:78:ce:ff:6d:2d:c3:f5:bf:b1:da:
4a:3a:c8:cf:0f:f5:f9:3c:1a:38:ad:94:96:af:c0:6a:ab:a6:
f9:b6:9c:1b:1a:5e:f2:a6:2d:df:25:33:13:4a:70:27:80:56:
55:a7:4b:05:32:4b:2f:a5:b6:ed:12:07:c2:73:f2:94:1b:50:
c9:b1:63:90:04:6f:8c:09:89:17:67:30:d7:9e:56:e4:e7:9a:
d7:37:cc:52:01:e2:75:4d:56:ef:b9:2c:70:1f:ee:40:57:d3:
2d:d3:cc:22
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYhCRC+pPZiy8zQDpvAVNj1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTIyMDcwMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZkNzAwZDYxMTlhM2IwNjM1YmVhYjY4ZDM3OWM1YjZkY2U5NTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0oiJmnqBl8ccf3Jr1Fs3VioallO
BPhNjQshQUu9PrbPJAGMH8yi69rR8O6IRux1uSJfS+ILWZnsxLUJaCZc5eUBNklA
Gu6lGJvjSW6fzSZO5asD8M5y9Xp4MMoFPojnn8xnIXmNauUbXAYAwrHilRrwzQan
HLTsdlaz4zo15MOJuMeaFtFqc7Rf94oF7tD8tW3lF7rn39cGeoSOB/BY0YE4aijk
NYpqbYSvbilqL/B9NlkCa7ExPjLbbCmTYpbwZRk+mEQd/6hl+jeBMbiVdR26FX36
GXfWL++/EYjDTxGMIbe2XNgWmNDL/aCbOP3ulRZZuZdH8ztwdMqlJmg2xwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFCr9cA1hGaOwY1vqto03nFttzpU2MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvS3Yxd0RXRVpvN0JqVy1xMmpUZWNXMjNPbFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABWkTAwQB
BWkYAwQABWkhAwQABWkoAwQABWkrAwQABWkyAwQABWk5AwQABWlBAwQABWlRAwQA
BWlgAwQABWmoAwQABWm4AwQABWnmMA0GCSqGSIb3DQEBCwUAA4IBAQAeJLPnCVmC
CsAFibVrim43CErcts0gctoNcXborM8y710QT1PSGc/rkcCDalsnbl/NJlw81Uru
OMQ01MEKKq18l1hSOLnCMM5QPn7D6ul63XmUKTV96WQzrm6TumhQpXTegcG90/Wj
AUd47+wUT1T/m1GY8mYVMg0HhpO/fJVdedDezVK0dSNqmV/Lh3zXdwg4tNCZwJSb
MHjO/20tw/W/sdpKOsjPD/X5PBo4rZSWr8Bqq6b5tpwbGl7ypi3fJTMTSnAngFZV
p0sFMksvpbbtEgfCc/KUG1DJsWOQBG+MCYkXZzDXnlbk55rXN8xSAeJ1TVbvuSxw
H+5AV9Mt08wi
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:17 2023 by rpki-client on console-fra.rpki-client.org