Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/NEEfA8XzUdxDWcYJFeh-h8cr8Is.roa
File: NEEfA8XzUdxDWcYJFeh-h8cr8Is.roa (raw, json)
Hash identifier: WLF7b8N/cFX8HftxXw79PNSo7MetcMZUfLL2vrjL/RA=
Subject key identifier: 34:41:1F:03:C5:F3:51:DC:43:59:C6:09:15:E8:7E:87:C7:2B:F0:8B
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01860D9C9B9420B8CEADC9F629FF4EABBE9A
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/NEEfA8XzUdxDWcYJFeh-h8cr8Is.roa
Signing time: Wed 01 Feb 2023 15:33:32 +0000
ROA not before: Wed 01 Feb 2023 15:33:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 5.105.30.0/24 maxlen: 24
5.105.31.0/24 maxlen: 24
5.105.136.0/24 maxlen: 24
5.105.38.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.247.0/24 maxlen: 24
5.105.39.0/24 maxlen: 24
5.105.63.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.215.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:9c:9b:94:20:b8:ce:ad:c9:f6:29:ff:4e:ab:be:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 1 15:33:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34411f03c5f351dc4359c60915e87e87c72bf08b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ec:53:d7:4d:d0:2a:89:25:e3:6b:e3:af:6e:
9d:b3:e9:da:2d:78:d7:b3:3c:0d:d8:77:11:6f:67:
5e:a2:c9:1f:e8:5d:82:79:53:8c:62:0c:55:b6:f2:
b3:ec:95:41:1c:19:b1:94:1a:92:84:28:bb:61:44:
91:70:8c:83:02:1c:8c:c8:fb:25:2c:d4:97:7a:97:
e8:77:27:07:bb:72:64:f7:46:fd:ec:0e:59:b7:e2:
c9:6e:e4:75:63:1b:21:00:99:26:16:d9:bb:99:4a:
c3:f9:e7:96:72:2a:da:14:b5:28:06:a7:11:f1:d5:
22:e8:36:74:28:ef:d0:cb:c5:79:c9:79:2d:b8:68:
99:9a:e8:8a:a6:b5:26:2c:a7:39:35:17:2f:c4:d9:
29:78:46:d7:29:04:4f:58:31:8c:f9:9f:8c:22:35:
68:22:79:85:1e:5c:5d:b5:e8:b8:0d:33:6d:5b:b9:
8f:80:b3:9c:b3:18:55:92:31:1c:e0:3f:33:57:b1:
03:1d:4f:a7:27:a1:b9:3f:45:a3:01:35:d8:7a:6a:
6d:43:1b:29:8a:80:c2:a7:9d:b8:fb:3d:a8:b7:42:
07:37:05:e7:6a:ff:2f:26:99:8d:88:3d:ab:d6:cd:
cf:ec:b1:e4:35:ff:96:9b:42:5f:66:7d:7e:a5:9b:
ba:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:41:1F:03:C5:F3:51:DC:43:59:C6:09:15:E8:7E:87:C7:2B:F0:8B
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/NEEfA8XzUdxDWcYJFeh-h8cr8Is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.30.0-5.105.32.255
5.105.38.0/23
5.105.63.0/24
5.105.96.0/24
5.105.136.0/24
5.105.184.0/24
5.105.200.0/24
5.105.215.0/24
5.105.247.0/24
Signature Algorithm: sha256WithRSAEncryption
15:1e:c0:5f:1a:d2:d4:12:3b:a9:1a:d2:62:fa:70:04:02:dd:
0b:74:2b:e9:e0:c7:a3:01:ba:37:fd:5e:c4:60:de:06:81:7a:
91:2d:94:e8:ad:d6:9e:8d:94:ae:c6:1d:03:4d:71:6c:9b:b5:
84:c6:4d:cb:f2:d7:86:19:bf:ef:4a:bd:33:83:52:11:d8:b1:
62:fd:a5:6f:0a:1b:b7:55:36:3c:74:54:87:4d:e2:a0:bd:32:
94:c9:0c:8e:56:1d:f2:0d:13:62:71:47:74:53:6d:1c:26:8a:
8d:7a:ea:a4:ee:66:25:ca:5c:5e:c5:5e:62:b1:b2:39:b7:71:
c8:12:2c:9d:60:b3:0f:5a:01:b3:42:03:a8:fb:06:91:f8:d7:
0d:c3:b9:26:57:53:07:a1:73:30:3a:a7:4b:0c:9d:cd:a0:e2:
43:00:a9:79:ed:c1:6e:77:b9:e5:c5:f6:e9:69:f8:aa:bc:0c:
aa:12:51:48:6a:98:49:ce:d9:6e:13:f3:86:6d:fd:e2:12:9b:
90:2e:a8:06:f5:90:a9:00:01:33:72:f9:87:a7:83:28:13:de:
27:5a:59:45:b9:c6:57:f4:0d:94:26:98:ee:9f:98:0e:53:9d:
87:36:bb:e9:00:50:2f:c8:07:aa:9c:28:c0:b6:54:f0:6a:ea:
0f:79:97:d3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYYNnJuUILjOrcn2Kf9Oq76aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjAxMTUzMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDQxMWYwM2M1ZjM1MWRjNDM1OWM2MDkxNWU4N2U4N2M3MmJmMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOxT103QKokl42vjr26ds+naLXjX
szwN2HcRb2deoskf6F2CeVOMYgxVtvKz7JVBHBmxlBqShCi7YUSRcIyDAhyMyPsl
LNSXepfodycHu3Jk90b97A5Zt+LJbuR1YxshAJkmFtm7mUrD+eeWciraFLUoBqcR
8dUi6DZ0KO/Qy8V5yXktuGiZmuiKprUmLKc5NRcvxNkpeEbXKQRPWDGM+Z+MIjVo
InmFHlxdtei4DTNtW7mPgLOcsxhVkjEc4D8zV7EDHU+nJ6G5P0WjATXYemptQxsp
ioDCp524+z2ot0IHNwXnav8vJpmNiD2r1s3P7LHkNf+Wm0JfZn1+pZu6IwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDRBHwPF81HcQ1nGCRXofofHK/CLMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvTkVFZkE4WHpVZHhEV2NZSkZlaC1oOGNyOElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAEFaR4D
BAAFaSADBAEFaSYDBAAFaT8DBAAFaWADBAAFaYgDBAAFabgDBAAFacgDBAAFadcD
BAAFafcwDQYJKoZIhvcNAQELBQADggEBABUewF8a0tQSO6ka0mL6cAQC3Qt0K+ng
x6MBujf9XsRg3gaBepEtlOit1p6NlK7GHQNNcWybtYTGTcvy14YZv+9KvTODUhHY
sWL9pW8KG7dVNjx0VIdN4qC9MpTJDI5WHfINE2JxR3RTbRwmio166qTuZiXKXF7F
XmKxsjm3ccgSLJ1gsw9aAbNCA6j7BpH41w3DuSZXUwehczA6p0sMnc2g4kMAqXnt
wW53ueXF9ulp+Kq8DKoSUUhqmEnO2W4T84Zt/eISm5AuqAb1kKkAATNy+YengygT
3idaWUW5xlf0DZQmmO6fmA5TnYc2u+kAUC/IB6qcKMC2VPBq6g95l9M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:17 2023 by rpki-client on console-fra.rpki-client.org