Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/P-C7HVbRPpp1xPNhz3_FFRJBXQg.roa
File: P-C7HVbRPpp1xPNhz3_FFRJBXQg.roa (raw, json)
Hash identifier: 5X1cTYnpqL5wYgsgkvVJUaX2S29Pj9mY6TG2gACsswI=
Subject key identifier: 3F:E0:BB:1D:56:D1:3E:9A:75:C4:F3:61:CF:7F:C5:15:12:41:5D:08
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A65CD9C51B212BF756AB2802450D3691F
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/P-C7HVbRPpp1xPNhz3_FFRJBXQg.roa
Signing time: Tue 05 Sep 2023 14:44:48 +0000
ROA not before: Tue 05 Sep 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 5.105.35.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.165.0/24 maxlen: 24
5.105.101.0/24 maxlen: 24
5.105.111.0/24 maxlen: 24
5.105.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:cd:9c:51:b2:12:bf:75:6a:b2:80:24:50:d3:69:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 5 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fe0bb1d56d13e9a75c4f361cf7fc51512415d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:35:74:17:eb:df:6f:a9:fd:58:56:76:1c:c0:
3d:67:20:19:ab:33:6e:01:45:cb:cc:59:2e:28:f3:
cd:ce:9e:b1:98:f7:c4:81:76:3d:0c:ff:a3:b3:e7:
c1:b1:40:09:b1:54:14:48:b3:72:a5:68:ca:d1:85:
f4:87:03:d2:20:d2:bc:3f:fc:07:22:64:35:d4:f9:
60:78:e2:1b:fc:72:d8:79:c2:f2:81:57:59:a9:e9:
f8:c1:77:9b:c8:4d:d6:43:ca:45:2d:e7:55:ec:d8:
10:92:c6:39:de:06:02:11:a7:d9:8e:ad:2f:8a:fb:
d7:50:9f:30:9a:e7:b9:be:5f:31:eb:8e:29:79:6a:
88:08:89:01:51:22:06:8f:12:67:8d:f0:fd:dc:f2:
15:dd:95:74:0f:d6:65:7d:df:a5:84:d4:20:5a:4f:
8e:3d:69:2b:74:d2:c5:f6:46:9a:79:cb:ac:3a:5b:
8c:7e:98:09:e2:bb:6c:b6:5a:20:b0:e2:41:c0:70:
29:bc:3a:76:24:1f:3a:fa:6f:dd:3b:d6:c3:2f:46:
b4:fd:ea:99:68:15:b2:c6:41:4c:ab:cb:8a:61:71:
47:27:45:71:31:15:8a:77:c3:87:2e:b6:3c:02:bc:
65:cf:bc:47:59:c1:7a:52:5b:37:47:50:19:d2:08:
08:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E0:BB:1D:56:D1:3E:9A:75:C4:F3:61:CF:7F:C5:15:12:41:5D:08
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/P-C7HVbRPpp1xPNhz3_FFRJBXQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.35.0/24
5.105.43.0/24
5.105.101.0/24
5.105.111.0/24
5.105.165.0/24
5.105.220.0/24
Signature Algorithm: sha256WithRSAEncryption
36:0a:ab:f7:5a:3a:63:17:12:c2:f3:34:42:fe:e7:60:33:3b:
ad:56:3d:40:77:19:f5:2b:50:69:67:f3:c0:36:e4:cc:13:8c:
5d:f0:04:9b:43:87:9b:f1:86:30:95:7d:2e:a9:11:64:ca:5e:
26:fd:29:60:9c:91:41:e2:dc:38:d6:2e:3f:b7:c7:6d:6f:62:
e8:b1:da:70:83:42:5a:13:be:d3:f8:dd:13:a1:3d:f7:89:41:
38:d8:c6:8c:8f:b6:74:b7:e8:04:09:63:91:24:de:37:4d:ca:
30:72:39:34:1e:c7:fe:f1:12:93:05:1c:04:8a:23:fe:1f:ae:
e0:45:89:e2:1a:f8:3e:5b:b9:82:88:82:8c:f1:8e:9a:1d:95:
2b:13:7c:77:ae:f1:0d:d6:33:5f:28:2a:9f:c0:03:01:a9:6a:
90:06:2a:e3:95:ad:a4:09:e8:94:7b:dc:6e:c4:fb:83:02:02:
c6:24:bb:23:8e:aa:66:b3:ff:9e:3d:62:74:16:bb:33:37:91:
b8:b4:e3:96:e7:f0:12:61:9c:03:1e:b7:9a:46:87:18:19:42:
26:e6:cd:08:28:fc:e5:b2:12:5e:cd:5a:61:05:e6:06:91:c8:
19:ee:c2:d4:fc:8c:ec:1d:cf:c7:81:2e:4a:00:3c:c6:aa:d2:
df:2b:3c:49
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYplzZxRshK/dWqygCRQ02kfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwOTA1MTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmUwYmIxZDU2ZDEzZTlhNzVjNGYzNjFjZjdmYzUxNTEyNDE1ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzV0F+vfb6n9WFZ2HMA9ZyAZqzNu
AUXLzFkuKPPNzp6xmPfEgXY9DP+js+fBsUAJsVQUSLNypWjK0YX0hwPSINK8P/wH
ImQ11PlgeOIb/HLYecLygVdZqen4wXebyE3WQ8pFLedV7NgQksY53gYCEafZjq0v
ivvXUJ8wmue5vl8x644peWqICIkBUSIGjxJnjfD93PIV3ZV0D9Zlfd+lhNQgWk+O
PWkrdNLF9kaaecusOluMfpgJ4rtstlogsOJBwHApvDp2JB86+m/dO9bDL0a0/eqZ
aBWyxkFMq8uKYXFHJ0VxMRWKd8OHLrY8Arxlz7xHWcF6Uls3R1AZ0ggICwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD/gux1W0T6adcTzYc9/xRUSQV0IMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvUC1DN0hWYlJQcHAxeFBOaHozX0ZGUkpCWFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABWkjAwQA
BWkrAwQABWllAwQABWlvAwQABWmlAwQABWncMA0GCSqGSIb3DQEBCwUAA4IBAQA2
Cqv3WjpjFxLC8zRC/udgMzutVj1Adxn1K1BpZ/PANuTME4xd8ASbQ4eb8YYwlX0u
qRFkyl4m/SlgnJFB4tw41i4/t8dtb2Losdpwg0JaE77T+N0ToT33iUE42MaMj7Z0
t+gECWORJN43Tcowcjk0Hsf+8RKTBRwEiiP+H67gRYniGvg+W7mCiIKM8Y6aHZUr
E3x3rvEN1jNfKCqfwAMBqWqQBirjla2kCeiUe9xuxPuDAgLGJLsjjqpms/+ePWJ0
FrszN5G4tOOW5/ASYZwDHreaRocYGUIm5s0IKPzlshJezVphBeYGkcgZ7sLU/Izs
Hc/HgS5KADzGqtLfKzxJ
-----END CERTIFICATE-----
Generated at Wed Oct 4 18:24:17 2023 by rpki-client on console-ams.rpki-client.org