Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/PY9hpHpBqxRjGD_zP4qnYz-mN48.roa
File: PY9hpHpBqxRjGD_zP4qnYz-mN48.roa (raw, json)
Hash identifier: qXGePSLxvrwuUP1sThfHu3U1AGI3SXkF7kJvfcmX14E=
Subject key identifier: 3D:8F:61:A4:7A:41:AB:14:63:18:3F:F3:3F:8A:A7:63:3F:A6:37:8F
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189C74ADA8C2EB2C1CA253B0A4EC6889A93
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/PY9hpHpBqxRjGD_zP4qnYz-mN48.roa
Signing time: Sat 05 Aug 2023 20:01:58 +0000
ROA not before: Sat 05 Aug 2023 20:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 5.105.16.0/24 maxlen: 24
5.105.20.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 13:45:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c7:4a:da:8c:2e:b2:c1:ca:25:3b:0a:4e:c6:88:9a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 5 20:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d8f61a47a41ab1463183ff33f8aa7633fa6378f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:da:b1:a6:ca:df:de:a1:2b:f0:95:02:03:55:
e3:5e:14:04:86:90:c0:c0:f0:11:c2:24:43:a6:c1:
5e:a3:dc:83:18:51:97:3d:11:5d:5f:d8:42:20:1f:
bf:41:03:2b:da:c1:50:1e:be:73:6f:42:00:3f:3f:
fc:f7:db:41:0e:bf:91:c3:fb:56:0f:bb:d1:ce:70:
36:e9:e1:8b:51:a2:81:64:a1:a0:5b:f4:e1:59:d5:
d7:b8:27:2c:d0:47:ec:74:7e:6f:d7:a7:d5:dd:ea:
44:2a:a1:12:1b:5b:00:8c:45:8f:7c:9d:e5:39:5b:
19:10:e7:a5:b6:12:d6:00:3c:6f:43:31:50:0a:59:
20:ff:e6:98:5a:b6:63:4d:40:f1:c0:24:74:df:f4:
53:73:ea:e5:08:62:76:e0:69:18:b3:77:f8:05:d6:
7a:c0:44:d6:c2:d6:2e:1a:0e:0f:81:a7:28:b8:c2:
23:13:55:36:84:9b:5c:c3:5c:41:3c:3a:af:f9:e3:
ed:63:76:49:1e:c6:4a:41:66:fc:58:2e:f5:53:ec:
2f:b4:f9:a1:63:9f:ca:31:e0:89:16:02:e1:8f:e3:
24:28:87:ff:d3:6b:97:59:cc:6e:76:a1:dc:5e:44:
a9:cf:69:ca:cd:42:7a:03:93:58:34:ad:df:d9:d7:
9c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8F:61:A4:7A:41:AB:14:63:18:3F:F3:3F:8A:A7:63:3F:A6:37:8F
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/PY9hpHpBqxRjGD_zP4qnYz-mN48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.16.0/24
5.105.20.0/24
5.105.139.0/24
Signature Algorithm: sha256WithRSAEncryption
02:9c:fd:2a:83:4d:bc:8c:00:aa:48:89:73:36:72:ec:f7:7e:
0f:49:1c:96:36:5f:f1:db:4f:c9:9c:99:da:49:fb:f1:f6:f2:
95:39:8a:00:41:d4:92:11:69:33:05:98:de:b5:a4:4e:96:35:
da:b6:43:ce:df:88:28:09:bf:4e:a0:9a:60:83:89:fc:f4:54:
ce:ed:dc:f3:ac:c2:a2:22:3c:fd:6d:d2:66:4b:48:f9:00:07:
6b:18:e9:c9:be:4c:9b:ce:98:38:4b:0e:1f:0e:ea:7c:72:fe:
4f:7c:5a:91:9d:ec:7a:ff:fb:59:5d:4f:98:92:80:e8:05:08:
3a:3d:be:ac:2d:7b:20:ac:65:9b:22:2c:d7:8d:c2:46:1e:19:
c0:35:e4:0c:33:80:11:06:89:87:b1:08:9b:a3:29:f7:fd:56:
67:2e:8b:4f:93:ec:6b:95:10:09:a0:a1:c6:34:05:33:01:25:
4d:77:fa:50:37:44:0f:a9:64:6b:84:98:41:8d:6f:65:47:b2:
bd:a7:c1:ae:b7:fa:2b:c9:b9:9d:e9:99:8e:7f:76:1d:81:ca:
56:98:52:c9:9b:af:db:ce:56:14:0a:b6:8c:8d:07:b2:da:23:
c4:ea:53:96:cd:0b:34:01:99:31:d6:d4:3a:4e:27:97:15:c1:
4a:0d:b0:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnHStqMLrLByiU7Ck7GiJqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODA1MjAwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhmNjFhNDdhNDFhYjE0NjMxODNmZjMzZjhhYTc2MzNmYTYzNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdqxpsrf3qEr8JUCA1XjXhQEhpDA
wPARwiRDpsFeo9yDGFGXPRFdX9hCIB+/QQMr2sFQHr5zb0IAPz/899tBDr+Rw/tW
D7vRznA26eGLUaKBZKGgW/ThWdXXuCcs0EfsdH5v16fV3epEKqESG1sAjEWPfJ3l
OVsZEOelthLWADxvQzFQClkg/+aYWrZjTUDxwCR03/RTc+rlCGJ24GkYs3f4BdZ6
wETWwtYuGg4PgacouMIjE1U2hJtcw1xBPDqv+ePtY3ZJHsZKQWb8WC71U+wvtPmh
Y5/KMeCJFgLhj+MkKIf/02uXWcxudqHcXkSpz2nKzUJ6A5NYNK3f2dechwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD2PYaR6QasUYxg/8z+Kp2M/pjePMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvUFk5aHBIcEJxeFJqR0RfelA0cW5Zei1tTjQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkQAwQA
BWkUAwQABWmLMA0GCSqGSIb3DQEBCwUAA4IBAQACnP0qg028jACqSIlzNnLs934P
SRyWNl/x20/JnJnaSfvx9vKVOYoAQdSSEWkzBZjetaROljXatkPO34goCb9OoJpg
g4n89FTO7dzzrMKiIjz9bdJmS0j5AAdrGOnJvkybzpg4Sw4fDup8cv5PfFqRnex6
//tZXU+YkoDoBQg6Pb6sLXsgrGWbIizXjcJGHhnANeQMM4ARBomHsQiboyn3/VZn
LotPk+xrlRAJoKHGNAUzASVNd/pQN0QPqWRrhJhBjW9lR7K9p8Gut/orybmd6ZmO
f3YdgcpWmFLJm6/bzlYUCraMjQey2iPE6lOWzQs0AZkx1tQ6TieXFcFKDbBk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:27 2024 by rpki-client on console-fra.rpki-client.org