Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Qjggv76uMUu2YaOOpRmXBfHULkY.roa
File: Qjggv76uMUu2YaOOpRmXBfHULkY.roa (raw, json)
Hash identifier: 5q19wyG1s0WMUgEa8XiyUmOewWckeWZwDwWPbvlnhF0=
Subject key identifier: 42:38:20:BF:BE:AE:31:4B:B6:61:A3:8E:A5:19:97:05:F1:D4:2E:46
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0186516BA05887FF5B992F888BF7E264E9B7
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Qjggv76uMUu2YaOOpRmXBfHULkY.roa
Signing time: Tue 14 Feb 2023 19:34:13 +0000
ROA not before: Tue 14 Feb 2023 19:34:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 5.105.122.0/23 maxlen: 23
5.105.130.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.143.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.165.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.172.0/24 maxlen: 24
5.105.69.0/24 maxlen: 24
5.105.68.0/24 maxlen: 24
5.105.82.0/24 maxlen: 24
5.105.79.0/24 maxlen: 24
5.105.95.0/24 maxlen: 24
5.105.103.0/24 maxlen: 24
5.105.112.0/24 maxlen: 24
5.105.108.0/24 maxlen: 24
5.105.106.0/24 maxlen: 24
5.105.115.0/24 maxlen: 24
5.105.114.0/24 maxlen: 24
5.105.113.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.238.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.241.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.252.0/24 maxlen: 24
5.105.248.0/24 maxlen: 24
5.105.186.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
193.46.210.0/24 maxlen: 24
5.105.195.0/24 maxlen: 24
5.105.199.0/24 maxlen: 24
5.105.198.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.206.0/24 maxlen: 24
5.105.204.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.12.0/24 maxlen: 24
5.105.38.0/24 maxlen: 24
5.105.39.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:51:6b:a0:58:87:ff:5b:99:2f:88:8b:f7:e2:64:e9:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 14 19:34:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=423820bfbeae314bb661a38ea5199705f1d42e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:98:7c:d4:60:38:44:67:24:e9:94:fa:1b:30:
56:ef:2b:65:6a:63:97:d2:1d:e2:7b:1b:8f:85:76:
b4:ea:d8:e2:e7:65:5b:dd:c0:62:44:bd:0a:69:d5:
e2:fb:fc:39:8f:4d:06:a3:e3:4a:79:a1:32:a5:d0:
bd:a4:d3:14:09:7e:63:de:83:34:76:b1:73:72:b9:
90:99:86:b2:d4:c3:60:e5:46:11:82:49:35:8d:c2:
8a:8a:4b:af:f0:27:5b:3b:51:76:c7:b9:4b:45:80:
ef:63:0c:e5:60:0a:fc:3c:08:59:2f:30:e4:0e:c7:
7f:11:1c:a6:b5:89:27:b3:14:9d:45:97:2b:d7:23:
ae:77:49:16:bf:50:3a:ed:10:ef:3d:6e:62:de:3e:
6c:0f:bc:12:61:89:f7:5e:af:27:d9:83:e3:80:ce:
cc:5e:99:34:08:4c:f6:21:28:06:1b:48:d0:81:7d:
2f:a2:e0:14:92:9d:16:ac:af:21:89:02:93:7b:1f:
6a:d1:16:9c:cd:36:63:c9:b3:95:f0:ca:d0:b2:e3:
0d:9b:75:ea:01:4d:0b:51:bf:3d:0b:e9:bc:57:45:
fe:00:7a:e6:1d:73:77:79:91:59:97:c0:d1:c0:f5:
6f:71:3a:ef:3a:8a:ff:ba:30:40:40:65:61:fd:e3:
08:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:38:20:BF:BE:AE:31:4B:B6:61:A3:8E:A5:19:97:05:F1:D4:2E:46
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Qjggv76uMUu2YaOOpRmXBfHULkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.12.0/24
5.105.38.0/23
5.105.68.0/23
5.105.79.0/24
5.105.82.0/24
5.105.95.0/24
5.105.103.0/24
5.105.106.0/24
5.105.108.0/24
5.105.112.0/22
5.105.122.0/23
5.105.130.0/24
5.105.138.0/23
5.105.142.0/23
5.105.162.0/24
5.105.165.0/24
5.105.172.0/24
5.105.186.0/23
5.105.195.0/24
5.105.198.0/23
5.105.202.0-5.105.204.255
5.105.206.0/23
5.105.238.0-5.105.241.255
5.105.244.0/23
5.105.248.0/23
5.105.252.0/24
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:84:28:f8:45:73:a2:d3:95:cb:59:63:38:5d:7b:be:5f:bd:
40:de:b8:fc:f5:0a:00:37:54:02:ae:db:31:cd:23:1a:f9:a8:
8a:b8:88:a3:ad:97:ae:5f:6a:c2:f9:07:66:ef:90:d1:21:cd:
91:dc:a8:5b:d5:a8:25:14:a4:38:2b:bf:2a:7e:44:05:6b:3b:
4e:da:fb:db:f3:90:35:6c:14:b1:c8:a5:ef:13:92:89:13:9a:
eb:d8:59:d0:66:b7:99:53:0b:6e:41:2f:b1:e3:5a:df:22:13:
fe:7b:6e:20:51:71:22:2a:30:20:85:b3:de:7c:6e:79:fe:ec:
80:42:f9:31:d5:b2:23:94:f6:0b:45:b5:4e:45:da:81:a1:6a:
af:9d:91:39:59:a1:37:fa:7a:e0:d6:71:a5:32:5c:0a:9c:7f:
13:1d:02:8e:fb:7e:6b:26:d6:f9:0e:91:c4:d1:df:f6:a8:47:
63:f2:98:59:a5:1a:3a:24:3b:9d:39:03:97:c2:1a:63:7e:95:
9d:02:aa:f3:df:c8:a4:b8:7a:5a:4b:72:d4:fe:2a:a9:b1:d0:
a8:c1:0d:63:73:cb:df:d7:15:18:2a:dd:ae:55:cb:ec:cd:b5:
4e:58:94:95:0e:94:39:f6:2e:92:ab:7a:62:66:81:b9:17:ca:
c9:2d:31:7f
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYZRa6BYh/9bmS+Ii/fiZOm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjE0MTkzNDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjM4MjBiZmJlYWUzMTRiYjY2MWEzOGVhNTE5OTcwNWYxZDQyZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ph81GA4RGck6ZT6GzBW7ytlamOX
0h3iexuPhXa06tji52Vb3cBiRL0KadXi+/w5j00Go+NKeaEypdC9pNMUCX5j3oM0
drFzcrmQmYay1MNg5UYRgkk1jcKKikuv8CdbO1F2x7lLRYDvYwzlYAr8PAhZLzDk
Dsd/ERymtYknsxSdRZcr1yOud0kWv1A67RDvPW5i3j5sD7wSYYn3Xq8n2YPjgM7M
Xpk0CEz2ISgGG0jQgX0vouAUkp0WrK8hiQKTex9q0RaczTZjybOV8MrQsuMNm3Xq
AU0LUb89C+m8V0X+AHrmHXN3eZFZl8DRwPVvcTrvOor/ujBAQGVh/eMI3QIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFEI4IL++rjFLtmGjjqUZlwXx1C5GMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvUWpnZ3Y3NnVNVXUyWWFPT3BSbVhCZkhVTGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAAF
aQwDBAEFaSYDBAEFaUQDBAAFaU8DBAAFaVIDBAAFaV8DBAAFaWcDBAAFaWoDBAAF
aWwDBAIFaXADBAEFaXoDBAAFaYIDBAEFaYoDBAEFaY4DBAAFaaIDBAAFaaUDBAAF
aawDBAEFaboDBAAFacMDBAEFacYwDAMEAQVpygMEAAVpzAMEAQVpzjAMAwQBBWnu
AwQBBWnwAwQBBWn0AwQBBWn4AwQABWn8AwQABbSwAwQAwS7SMA0GCSqGSIb3DQEB
CwUAA4IBAQCnhCj4RXOi05XLWWM4XXu+X71A3rj89QoAN1QCrtsxzSMa+aiKuIij
rZeuX2rC+Qdm75DRIc2R3Khb1aglFKQ4K78qfkQFaztO2vvb85A1bBSxyKXvE5KJ
E5rr2FnQZreZUwtuQS+x41rfIhP+e24gUXEiKjAghbPefG55/uyAQvkx1bIjlPYL
RbVORdqBoWqvnZE5WaE3+nrg1nGlMlwKnH8THQKO+35rJtb5DpHE0d/2qEdj8phZ
pRo6JDudOQOXwhpjfpWdAqrz38ikuHpaS3LU/iqpsdCowQ1jc8vf1xUYKt2uVcvs
zbVOWJSVDpQ59i6Sq3piZoG5F8rJLTF/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:17 2023 by rpki-client on console-fra.rpki-client.org