Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/TU4a60cYA_HM9OA-WGjBIyLnjyY.roa
File: TU4a60cYA_HM9OA-WGjBIyLnjyY.roa (raw, json)
Hash identifier: IiOj2EHVl30OdnX7a0Ftv6GFNYkADRMsrF6JhcVfR3g=
Subject key identifier: 4D:4E:1A:EB:47:18:03:F1:CC:F4:E0:3E:58:68:C1:23:22:E7:8F:26
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0186285B7DF8B593B6E3A06F5F58DAE06862
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/TU4a60cYA_HM9OA-WGjBIyLnjyY.roa
Signing time: Mon 06 Feb 2023 20:12:09 +0000
ROA not before: Mon 06 Feb 2023 20:12:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 193.46.210.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.125.0/24 maxlen: 24
5.105.130.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.143.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.156.0/24 maxlen: 24
5.105.166.0/24 maxlen: 24
5.105.165.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.168.0/24 maxlen: 24
5.105.172.0/24 maxlen: 24
5.105.69.0/24 maxlen: 24
5.105.68.0/24 maxlen: 24
5.105.74.0/24 maxlen: 24
5.105.82.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.79.0/24 maxlen: 24
5.105.95.0/24 maxlen: 24
5.105.103.0/24 maxlen: 24
5.105.112.0/24 maxlen: 24
5.105.108.0/24 maxlen: 24
5.105.106.0/24 maxlen: 24
5.105.115.0/24 maxlen: 24
5.105.114.0/24 maxlen: 24
5.105.113.0/24 maxlen: 24
5.105.229.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.248.0/24 maxlen: 24
5.105.186.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
5.105.195.0/24 maxlen: 24
5.105.199.0/24 maxlen: 24
5.105.198.0/24 maxlen: 24
5.105.197.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.206.0/24 maxlen: 24
5.105.204.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.216.0/24 maxlen: 24
5.105.214.0/24 maxlen: 24
5.105.12.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.38.0/24 maxlen: 24
5.105.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:28:5b:7d:f8:b5:93:b6:e3:a0:6f:5f:58:da:e0:68:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 6 20:12:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d4e1aeb471803f1ccf4e03e5868c12322e78f26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f0:11:e5:cf:f5:85:0a:4e:c1:08:01:06:05:
62:56:9b:71:0d:32:48:af:43:d6:64:76:09:e6:80:
36:20:97:8d:2d:f4:64:f7:fd:37:11:14:7c:4b:b6:
33:31:9c:b7:a2:e3:3d:d6:c3:fc:3e:dd:84:b4:21:
bd:84:0e:e7:0b:a3:a5:87:1a:f2:32:36:1e:62:c1:
80:b7:14:f5:72:3a:4c:95:46:94:82:18:99:fb:ad:
ad:95:ca:f9:e5:08:19:d4:df:bc:17:e5:0a:17:f4:
09:38:43:99:f1:c1:4a:20:9a:f8:04:39:a1:7a:b4:
ce:25:8f:1f:96:18:83:da:03:58:8d:f0:c8:ee:52:
26:d9:0f:fa:8c:92:76:f4:a5:a5:5b:ab:b1:3a:65:
6a:67:2b:68:79:8b:de:dc:3a:af:66:51:fc:65:04:
35:e1:e3:72:8a:e9:98:e3:bc:69:7e:f2:f5:a8:7e:
b4:39:09:ac:d9:97:d8:0c:37:d7:e9:e1:d1:3b:9d:
81:c3:f5:4e:ad:d8:fc:b7:83:82:b4:e1:c2:30:8b:
7b:3c:cd:e5:af:e8:ea:58:23:06:b3:5a:3a:fa:81:
75:01:8a:5a:69:e1:e2:02:8a:60:e6:98:24:25:4d:
1e:a7:3a:fd:b8:e4:dc:66:cf:10:04:0d:9d:41:83:
d4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4E:1A:EB:47:18:03:F1:CC:F4:E0:3E:58:68:C1:23:22:E7:8F:26
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/TU4a60cYA_HM9OA-WGjBIyLnjyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.12.0/24
5.105.33.0/24
5.105.38.0/23
5.105.68.0/23
5.105.74.0/24
5.105.79.0/24
5.105.81.0-5.105.82.255
5.105.95.0/24
5.105.103.0/24
5.105.106.0/24
5.105.108.0/24
5.105.112.0/22
5.105.125.0/24
5.105.127.0/24
5.105.130.0/24
5.105.138.0/23
5.105.142.0/23
5.105.156.0/24
5.105.162.0/24
5.105.165.0-5.105.166.255
5.105.168.0/24
5.105.172.0/24
5.105.186.0/23
5.105.195.0/24
5.105.197.0-5.105.199.255
5.105.202.0-5.105.204.255
5.105.206.0/23
5.105.214.0/24
5.105.216.0/24
5.105.229.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.248.0/23
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
19:ef:44:5e:b1:85:5f:f2:fb:f1:4c:7b:9a:db:63:0a:1a:e2:
48:86:52:e1:b9:08:fa:c6:6d:8f:40:0b:c3:c9:31:00:68:d4:
c8:3a:38:16:17:a4:7a:b8:a3:63:fb:b2:ef:ab:03:7b:68:b6:
d5:c6:c3:4a:0e:a5:2e:e8:f1:d7:d7:3c:dc:15:22:11:b6:0e:
ac:78:ac:cc:34:35:5f:c1:53:f7:65:59:5e:03:3a:85:1c:bc:
1d:2e:f4:47:ba:22:41:3f:13:4d:42:71:22:c1:05:5f:5a:b5:
10:5d:a9:1b:b7:4d:2b:97:66:ee:5d:cb:20:1f:e8:ef:09:1b:
87:99:55:e8:80:42:9d:da:93:b1:49:02:ae:e7:fe:4a:c6:d1:
ef:9d:83:63:86:7b:6f:71:3b:cb:77:39:71:6a:f9:55:ba:3f:
53:db:85:e6:23:94:ae:45:12:30:44:0e:26:0c:34:28:fa:94:
25:2a:e6:9f:b8:34:60:18:eb:ee:af:a1:a8:e2:d2:24:fd:35:
92:3d:ec:16:4d:66:aa:a6:9d:c1:35:48:5c:7f:88:e6:21:7e:
f2:d7:49:9c:e8:27:c7:c1:34:77:e9:5e:f4:57:c3:9c:02:d3:
6a:dc:50:35:ab:ff:b2:5b:7c:54:19:33:92:9a:54:10:2b:b6:
d9:f0:f1:c7
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYYoW334tZO246BvX1ja4GhiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjA2MjAxMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDRlMWFlYjQ3MTgwM2YxY2NmNGUwM2U1ODY4YzEyMzIyZTc4ZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PAR5c/1hQpOwQgBBgViVptxDTJI
r0PWZHYJ5oA2IJeNLfRk9/03ERR8S7YzMZy3ouM91sP8Pt2EtCG9hA7nC6Olhxry
MjYeYsGAtxT1cjpMlUaUghiZ+62tlcr55QgZ1N+8F+UKF/QJOEOZ8cFKIJr4BDmh
erTOJY8flhiD2gNYjfDI7lIm2Q/6jJJ29KWlW6uxOmVqZytoeYve3DqvZlH8ZQQ1
4eNyiumY47xpfvL1qH60OQms2ZfYDDfX6eHRO52Bw/VOrdj8t4OCtOHCMIt7PM3l
r+jqWCMGs1o6+oF1AYpaaeHiAopg5pgkJU0epzr9uOTcZs8QBA2dQYPUSQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFE1OGutHGAPxzPTgPlhowSMi548mMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvVFU0YTYwY1lBX0hNOU9BLVdHakJJeUxuanlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQABWkMAwQABWkhAwQBBWkmAwQBBWlEAwQABWlKAwQABWlPMAwDBAAFaVEDBAAF
aVIDBAAFaV8DBAAFaWcDBAAFaWoDBAAFaWwDBAIFaXADBAAFaX0DBAAFaX8DBAAF
aYIDBAEFaYoDBAEFaY4DBAAFaZwDBAAFaaIwDAMEAAVppQMEAAVppgMEAAVpqAME
AAVprAMEAQVpugMEAAVpwzAMAwQABWnFAwQDBWnAMAwDBAEFacoDBAAFacwDBAEF
ac4DBAAFadYDBAAFadgDBAAFaeUwDAMEAAVp7wMEAAVp8AMEAQVp9AMEAQVp+AME
AAW0sAMEAMEu0jANBgkqhkiG9w0BAQsFAAOCAQEAGe9EXrGFX/L78Ux7mttjChri
SIZS4bkI+sZtj0ALw8kxAGjUyDo4FhekerijY/uy76sDe2i21cbDSg6lLujx19c8
3BUiEbYOrHiszDQ1X8FT92VZXgM6hRy8HS70R7oiQT8TTUJxIsEFX1q1EF2pG7dN
K5dm7l3LIB/o7wkbh5lV6IBCndqTsUkCruf+SsbR752DY4Z7b3E7y3c5cWr5Vbo/
U9uF5iOUrkUSMEQOJgw0KPqUJSrmn7g0YBjr7q+hqOLSJP01kj3sFk1mqqadwTVI
XH+I5iF+8tdJnOgnx8E0d+le9FfDnALTatxQNav/slt8VBkzkppUECu22fDxxw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:00 2023 by rpki-client on console-ams.rpki-client.org