Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Tv7V4gVCkjzp8_ZvU1GumxKTMUI.roa
File: Tv7V4gVCkjzp8_ZvU1GumxKTMUI.roa (raw, json)
Hash identifier: RCqvQB+1nYVQwg/m/5oUKni9b9kYMP0CD7X8/2to37A=
Subject key identifier: 4E:FE:D5:E2:05:42:92:3C:E9:F3:F6:6F:53:51:AE:9B:12:93:31:42
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0186834B99E6B9EEA1AAA0D8D71977F72E14
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Tv7V4gVCkjzp8_ZvU1GumxKTMUI.roa
Signing time: Fri 24 Feb 2023 12:00:14 +0000
ROA not before: Fri 24 Feb 2023 12:00:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 5.105.238.0/24 maxlen: 24
5.105.129.0/24 maxlen: 24
5.105.241.0/24 maxlen: 24
5.105.135.0/24 maxlen: 24
5.105.27.0/24 maxlen: 24
5.105.252.0/24 maxlen: 24
5.105.196.0/24 maxlen: 24
5.105.95.0/24 maxlen: 24
5.105.212.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:83:4b:99:e6:b9:ee:a1:aa:a0:d8:d7:19:77:f7:2e:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 24 12:00:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4efed5e20542923ce9f3f66f5351ae9b12933142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:da:2e:6c:56:db:0a:bc:d5:17:98:e4:e9:e7:
f4:e9:95:36:08:a7:4c:f4:c1:f2:b3:0c:92:df:6e:
54:ca:95:27:82:b6:33:d1:09:0c:2f:77:de:b0:21:
b0:6d:41:fa:87:06:07:90:7b:68:49:1f:9d:d7:a9:
e1:18:17:b2:27:12:4e:6b:3b:9a:35:d7:71:75:e1:
18:95:46:66:ef:da:54:95:48:c0:2f:ed:c9:97:c5:
5f:ee:da:46:02:fe:98:7f:30:ac:f7:06:49:3d:e6:
9a:3b:07:9d:f4:38:32:99:55:52:21:aa:60:e1:2d:
55:6a:07:3a:6c:10:e9:c4:dd:b9:3f:ca:b7:cb:d0:
23:17:bf:15:30:d0:74:23:ce:3d:45:72:c2:35:b0:
ff:9a:4d:da:87:4f:c1:de:ba:52:75:57:5f:5b:75:
7a:6b:87:da:b0:48:5b:d3:9c:fb:40:c4:ba:32:ca:
f8:7f:4b:d4:22:7b:49:6c:42:64:e2:8b:a5:ef:e9:
b8:fd:92:05:4c:dd:e2:01:a4:e5:27:28:5b:0d:b6:
e5:f9:0c:17:5a:76:51:3a:1a:2a:85:f0:1d:1e:dc:
ae:6f:cf:d0:29:15:2d:57:46:1b:14:35:1a:74:bb:
5a:42:cb:56:b7:13:f2:6a:e4:19:3f:c4:90:06:79:
da:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:FE:D5:E2:05:42:92:3C:E9:F3:F6:6F:53:51:AE:9B:12:93:31:42
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Tv7V4gVCkjzp8_ZvU1GumxKTMUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.27.0/24
5.105.95.0/24
5.105.129.0/24
5.105.135.0/24
5.105.196.0/24
5.105.212.0/24
5.105.238.0/24
5.105.241.0/24
5.105.252.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:4e:be:e7:4d:90:67:fa:73:0b:66:aa:cc:b2:01:86:62:34:
36:72:d5:5b:ea:c0:8d:a3:c2:ec:19:a8:2b:46:4e:9f:3a:27:
c6:40:4e:a3:ba:27:03:d6:dd:42:7f:2a:50:e6:e1:6e:20:5f:
af:28:bd:7c:44:54:0a:f3:39:bc:20:6c:d7:21:a5:dd:79:ea:
7a:fa:dc:7e:af:46:05:98:83:21:ac:39:4a:38:61:b8:5c:7d:
23:ff:5e:2d:22:59:ed:55:a5:84:94:11:92:30:49:6a:43:b0:
e1:8e:c9:12:24:ee:27:16:45:7e:4f:f6:96:09:c8:9f:58:c0:
71:83:b0:e7:b8:0b:ac:89:26:f8:81:29:43:43:ed:06:53:68:
89:6a:e1:30:14:fb:cb:ef:38:b2:82:19:b7:e6:f6:2a:4f:4d:
eb:0d:f4:79:e1:7d:66:6a:53:02:7a:dd:82:69:55:03:d3:39:
c8:1a:55:74:0b:bf:3d:6d:f6:f0:7c:e2:17:46:e1:3b:4b:31:
97:6a:d5:4c:03:8a:84:bb:14:6f:76:81:0e:4e:83:7b:48:52:
f6:e3:d7:5f:59:1c:c5:cc:6f:d6:4f:73:e8:75:05:12:fa:b0:
df:7d:88:5c:04:5e:bc:fb:42:f7:b6:c0:35:66:a4:29:11:ed:
67:66:0e:fb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYaDS5nmue6hqqDY1xl39y4UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjI0MTIwMDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWZlZDVlMjA1NDI5MjNjZTlmM2Y2NmY1MzUxYWU5YjEyOTMzMTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdoubFbbCrzVF5jk6ef06ZU2CKdM
9MHyswyS325UypUngrYz0QkML3fesCGwbUH6hwYHkHtoSR+d16nhGBeyJxJOazua
NddxdeEYlUZm79pUlUjAL+3Jl8Vf7tpGAv6YfzCs9wZJPeaaOwed9DgymVVSIapg
4S1Vagc6bBDpxN25P8q3y9AjF78VMNB0I849RXLCNbD/mk3ah0/B3rpSdVdfW3V6
a4fasEhb05z7QMS6Msr4f0vUIntJbEJk4oul7+m4/ZIFTN3iAaTlJyhbDbbl+QwX
WnZROhoqhfAdHtyub8/QKRUtV0YbFDUadLtaQstWtxPyauQZP8SQBnna6QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFE7+1eIFQpI86fP2b1NRrpsSkzFCMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvVHY3VjRnVkNranpwOF9adlUxR3VteEtUTVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABWkbAwQA
BWlfAwQABWmBAwQABWmHAwQABWnEAwQABWnUAwQABWnuAwQABWnxAwQABWn8MA0G
CSqGSIb3DQEBCwUAA4IBAQCjTr7nTZBn+nMLZqrMsgGGYjQ2ctVb6sCNo8LsGagr
Rk6fOifGQE6juicD1t1CfypQ5uFuIF+vKL18RFQK8zm8IGzXIaXdeep6+tx+r0YF
mIMhrDlKOGG4XH0j/14tIlntVaWElBGSMElqQ7DhjskSJO4nFkV+T/aWCcifWMBx
g7DnuAusiSb4gSlDQ+0GU2iJauEwFPvL7ziyghm35vYqT03rDfR54X1malMCet2C
aVUD0znIGlV0C789bfbwfOIXRuE7SzGXatVMA4qEuxRvdoEOToN7SFL249dfWRzF
zG/WT3PodQUS+rDffYhcBF68+0L3tsA1ZqQpEe1nZg77
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:00 2023 by rpki-client on console-ams.rpki-client.org