Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/U5GgGLA7H18-7W1dbzjAJxWx-hk.roa
File: U5GgGLA7H18-7W1dbzjAJxWx-hk.roa (raw, json)
Hash identifier: 9ZSZhlUoijcLwi7EisXgqaFltvI8R4s5h7R2NEnGbpg=
Subject key identifier: 53:91:A0:18:B0:3B:1F:5F:3E:ED:6D:5D:6F:38:C0:27:15:B1:FA:19
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01889AE00365628995813899EDEDC8C04319
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/U5GgGLA7H18-7W1dbzjAJxWx-hk.roa
Signing time: Thu 08 Jun 2023 11:59:12 +0000
ROA not before: Thu 08 Jun 2023 11:59:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 5.105.158.0/24 maxlen: 24
91.200.212.0/22 maxlen: 24
5.105.172.0/24 maxlen: 24
5.105.71.0/24 maxlen: 24
5.105.65.0/24 maxlen: 24
5.105.80.0/24 maxlen: 24
5.105.98.0/24 maxlen: 24
5.105.104.0/24 maxlen: 24
5.105.31.0/24 maxlen: 24
5.105.46.0/24 maxlen: 24
5.105.64.0/24 maxlen: 24
5.105.188.0/24 maxlen: 24
85.255.176.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:e0:03:65:62:89:95:81:38:99:ed:ed:c8:c0:43:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 8 11:59:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5391a018b03b1f5f3eed6d5d6f38c02715b1fa19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a2:05:42:12:da:6a:c7:f9:0d:db:a4:3b:bf:
f2:14:e3:d9:7a:61:f6:e0:0f:23:b3:6d:36:bf:c1:
2f:6f:9a:b7:b8:57:0c:e2:cf:1b:b3:f4:84:4d:d5:
d7:f5:98:3e:56:db:3e:3b:ec:5e:23:fc:ea:ab:40:
88:ce:ee:b5:7f:ed:b7:2d:a4:4f:6d:5b:35:e4:49:
2d:d9:af:fa:1f:da:cb:40:ea:32:10:49:05:8b:52:
d4:6c:5a:a3:ce:af:8d:5a:92:bf:e9:13:04:c0:21:
50:44:67:52:a0:14:5f:c4:74:bf:52:ff:98:e3:df:
b2:62:10:3a:b6:ad:2d:a6:73:52:9e:5f:d2:1b:a7:
1a:89:d0:8b:0b:57:03:81:4c:56:b0:35:80:f8:b1:
71:7b:8b:60:f9:93:9c:1c:6c:b4:6e:52:b0:aa:1b:
22:d8:e5:c3:4f:5d:ff:03:b4:c0:b7:87:bc:d2:2a:
ab:5d:28:8f:5e:65:5a:3a:e4:cc:d1:66:68:68:66:
0d:f2:40:88:a3:7a:bf:9d:ce:58:6b:04:cb:3c:ef:
67:7d:68:8f:2a:9d:41:be:4e:c2:17:44:c3:e0:be:
76:86:c7:59:3d:83:2a:c2:fd:24:89:35:ec:71:81:
2f:58:ca:0c:be:24:7b:e3:d5:2e:d4:18:04:14:30:
6d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:91:A0:18:B0:3B:1F:5F:3E:ED:6D:5D:6F:38:C0:27:15:B1:FA:19
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/U5GgGLA7H18-7W1dbzjAJxWx-hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.31.0/24
5.105.46.0/24
5.105.64.0/23
5.105.71.0/24
5.105.80.0/24
5.105.98.0/24
5.105.104.0/24
5.105.158.0/24
5.105.172.0/24
5.105.188.0/24
85.255.176.0/21
91.200.212.0/22
Signature Algorithm: sha256WithRSAEncryption
d2:10:06:2d:fc:15:4d:16:40:ab:66:7f:e6:01:b9:2f:2b:51:
64:2f:a2:e2:7f:96:b5:d9:29:f7:f2:cd:bc:5e:75:17:31:95:
1a:81:6c:37:19:9c:8c:ee:8a:d7:aa:8e:18:4f:77:07:63:91:
1e:ab:0d:7a:aa:d6:47:3e:8e:c7:bc:b4:0a:9e:fb:ac:19:89:
d6:b6:ab:ad:e9:8e:de:db:e2:71:8e:ae:49:d3:18:1d:57:45:
4a:1a:3e:a0:7e:37:f8:d8:a3:f6:17:b2:c4:cc:b4:b9:c2:92:
a7:fd:a5:14:3d:85:4c:91:80:b8:47:32:7b:7f:44:02:a1:fc:
78:b4:56:a0:98:10:fe:c8:32:9d:52:ce:fe:cf:5e:3e:f2:5d:
36:a2:15:df:c8:34:75:84:5e:db:10:a5:c4:c5:bc:3b:26:71:
65:7d:02:e0:9b:9c:42:82:14:03:52:07:25:f5:c3:c1:5a:88:
6d:70:ea:a0:6f:f7:cc:f8:80:d2:80:af:df:04:be:57:8f:1c:
50:ed:9e:a8:12:0d:13:df:e8:c0:ea:0e:db:0d:4b:40:3a:c7:
39:df:ce:57:24:b7:56:08:92:d8:f8:8e:95:c6:86:7b:80:a4:
e1:a9:13:ff:8b:69:f6:c2:93:13:e3:8e:b4:9e:dd:58:06:fb:
70:22:e5:ac
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYia4ANlYomVgTiZ7e3IwEMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjA4MTE1OTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzkxYTAxOGIwM2IxZjVmM2VlZDZkNWQ2ZjM4YzAyNzE1YjFmYTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aIFQhLaasf5DdukO7/yFOPZemH2
4A8js202v8Evb5q3uFcM4s8bs/SETdXX9Zg+Vts+O+xeI/zqq0CIzu61f+23LaRP
bVs15Ekt2a/6H9rLQOoyEEkFi1LUbFqjzq+NWpK/6RMEwCFQRGdSoBRfxHS/Uv+Y
49+yYhA6tq0tpnNSnl/SG6caidCLC1cDgUxWsDWA+LFxe4tg+ZOcHGy0blKwqhsi
2OXDT13/A7TAt4e80iqrXSiPXmVaOuTM0WZoaGYN8kCIo3q/nc5YawTLPO9nfWiP
Kp1Bvk7CF0TD4L52hsdZPYMqwv0kiTXscYEvWMoMviR749Uu1BgEFDBtaQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFORoBiwOx9fPu1tXW84wCcVsfoZMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvVTVHZ0dMQTdIMTgtN1cxZGJ6akFKeFd4LWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABWkfAwQA
BWkuAwQBBWlAAwQABWlHAwQABWlQAwQABWliAwQABWloAwQABWmeAwQABWmsAwQA
BWm8AwQDVf+wAwQCW8jUMA0GCSqGSIb3DQEBCwUAA4IBAQDSEAYt/BVNFkCrZn/m
AbkvK1FkL6Lif5a12Sn38s28XnUXMZUagWw3GZyM7orXqo4YT3cHY5Eeqw16qtZH
Po7HvLQKnvusGYnWtqut6Y7e2+Jxjq5J0xgdV0VKGj6gfjf42KP2F7LEzLS5wpKn
/aUUPYVMkYC4RzJ7f0QCofx4tFagmBD+yDKdUs7+z14+8l02ohXfyDR1hF7bEKXE
xbw7JnFlfQLgm5xCghQDUgcl9cPBWohtcOqgb/fM+IDSgK/fBL5XjxxQ7Z6oEg0T
3+jA6g7bDUtAOsc5385XJLdWCJLY+I6VxoZ7gKThqRP/i2n2wpMT4460nt1YBvtw
IuWs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:18 2023 by rpki-client on console-fra.rpki-client.org