Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/VSSk6ZPRWOsp91MnDlwvGIil9d0.roa
File: VSSk6ZPRWOsp91MnDlwvGIil9d0.roa (raw, json)
Hash identifier: ic9WZNfCmO4d9oZHc02Arlu1NmOp0lFO5U7cRnp6aWw=
Subject key identifier: 55:24:A4:E9:93:D1:58:EB:29:F7:53:27:0E:5C:2F:18:88:A5:F5:DD
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A3130DA1B8D5670F258AB3B14ECE55822
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/VSSk6ZPRWOsp91MnDlwvGIil9d0.roa
Signing time: Sat 26 Aug 2023 09:33:19 +0000
ROA not before: Sat 26 Aug 2023 09:33:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 5.105.122.0/24 maxlen: 24
5.105.131.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.136.0/24 maxlen: 24
5.105.134.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.84.0/24 maxlen: 24
5.105.110.0/24 maxlen: 24
5.105.115.0/24 maxlen: 24
5.105.114.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.248.0/24 maxlen: 24
193.46.210.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.16.0/24 maxlen: 24
5.105.22.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
5.105.19.0/24 maxlen: 24
5.105.18.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.50.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.62.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.3.0/24 maxlen: 24
5.105.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:31:30:da:1b:8d:56:70:f2:58:ab:3b:14:ec:e5:58:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 26 09:33:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5524a4e993d158eb29f753270e5c2f1888a5f5dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:eb:00:1e:12:53:83:cf:72:2f:01:f8:a2:10:
8b:e8:3b:be:d9:9e:6a:b5:d4:1b:ca:f7:e7:27:c5:
66:e9:29:0b:81:a1:24:aa:68:7a:17:8c:4d:93:1a:
ed:33:b8:c4:64:8e:41:b3:e0:a1:36:86:08:1c:c3:
4c:7f:d3:01:9c:46:c1:d3:f3:07:76:6d:d2:38:4f:
f5:5a:f7:9a:d3:d9:51:b7:25:8e:f0:ab:85:ad:1c:
5a:04:65:93:b1:f0:c8:8f:85:f1:af:6d:ce:42:82:
be:e4:8e:74:e3:0b:87:92:03:20:59:16:ff:c1:a1:
13:56:1b:54:db:82:89:76:5e:c2:f3:bd:fb:54:85:
93:a5:49:9c:96:29:db:83:e2:ec:99:5c:87:77:04:
7d:65:9a:ed:bd:3b:f8:bc:06:bb:32:1e:ab:b9:c8:
91:97:c4:63:6e:cb:af:36:9b:56:1e:ca:7f:0a:c0:
6e:8b:f7:f0:6f:97:db:13:3f:7b:9b:be:4c:98:29:
66:f4:d5:42:b6:6b:66:f2:fb:f1:4a:f1:f1:00:70:
f1:2b:e4:49:8e:a3:de:4d:76:73:45:55:3a:fb:59:
bd:37:11:5a:fb:05:e7:26:cf:4f:88:c6:da:e7:f9:
78:e5:58:13:df:ea:eb:f7:20:46:8f:05:86:8f:87:
d7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:24:A4:E9:93:D1:58:EB:29:F7:53:27:0E:5C:2F:18:88:A5:F5:DD
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/VSSk6ZPRWOsp91MnDlwvGIil9d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.2.0/23
5.105.16.0/24
5.105.18.0/23
5.105.21.0-5.105.22.255
5.105.40.0/24
5.105.50.0/24
5.105.57.0/24
5.105.62.0/24
5.105.84.0/24
5.105.110.0/24
5.105.114.0/23
5.105.122.0/24
5.105.127.0/24
5.105.131.0/24
5.105.134.0/24
5.105.136.0/24
5.105.138.0/24
5.105.142.0/24
5.105.157.0/24
5.105.162.0/24
5.105.203.0/24
5.105.207.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.248.0/23
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:2f:fb:15:fd:88:9b:c5:e2:fc:f6:9d:45:00:31:d0:b9:70:
5e:a5:9f:ef:65:de:34:d3:d5:86:a2:7a:aa:55:3d:e4:f2:b9:
8a:31:f2:48:63:a6:e5:ce:f4:12:61:fa:d8:68:c4:e1:3e:f0:
77:cd:b6:88:e7:20:ea:53:b5:09:1f:24:0a:20:5f:b6:ac:5b:
95:84:49:6b:dd:42:77:ea:8d:a9:b6:da:bb:14:c4:80:15:f0:
86:5d:7c:4e:b8:9c:cd:0a:df:7b:9e:82:a3:36:e1:12:74:78:
10:bb:fa:b8:28:51:e5:d3:b5:20:cd:02:df:30:4e:73:e7:64:
73:e7:cf:ce:0a:75:b1:c2:60:65:1c:bd:0a:17:b6:7e:7c:76:
22:db:89:ec:c7:f2:1f:b1:9e:12:e5:05:43:3e:8b:5e:96:c5:
a3:1f:37:f9:da:f7:0d:59:67:c8:fd:41:7f:88:31:9c:93:83:
83:61:bf:0e:95:ea:33:8a:a0:71:b2:5d:3a:8e:42:9b:21:2e:
f9:ba:cc:b1:50:5b:c6:0c:29:19:65:26:de:34:1c:6a:e4:3e:
fd:a1:81:e8:bd:92:02:76:b1:0e:2e:8c:f4:bf:b5:87:03:fd:
10:6c:ec:cd:9d:a0:8c:fa:26:91:76:e3:f4:19:f0:cd:ce:a9:
23:4c:55:57
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYoxMNobjVZw8lirOxTs5VgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODI2MDkzMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTI0YTRlOTkzZDE1OGViMjlmNzUzMjcwZTVjMmYxODg4YTVmNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+sAHhJTg89yLwH4ohCL6Du+2Z5q
tdQbyvfnJ8Vm6SkLgaEkqmh6F4xNkxrtM7jEZI5Bs+ChNoYIHMNMf9MBnEbB0/MH
dm3SOE/1Wvea09lRtyWO8KuFrRxaBGWTsfDIj4Xxr23OQoK+5I504wuHkgMgWRb/
waETVhtU24KJdl7C8737VIWTpUmclinbg+LsmVyHdwR9ZZrtvTv4vAa7Mh6ruciR
l8RjbsuvNptWHsp/CsBui/fwb5fbEz97m75MmClm9NVCtmtm8vvxSvHxAHDxK+RJ
jqPeTXZzRVU6+1m9NxFa+wXnJs9PiMba5/l45VgT3+rr9yBGjwWGj4fXIQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFFUkpOmT0VjrKfdTJw5cLxiIpfXdMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvVlNTazZaUFJXT3NwOTFNbkRsd3ZHSWlsOWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAEF
aQIDBAAFaRADBAEFaRIwDAMEAAVpFQMEAAVpFgMEAAVpKAMEAAVpMgMEAAVpOQME
AAVpPgMEAAVpVAMEAAVpbgMEAQVpcgMEAAVpegMEAAVpfwMEAAVpgwMEAAVphgME
AAVpiAMEAAVpigMEAAVpjgMEAAVpnQMEAAVpogMEAAVpywMEAAVpzzAMAwQABWnv
AwQABWnwAwQBBWn0AwQBBWn4AwQABbSwAwQAwS7SMA0GCSqGSIb3DQEBCwUAA4IB
AQAbL/sV/YibxeL89p1FADHQuXBepZ/vZd4009WGonqqVT3k8rmKMfJIY6blzvQS
YfrYaMThPvB3zbaI5yDqU7UJHyQKIF+2rFuVhElr3UJ36o2pttq7FMSAFfCGXXxO
uJzNCt97noKjNuESdHgQu/q4KFHl07UgzQLfME5z52Rz58/OCnWxwmBlHL0KF7Z+
fHYi24nsx/IfsZ4S5QVDPotelsWjHzf52vcNWWfI/UF/iDGck4ODYb8OleoziqBx
sl06jkKbIS75usyxUFvGDCkZZSbeNBxq5D79oYHovZICdrEOLoz0v7WHA/0QbOzN
naCM+iaRduP0GfDNzqkjTFVX
-----END CERTIFICATE-----
Generated at Sat Aug 26 19:42:05 2023 by rpki-client on console-ams.rpki-client.org