Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ZpehLAJvhTHrrR9SNHhwAYi-QHQ.roa
File: ZpehLAJvhTHrrR9SNHhwAYi-QHQ.roa (raw, json)
Hash identifier: 8gz/LUDsvuebIG5Fq+9kXPuSrIYFsFcu0PAIeICg/9E=
Subject key identifier: 66:97:A1:2C:02:6F:85:31:EB:AD:1F:52:34:78:70:01:88:BE:40:74
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018586F0BF1CB4C938DC32EDDA749687CBCA
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ZpehLAJvhTHrrR9SNHhwAYi-QHQ.roa
Signing time: Fri 06 Jan 2023 11:56:42 +0000
ROA not before: Fri 06 Jan 2023 11:56:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 5.105.130.0/24 maxlen: 24
5.105.38.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.247.0/24 maxlen: 24
5.105.39.0/24 maxlen: 24
5.105.63.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.215.0/24 maxlen: 24
5.105.226.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:f0:bf:1c:b4:c9:38:dc:32:ed:da:74:96:87:cb:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 6 11:56:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6697a12c026f8531ebad1f523478700188be4074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:25:c6:22:97:2c:84:1e:e6:5e:42:91:96:99:
d6:40:e3:f4:8d:b7:52:dc:76:1d:e0:05:1f:44:c4:
e5:c9:6b:9e:3d:30:ef:7d:13:93:39:6b:68:24:c5:
02:d3:79:5e:82:40:5f:7e:90:d7:9a:f4:09:0b:ad:
af:35:fe:26:64:f4:93:bc:f8:65:d3:f8:7b:93:c8:
8a:29:b4:75:2b:0e:f9:a7:8c:40:28:6f:7b:a1:fa:
2c:4b:b1:f6:8b:cf:0d:0a:91:39:b8:d2:6b:46:6c:
5f:30:67:a8:08:02:fb:36:b3:24:3d:50:ab:3c:6b:
8e:4f:d5:83:51:2f:d0:ed:b4:10:dd:8d:2b:11:a0:
cd:2f:62:e9:6f:59:df:05:27:ce:c8:2d:a5:cd:37:
7b:11:1b:2b:53:82:66:3b:c0:6a:fb:ed:1a:1f:91:
79:a6:02:08:10:9b:a3:f9:2f:4f:56:68:d1:68:b1:
fa:7b:d7:ea:00:dc:02:cc:14:94:8d:5f:3d:69:63:
5c:09:98:14:f1:91:63:c1:f2:f9:3b:8a:7c:99:ff:
6a:17:37:25:83:85:41:8b:86:67:13:80:3d:d3:c5:
f6:2d:95:c5:6e:ac:86:0b:74:cd:a3:f1:eb:b7:de:
21:9a:e8:b1:89:60:c1:d7:5d:01:8d:6e:92:6e:33:
78:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:97:A1:2C:02:6F:85:31:EB:AD:1F:52:34:78:70:01:88:BE:40:74
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ZpehLAJvhTHrrR9SNHhwAYi-QHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.32.0/23
5.105.38.0/23
5.105.63.0/24
5.105.96.0/24
5.105.130.0/24
5.105.184.0/24
5.105.200.0/24
5.105.215.0/24
5.105.226.0/24
5.105.247.0/24
Signature Algorithm: sha256WithRSAEncryption
12:54:b0:d9:21:13:d1:22:aa:8f:ab:aa:bd:73:ca:93:64:4f:
54:ea:16:8c:d3:e0:21:f4:23:9e:26:e0:db:6c:2a:10:64:b1:
ea:59:2f:88:27:16:fb:31:e3:88:1f:20:22:46:6f:58:27:89:
ee:9a:70:10:93:71:63:36:27:c2:f3:df:2b:6d:2e:c1:c8:90:
35:64:fb:07:86:7b:76:e0:83:29:4f:70:97:d0:f0:99:b0:38:
3c:ae:b3:6f:30:8c:8b:e0:6e:86:d7:e0:eb:16:e0:1c:fe:f7:
c8:3f:a0:09:75:a7:d0:08:ea:e8:f3:a5:03:1f:5b:85:cc:ec:
f9:6d:26:84:68:f8:4a:03:91:c8:4e:9b:4b:49:77:f9:c7:2d:
8d:86:53:ec:25:38:30:d5:3d:57:05:fc:56:20:8b:16:9f:29:
12:62:d5:e3:38:b3:ae:5f:a7:1d:d6:8b:b9:9b:96:7a:7a:8f:
5b:60:ef:6e:2f:45:79:3d:f2:fb:30:09:b7:b0:0e:65:6f:d0:
de:ea:46:e9:6e:1c:8a:4a:b8:f7:04:9a:89:a8:28:f3:a1:0e:
eb:0b:47:5d:95:08:38:74:9c:13:a6:ac:0a:9e:0c:78:bf:51:
7e:c1:c9:41:a0:45:2d:c6:79:aa:0a:33:54:59:7a:14:60:6f:
06:0c:93:20
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYWG8L8ctMk43DLt2nSWh8vKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTA2MTE1NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njk3YTEyYzAyNmY4NTMxZWJhZDFmNTIzNDc4NzAwMTg4YmU0MDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCXGIpcshB7mXkKRlpnWQOP0jbdS
3HYd4AUfRMTlyWuePTDvfROTOWtoJMUC03legkBffpDXmvQJC62vNf4mZPSTvPhl
0/h7k8iKKbR1Kw75p4xAKG97ofosS7H2i88NCpE5uNJrRmxfMGeoCAL7NrMkPVCr
PGuOT9WDUS/Q7bQQ3Y0rEaDNL2Lpb1nfBSfOyC2lzTd7ERsrU4JmO8Bq++0aH5F5
pgIIEJuj+S9PVmjRaLH6e9fqANwCzBSUjV89aWNcCZgU8ZFjwfL5O4p8mf9qFzcl
g4VBi4ZnE4A908X2LZXFbqyGC3TNo/Hrt94hmuixiWDB110BjW6SbjN47wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGaXoSwCb4Ux660fUjR4cAGIvkB0MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvWnBlaExBSnZoVEhyclI5U05IaHdBWWktUUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBBWkgAwQB
BWkmAwQABWk/AwQABWlgAwQABWmCAwQABWm4AwQABWnIAwQABWnXAwQABWniAwQA
BWn3MA0GCSqGSIb3DQEBCwUAA4IBAQASVLDZIRPRIqqPq6q9c8qTZE9U6haM0+Ah
9COeJuDbbCoQZLHqWS+IJxb7MeOIHyAiRm9YJ4numnAQk3FjNifC898rbS7ByJA1
ZPsHhnt24IMpT3CX0PCZsDg8rrNvMIyL4G6G1+DrFuAc/vfIP6AJdafQCOro86UD
H1uFzOz5bSaEaPhKA5HITptLSXf5xy2NhlPsJTgw1T1XBfxWIIsWnykSYtXjOLOu
X6cd1ou5m5Z6eo9bYO9uL0V5PfL7MAm3sA5lb9De6kbpbhyKSrj3BJqJqCjzoQ7r
C0ddlQg4dJwTpqwKngx4v1F+wclBoEUtxnmqCjNUWXoUYG8GDJMg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:18 2023 by rpki-client on console-fra.rpki-client.org