Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aCv_kbJ-IPcQJoznLBlVPK1M4A8.roa
File: aCv_kbJ-IPcQJoznLBlVPK1M4A8.roa (raw, json)
Hash identifier: sdEMiTb1jtk+QICInhtNkl78XMqBJVNzPo+Vb8UgjdQ=
Subject key identifier: 68:2B:FF:91:B2:7E:20:F7:10:26:8C:E7:2C:19:55:3C:AD:4C:E0:0F
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0186169D8E67BCB1D9C09329B14FB02CBF14
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aCv_kbJ-IPcQJoznLBlVPK1M4A8.roa
Signing time: Fri 03 Feb 2023 09:31:09 +0000
ROA not before: Fri 03 Feb 2023 09:31:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 5.105.29.0/24 maxlen: 24
5.105.138.0/23 maxlen: 24
5.105.142.0/23 maxlen: 24
5.105.248.0/23 maxlen: 24
5.105.164.0/23 maxlen: 24
5.105.68.0/23 maxlen: 24
5.105.186.0/23 maxlen: 24
5.105.198.0/23 maxlen: 24
5.105.206.0/23 maxlen: 24
5.105.202.0/23 maxlen: 24
5.105.112.0/23 maxlen: 24
5.105.114.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:9d:8e:67:bc:b1:d9:c0:93:29:b1:4f:b0:2c:bf:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 3 09:31:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=682bff91b27e20f710268ce72c19553cad4ce00f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3f:aa:d4:6a:90:a9:25:bf:65:74:da:41:c6:
60:b7:a5:bb:f9:bd:8c:43:69:b8:ed:98:38:22:31:
ad:6e:ed:b3:5c:4f:ce:d7:31:97:46:f6:55:79:8e:
ca:e7:5f:b3:f4:2d:65:c8:4f:e5:45:71:ad:0b:89:
3b:2e:ed:ff:93:1e:dd:6a:c2:4c:e5:de:c6:e7:51:
6d:53:48:d5:10:d3:f2:8a:e6:c9:6b:f9:0c:18:0e:
18:9a:2b:4d:77:e8:c6:3d:36:aa:3a:cf:6e:30:df:
27:d0:80:1f:c1:06:68:88:34:b3:3d:e6:95:d1:8e:
b2:83:2e:91:48:19:fd:92:a5:04:6a:9b:09:3b:1c:
67:45:1b:19:43:ee:a5:5e:89:92:08:e4:6f:e3:3e:
07:4b:ab:1b:65:74:bb:3e:68:d0:89:0b:25:6f:7f:
b8:5a:16:41:a9:46:22:81:3b:c5:ac:28:e8:ce:41:
67:b7:46:ae:09:f5:86:c4:f5:75:32:14:d2:f0:89:
58:f0:2b:ef:1d:19:62:95:e2:c9:8f:72:79:72:41:
71:5a:dc:18:22:9f:fd:b2:58:d9:3d:62:4f:84:ec:
94:0f:d5:bd:0c:9f:54:21:01:29:5a:50:49:96:5d:
b4:b9:a7:e0:a5:5c:ee:f4:dd:63:c2:8f:2a:2e:22:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2B:FF:91:B2:7E:20:F7:10:26:8C:E7:2C:19:55:3C:AD:4C:E0:0F
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aCv_kbJ-IPcQJoznLBlVPK1M4A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.29.0/24
5.105.68.0/23
5.105.112.0/22
5.105.138.0/23
5.105.142.0/23
5.105.164.0/23
5.105.186.0/23
5.105.198.0/23
5.105.202.0/23
5.105.206.0/23
5.105.248.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:ca:3d:0a:e2:00:ca:90:84:da:a3:38:b0:ee:d6:e9:3f:ca:
0a:01:7f:81:af:fc:b1:fa:5d:47:59:2b:5e:23:e7:5d:a8:b2:
87:ff:ed:cc:00:98:9c:78:90:4e:77:3d:09:f7:03:9f:47:0d:
28:d0:d5:9d:95:11:d6:3e:cf:b1:96:7e:61:95:94:f3:3a:bb:
5c:7f:d7:5c:bd:7c:b7:5f:01:85:f0:3d:37:1f:68:31:19:19:
75:eb:a5:d6:87:4a:6b:d5:77:9b:39:e2:09:8c:2f:68:3b:fb:
81:d9:af:e0:48:ae:9b:3b:a6:af:a8:15:9b:88:50:6c:49:9f:
53:35:29:c0:8e:0e:81:fc:aa:12:f5:dc:30:0c:85:45:11:3b:
29:23:ee:23:99:a5:53:cd:e1:23:71:da:d3:58:75:fe:d8:cc:
82:36:5b:2c:37:f1:17:ad:3d:c3:12:69:fd:4f:d4:10:65:50:
1d:16:26:fb:3b:96:ab:39:51:8a:6b:c2:bc:57:88:9d:0e:4b:
b5:2b:90:3f:f0:d5:e1:88:28:e1:93:c6:ec:7f:18:d2:eb:d2:
56:ac:9c:9d:8a:8b:0f:6e:46:9f:00:46:9a:d9:28:6b:b2:65:
91:fb:17:a4:0c:e2:f6:7a:75:b8:c0:e0:bd:6d:5d:57:ec:15:
46:f2:56:9e
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYYWnY5nvLHZwJMpsU+wLL8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjAzMDkzMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODJiZmY5MWIyN2UyMGY3MTAyNjhjZTcyYzE5NTUzY2FkNGNlMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz+q1GqQqSW/ZXTaQcZgt6W7+b2M
Q2m47Zg4IjGtbu2zXE/O1zGXRvZVeY7K51+z9C1lyE/lRXGtC4k7Lu3/kx7dasJM
5d7G51FtU0jVENPyiubJa/kMGA4YmitNd+jGPTaqOs9uMN8n0IAfwQZoiDSzPeaV
0Y6ygy6RSBn9kqUEapsJOxxnRRsZQ+6lXomSCORv4z4HS6sbZXS7PmjQiQslb3+4
WhZBqUYigTvFrCjozkFnt0auCfWGxPV1MhTS8IlY8CvvHRlileLJj3J5ckFxWtwY
Ip/9sljZPWJPhOyUD9W9DJ9UIQEpWlBJll20uafgpVzu9N1jwo8qLiKjCQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGgr/5GyfiD3ECaM5ywZVTytTOAPMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvYUN2X2tiSi1JUGNRSm96bkxCbFZQSzFNNEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABWkdAwQB
BWlEAwQCBWlwAwQBBWmKAwQBBWmOAwQBBWmkAwQBBWm6AwQBBWnGAwQBBWnKAwQB
BWnOAwQBBWn4MA0GCSqGSIb3DQEBCwUAA4IBAQAsyj0K4gDKkITaoziw7tbpP8oK
AX+Br/yx+l1HWSteI+ddqLKH/+3MAJiceJBOdz0J9wOfRw0o0NWdlRHWPs+xln5h
lZTzOrtcf9dcvXy3XwGF8D03H2gxGRl166XWh0pr1XebOeIJjC9oO/uB2a/gSK6b
O6avqBWbiFBsSZ9TNSnAjg6B/KoS9dwwDIVFETspI+4jmaVTzeEjcdrTWHX+2MyC
NlssN/EXrT3DEmn9T9QQZVAdFib7O5arOVGKa8K8V4idDku1K5A/8NXhiCjhk8bs
fxjS69JWrJydiosPbkafAEaa2ShrsmWR+xekDOL2enW4wOC9bV1X7BVG8lae
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:00 2023 by rpki-client on console-ams.rpki-client.org