Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/bJkUOz9-CAyWg5pD2aRwbYLcwdI.roa
File: bJkUOz9-CAyWg5pD2aRwbYLcwdI.roa (raw, json)
Hash identifier: tJamgeah56EGYhKY6RXke7fAJchftPff3DHFvN+x98Q=
Subject key identifier: 6C:99:14:3B:3F:7E:08:0C:96:83:9A:43:D9:A4:70:6D:82:DC:C1:D2
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01889AE1DA773C519796AE85A3DA8C1A15DD
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/bJkUOz9-CAyWg5pD2aRwbYLcwdI.roa
Signing time: Thu 08 Jun 2023 12:01:12 +0000
ROA not before: Thu 08 Jun 2023 12:01:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 5.105.124.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.113.0/24 maxlen: 24
5.105.14.0/24 maxlen: 24
5.105.29.0/24 maxlen: 24
5.105.34.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.39.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:e1:da:77:3c:51:97:96:ae:85:a3:da:8c:1a:15:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 8 12:01:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c99143b3f7e080c96839a43d9a4706d82dcc1d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ac:9e:71:f4:89:4e:31:c8:36:47:33:14:ea:
d0:f4:a2:4c:eb:dd:c0:14:6d:c1:7b:c0:df:fa:1e:
94:d2:aa:cf:74:d5:2d:6e:4f:28:c3:d9:fd:0b:24:
b6:74:6d:ba:d5:64:43:1b:c8:37:e8:cd:16:ab:21:
62:c7:6c:79:6b:01:b7:d3:af:97:8e:3e:75:2b:06:
60:06:9a:1f:52:a1:26:2e:ad:d8:12:fe:10:3d:96:
0c:51:e2:3d:20:88:a4:09:c3:58:c6:8c:f0:e8:39:
db:25:9c:eb:9c:49:4e:4e:04:08:bb:2d:91:4e:07:
2d:70:d3:ad:9c:d9:9b:4f:36:05:1b:b3:9a:51:0f:
68:e7:45:b3:d9:43:31:25:85:dd:10:10:a8:cb:f3:
09:b6:1c:7e:0c:e8:2a:7e:af:8d:18:bf:d4:6d:67:
be:8e:41:24:62:87:8f:ff:8f:fd:04:d8:b3:2c:28:
ed:72:5f:05:5c:5a:dd:e2:72:d3:35:fc:cf:eb:12:
87:6e:ca:33:24:d8:7b:ee:15:ad:bc:94:60:b6:41:
22:59:7c:af:0a:6f:c0:55:15:b1:fe:8e:7d:16:f0:
1c:73:28:76:81:db:41:53:da:79:26:20:fa:86:b3:
12:4e:31:04:72:53:9a:34:6f:c7:30:75:a4:81:66:
e2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:99:14:3B:3F:7E:08:0C:96:83:9A:43:D9:A4:70:6D:82:DC:C1:D2
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/bJkUOz9-CAyWg5pD2aRwbYLcwdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.14.0/24
5.105.29.0/24
5.105.34.0/24
5.105.39.0/24
5.105.113.0/24
5.105.124.0/24
5.105.127.0/24
5.105.139.0/24
5.105.142.0/24
5.105.157.0/24
5.105.200.0/24
5.105.207.0/24
5.105.221.0/24
5.105.249.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:82:4b:25:f5:26:d0:cd:d4:e1:bd:3c:ac:42:e1:e4:b5:59:
9e:ff:b4:1e:33:2d:e4:50:f1:58:b9:35:03:50:7a:af:72:d1:
60:25:85:56:90:a3:0a:62:d0:7a:3f:46:81:2f:61:40:34:48:
cd:0a:77:51:3e:ff:74:d9:ba:fe:66:6e:55:ee:20:a8:b1:5b:
d0:e2:a7:21:11:e8:25:a3:a2:ad:d5:7f:5f:8a:36:8f:c0:15:
c8:6b:2b:17:d3:bc:77:a1:c3:4b:b4:95:c0:6b:b1:fd:81:d4:
97:55:09:9e:fa:8e:2e:44:09:55:2f:66:01:61:2f:b2:a7:9c:
53:6a:e9:ac:f4:a9:65:7d:1f:e7:60:93:2d:a8:d3:cd:0a:b8:
74:31:97:e7:a2:1a:01:0a:7b:50:10:9d:d2:d5:a9:50:0d:12:
9d:70:f6:64:fd:ef:0c:47:76:5e:81:bb:ea:7e:97:fd:e0:06:
d6:2a:a8:81:ed:49:31:89:56:47:c0:ca:29:99:29:08:b0:1d:
7e:a6:54:de:8f:cb:0d:53:04:63:51:a3:0f:ce:d5:c4:50:3c:
c8:f5:81:89:7d:cb:23:03:ed:b4:40:83:2a:bc:e4:18:04:ac:
eb:db:d3:25:9e:fc:55:43:be:0b:48:b3:7c:e5:db:cc:d4:14:
df:2d:44:31
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYia4dp3PFGXlq6Fo9qMGhXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjA4MTIwMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzk5MTQzYjNmN2UwODBjOTY4MzlhNDNkOWE0NzA2ZDgyZGNjMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqyecfSJTjHINkczFOrQ9KJM693A
FG3Be8Df+h6U0qrPdNUtbk8ow9n9CyS2dG261WRDG8g36M0WqyFix2x5awG306+X
jj51KwZgBpofUqEmLq3YEv4QPZYMUeI9IIikCcNYxozw6DnbJZzrnElOTgQIuy2R
TgctcNOtnNmbTzYFG7OaUQ9o50Wz2UMxJYXdEBCoy/MJthx+DOgqfq+NGL/UbWe+
jkEkYoeP/4/9BNizLCjtcl8FXFrd4nLTNfzP6xKHbsozJNh77hWtvJRgtkEiWXyv
Cm/AVRWx/o59FvAccyh2gdtBU9p5JiD6hrMSTjEEclOaNG/HMHWkgWbibQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFGyZFDs/fggMloOaQ9mkcG2C3MHSMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvYkprVU96OS1DQXlXZzVwRDJhUndiWUxjd2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQABWkOAwQA
BWkdAwQABWkiAwQABWknAwQABWlxAwQABWl8AwQABWl/AwQABWmLAwQABWmOAwQA
BWmdAwQABWnIAwQABWnPAwQABWndAwQABWn5MA0GCSqGSIb3DQEBCwUAA4IBAQCP
gksl9SbQzdThvTysQuHktVme/7QeMy3kUPFYuTUDUHqvctFgJYVWkKMKYtB6P0aB
L2FANEjNCndRPv902br+Zm5V7iCosVvQ4qchEeglo6Kt1X9fijaPwBXIaysX07x3
ocNLtJXAa7H9gdSXVQme+o4uRAlVL2YBYS+yp5xTaums9KllfR/nYJMtqNPNCrh0
MZfnohoBCntQEJ3S1alQDRKdcPZk/e8MR3Zegbvqfpf94AbWKqiB7UkxiVZHwMop
mSkIsB1+plTej8sNUwRjUaMPztXEUDzI9YGJfcsjA+20QIMqvOQYBKzr29MlnvxV
Q74LSLN85dvM1BTfLUQx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:18 2023 by rpki-client on console-fra.rpki-client.org