Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dDEbkae3DT8OTC2MxyW2-JntV2s.roa
File: dDEbkae3DT8OTC2MxyW2-JntV2s.roa (raw, json)
Hash identifier: Nj4xYOVRqXpfdum2W9UuxrDdoSmUJu/QKvnrfwCVkg0=
Subject key identifier: 74:31:1B:91:A7:B7:0D:3F:0E:4C:2D:8C:C7:25:B6:F8:99:ED:57:6B
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01890282422AD0A1656B1EBD85909587D9AC
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dDEbkae3DT8OTC2MxyW2-JntV2s.roa
Signing time: Wed 28 Jun 2023 14:57:18 +0000
ROA not before: Wed 28 Jun 2023 14:57:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 5.105.138.0/24 maxlen: 24
5.105.164.0/23 maxlen: 24
5.105.101.0/24 maxlen: 24
5.105.111.0/24 maxlen: 24
5.105.107.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:82:42:2a:d0:a1:65:6b:1e:bd:85:90:95:87:d9:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 28 14:57:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74311b91a7b70d3f0e4c2d8cc725b6f899ed576b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:97:5d:bb:f5:a8:f7:35:9c:e1:f3:83:51:b2:
41:ec:e7:71:26:7b:6a:32:c7:d9:1a:61:50:4f:5b:
49:3f:73:7a:2b:e5:ff:dc:00:e4:73:2d:f8:42:70:
1e:53:1f:1c:8a:b8:c6:bf:c7:7f:76:a0:ef:ea:80:
ce:a4:8e:10:39:de:05:53:65:4a:c5:07:5b:c8:bb:
11:10:45:1e:4f:28:cd:58:48:d4:e2:65:a0:c6:98:
56:24:c9:e4:4e:2e:40:a3:71:1f:a2:c0:2c:40:46:
32:24:4e:13:ed:ed:b4:f5:7f:df:64:b1:28:cd:58:
80:17:95:c6:9c:00:19:9f:f2:0f:f5:64:ce:1a:2a:
41:a7:81:12:64:13:c9:1b:fd:f3:41:57:91:ae:a9:
b8:44:ff:b2:fd:80:a5:43:5f:73:df:03:9c:bc:ae:
b5:e6:ad:ea:7f:5e:ca:ff:bb:ea:23:13:51:a5:ff:
19:4f:5f:ae:89:e1:68:72:b2:c2:a6:ac:23:d1:61:
e8:4d:2d:2b:b9:e6:ce:6e:87:16:fc:c2:7a:44:aa:
96:e7:9f:83:b5:ce:32:f5:44:b0:2e:4b:f9:e1:18:
5c:41:3d:cf:e6:63:53:93:f0:29:26:a4:2b:a0:59:
fe:b7:d2:44:9c:fb:d3:70:d2:08:9f:7f:6e:18:97:
7a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:31:1B:91:A7:B7:0D:3F:0E:4C:2D:8C:C7:25:B6:F8:99:ED:57:6B
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dDEbkae3DT8OTC2MxyW2-JntV2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.101.0/24
5.105.107.0/24
5.105.111.0/24
5.105.138.0/24
5.105.164.0/23
Signature Algorithm: sha256WithRSAEncryption
42:d5:fa:45:34:fe:82:9d:d0:8a:10:41:53:07:8c:9a:54:a2:
08:11:65:e5:60:8e:04:f6:d7:1f:89:66:e7:a6:86:48:b5:fc:
44:a4:28:48:f5:88:f9:5b:59:c6:6a:fd:e3:04:2a:d3:e8:c0:
7f:dd:ed:26:37:c3:02:86:5b:0a:f6:2b:77:8b:12:70:9b:c7:
62:83:cf:a4:3b:c4:f0:0d:8a:1f:0b:e8:1d:a3:af:07:67:92:
56:99:fc:13:13:07:84:76:6e:65:76:29:f6:a4:44:b2:d4:9c:
82:c8:ad:e6:db:f9:ad:23:aa:6b:75:0d:df:96:91:ca:51:56:
4c:10:b5:c5:70:3c:e4:ea:9a:c2:22:34:ad:9c:fa:5f:de:10:
43:86:83:8d:b7:e3:36:1a:8d:d2:f1:8b:a6:1c:55:8b:5d:38:
7d:3d:8a:d4:c6:a0:fe:39:bf:bf:d4:a6:8b:3e:0c:95:ce:0c:
63:b0:5e:e2:f0:13:37:1c:6d:8d:86:51:65:64:d5:18:0d:8d:
00:4f:ad:91:20:a7:0b:86:e8:33:66:c8:34:f6:cd:a3:b9:0f:
ed:cc:8a:a8:b1:e2:cf:0b:74:63:c0:ca:1d:5a:4c:64:73:58:
14:34:6e:a3:d0:f7:aa:a2:ec:ab:b5:80:28:59:75:1d:00:41:
26:8a:2a:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYkCgkIq0KFlax69hZCVh9msMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjI4MTQ1NzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDMxMWI5MWE3YjcwZDNmMGU0YzJkOGNjNzI1YjZmODk5ZWQ1NzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5ddu/Wo9zWc4fODUbJB7OdxJntq
MsfZGmFQT1tJP3N6K+X/3ADkcy34QnAeUx8cirjGv8d/dqDv6oDOpI4QOd4FU2VK
xQdbyLsREEUeTyjNWEjU4mWgxphWJMnkTi5Ao3EfosAsQEYyJE4T7e209X/fZLEo
zViAF5XGnAAZn/IP9WTOGipBp4ESZBPJG/3zQVeRrqm4RP+y/YClQ19z3wOcvK61
5q3qf17K/7vqIxNRpf8ZT1+uieFocrLCpqwj0WHoTS0ruebObocW/MJ6RKqW55+D
tc4y9USwLkv54RhcQT3P5mNTk/ApJqQroFn+t9JEnPvTcNIIn39uGJd6swIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHQxG5Gntw0/DkwtjMcltviZ7VdrMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZERFYmthZTNEVDhPVEMyTXh5VzItSm50VjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABWllAwQA
BWlrAwQABWlvAwQABWmKAwQBBWmkMA0GCSqGSIb3DQEBCwUAA4IBAQBC1fpFNP6C
ndCKEEFTB4yaVKIIEWXlYI4E9tcfiWbnpoZItfxEpChI9Yj5W1nGav3jBCrT6MB/
3e0mN8MChlsK9it3ixJwm8dig8+kO8TwDYofC+gdo68HZ5JWmfwTEweEdm5ldin2
pESy1JyCyK3m2/mtI6prdQ3flpHKUVZMELXFcDzk6prCIjStnPpf3hBDhoONt+M2
Go3S8YumHFWLXTh9PYrUxqD+Ob+/1KaLPgyVzgxjsF7i8BM3HG2NhlFlZNUYDY0A
T62RIKcLhugzZsg09s2juQ/tzIqoseLPC3RjwModWkxkc1gUNG6j0PeqouyrtYAo
WXUdAEEmiiof
-----END CERTIFICATE-----
Generated at Fri Jul 28 09:00:47 2023 by rpki-client on console-ams.rpki-client.org