Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dhmkdEMZxjvcqpmm6_WQEdrVgj8.roa
File: dhmkdEMZxjvcqpmm6_WQEdrVgj8.roa (raw, json)
Hash identifier: 0BCFd7vWpLMGZIHUk6Zg9p4ttOJlehRwZf6ZmHqCEnU=
Subject key identifier: 76:19:A4:74:43:19:C6:3B:DC:AA:99:A6:EB:F5:90:11:DA:D5:82:3F
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01856BE5B9B518452C322AED3E93736BB4B6
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dhmkdEMZxjvcqpmm6_WQEdrVgj8.roa
Signing time: Sun 01 Jan 2023 05:54:55 +0000
ROA not before: Sun 01 Jan 2023 05:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397373
IP address blocks: 5.105.159.0/24 maxlen: 24
5.105.167.0/24 maxlen: 24
5.105.171.0/24 maxlen: 24
5.105.173.0/24 maxlen: 24
5.105.205.0/24 maxlen: 24
5.105.213.0/24 maxlen: 24
5.105.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:b9:b5:18:45:2c:32:2a:ed:3e:93:73:6b:b4:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 1 05:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7619a4744319c63bdcaa99a6ebf59011dad5823f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:70:68:6a:61:c1:71:8f:94:d9:87:c8:f0:11:
38:87:9b:16:a7:40:57:24:f4:6e:53:e6:d5:77:65:
43:c0:a8:96:e5:ce:74:90:aa:31:47:de:ed:97:92:
1f:55:0a:21:ab:9f:20:42:6c:be:78:08:a5:4a:1f:
a1:8b:3d:e4:02:ff:53:7f:90:7e:5c:be:34:96:3d:
58:04:06:a8:7f:f2:88:40:82:11:c5:4b:c6:41:1b:
5c:ae:8c:5f:57:08:74:e9:61:ee:2c:71:44:25:76:
2c:d6:a6:7b:86:a4:44:d0:5e:07:0c:a6:5a:fd:a2:
92:f1:bf:80:65:96:12:47:d3:39:df:f6:1e:c7:01:
f5:e0:61:7c:a1:25:9f:c5:a1:8b:7c:b9:3b:40:f9:
23:76:57:d8:1a:31:04:1c:4b:1c:a7:dd:a6:3a:51:
0e:88:d6:00:f3:d5:8c:e6:a3:5d:25:5c:54:c0:25:
e3:22:bc:7a:fe:c0:8b:de:66:e6:0b:57:57:16:48:
a4:cd:63:10:dc:98:8e:62:b9:41:a6:7c:0c:8a:7b:
c4:3f:62:fb:41:8e:2a:a8:58:13:50:d3:75:c7:88:
45:a6:1f:56:57:00:5f:19:ad:02:c9:cc:04:ba:42:
0b:0b:fd:99:b1:f0:9b:76:25:1b:f5:33:18:b4:87:
06:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:19:A4:74:43:19:C6:3B:DC:AA:99:A6:EB:F5:90:11:DA:D5:82:3F
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dhmkdEMZxjvcqpmm6_WQEdrVgj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.159.0/24
5.105.167.0/24
5.105.171.0/24
5.105.173.0/24
5.105.205.0/24
5.105.213.0/24
5.105.217.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:1b:d0:17:4f:48:63:4b:03:25:7a:a5:90:69:8b:00:2e:bb:
ad:e8:5e:70:be:9b:84:67:2e:31:fe:60:ee:46:b4:89:db:fb:
1d:ed:92:b6:f7:b7:3f:d0:b7:a7:7c:af:6d:27:d5:12:48:79:
ea:97:8f:87:d7:90:46:5f:cb:26:9d:bd:58:28:56:aa:70:35:
76:69:54:aa:4a:16:90:7a:08:d7:45:df:fe:4a:de:e8:73:7b:
fb:b4:d7:30:f2:ce:8f:55:f8:19:23:bd:28:6d:03:59:c5:e7:
5b:72:d5:ed:a7:8d:20:9a:23:b7:8a:e4:aa:d3:94:45:24:43:
b5:e2:94:4b:ef:74:72:cc:22:58:84:fe:8c:e8:8e:0b:57:2a:
af:34:13:23:f4:a9:23:74:6f:d6:e6:ee:58:5e:bb:49:75:1f:
9d:84:ed:87:1a:9a:f6:0e:5a:e2:84:ee:78:99:bd:ed:09:ad:
0d:40:eb:52:a0:6f:ad:54:1f:c9:cb:e1:6c:c0:6a:a9:f5:b4:
9f:4a:0f:06:e6:5f:0e:07:4a:9b:08:f5:0b:ff:6c:c5:0f:13:
00:89:48:e0:b3:05:a0:65:13:be:43:ff:03:a7:48:c2:06:06:
ac:49:3c:13:48:88:ef:d1:ca:5c:4f:bb:b2:d5:e0:39:c5:e4:
2f:69:5d:36
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVr5bm1GEUsMirtPpNza7S2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTAxMDU1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjE5YTQ3NDQzMTljNjNiZGNhYTk5YTZlYmY1OTAxMWRhZDU4MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHBoamHBcY+U2YfI8BE4h5sWp0BX
JPRuU+bVd2VDwKiW5c50kKoxR97tl5IfVQohq58gQmy+eAilSh+hiz3kAv9Tf5B+
XL40lj1YBAaof/KIQIIRxUvGQRtcroxfVwh06WHuLHFEJXYs1qZ7hqRE0F4HDKZa
/aKS8b+AZZYSR9M53/YexwH14GF8oSWfxaGLfLk7QPkjdlfYGjEEHEscp92mOlEO
iNYA89WM5qNdJVxUwCXjIrx6/sCL3mbmC1dXFkikzWMQ3JiOYrlBpnwMinvEP2L7
QY4qqFgTUNN1x4hFph9WVwBfGa0CycwEukILC/2ZsfCbdiUb9TMYtIcGlQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHYZpHRDGcY73KqZpuv1kBHa1YI/MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZGhta2RFTVp4anZjcXBtbTZfV1FFZHJWZ2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABWmfAwQA
BWmnAwQABWmrAwQABWmtAwQABWnNAwQABWnVAwQABWnZMA0GCSqGSIb3DQEBCwUA
A4IBAQBLG9AXT0hjSwMleqWQaYsALrut6F5wvpuEZy4x/mDuRrSJ2/sd7ZK297c/
0LenfK9tJ9USSHnql4+H15BGX8smnb1YKFaqcDV2aVSqShaQegjXRd/+St7oc3v7
tNcw8s6PVfgZI70obQNZxedbctXtp40gmiO3iuSq05RFJEO14pRL73RyzCJYhP6M
6I4LVyqvNBMj9KkjdG/W5u5YXrtJdR+dhO2HGpr2DlrihO54mb3tCa0NQOtSoG+t
VB/Jy+FswGqp9bSfSg8G5l8OB0qbCPUL/2zFDxMAiUjgswWgZRO+Q/8Dp0jCBgas
STwTSIjv0cpcT7uy1eA5xeQvaV02
-----END CERTIFICATE-----
Generated at Tue Aug 1 11:45:14 2023 by rpki-client on console-ams.rpki-client.org