Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/g0PR75h7411-QpmreoY8LdmiQQM.roa
File: g0PR75h7411-QpmreoY8LdmiQQM.roa (raw, json)
Hash identifier: 6hZ1LXWR4w+eogwuIC9K3V4KzS4PdeZMwvzcs0x51F0=
Subject key identifier: 83:43:D1:EF:98:7B:E3:5D:7E:42:99:AB:7A:86:3C:2D:D9:A2:41:03
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0188BE30B9D66F521AEE9E00731D7714C729
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/g0PR75h7411-QpmreoY8LdmiQQM.roa
Signing time: Thu 15 Jun 2023 08:34:04 +0000
ROA not before: Thu 15 Jun 2023 08:34:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 5.105.24.0/24 maxlen: 24
5.105.25.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.50.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.168.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 14:18:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:30:b9:d6:6f:52:1a:ee:9e:00:73:1d:77:14:c7:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 15 08:34:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8343d1ef987be35d7e4299ab7a863c2dd9a24103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8f:1d:71:2a:74:dd:f3:cb:e5:95:25:23:ae:
64:80:c8:d6:3a:ca:f5:82:e9:e6:ae:51:19:3a:f5:
3f:d7:5a:d0:d6:f2:6e:42:bf:4b:f9:67:07:13:af:
57:6e:64:cc:8b:ba:f2:b7:a1:84:3c:3b:c6:da:1e:
7a:4a:11:d7:8a:11:71:69:90:17:fc:74:d4:11:a0:
49:f3:02:a3:ec:8e:47:d6:ce:a6:d2:6e:bb:15:3e:
8d:0e:d2:6f:a0:ed:55:a0:cd:97:d2:e4:a1:b3:c5:
64:6f:cc:0d:81:b3:7b:14:05:c1:be:bc:e4:22:79:
37:75:06:f1:f9:bb:ca:c0:f5:04:b8:60:25:15:7f:
2c:83:37:67:f4:67:32:a6:81:2f:9d:e2:e3:ae:ca:
0e:79:f2:c1:91:2d:7a:69:59:ed:29:ed:96:67:86:
85:6d:b0:40:47:b0:51:1c:e2:08:4b:3c:ac:4c:93:
c1:f9:c7:2d:93:9a:52:b0:5b:7b:76:a1:d1:2e:4b:
5e:25:02:af:ed:b2:54:86:09:94:fb:49:2d:7d:cc:
a4:21:3a:1f:3c:04:a4:2e:e3:4e:08:5a:b6:c0:0c:
42:8f:27:e9:0b:97:85:71:d7:43:32:2d:b7:f2:9c:
00:42:fa:14:0b:5f:e6:b3:45:5c:ea:33:d9:88:16:
09:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:43:D1:EF:98:7B:E3:5D:7E:42:99:AB:7A:86:3C:2D:D9:A2:41:03
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/g0PR75h7411-QpmreoY8LdmiQQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.24.0/23
5.105.33.0/24
5.105.40.0/24
5.105.43.0/24
5.105.50.0/24
5.105.57.0/24
5.105.81.0/24
5.105.96.0/24
5.105.168.0/24
5.105.184.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:7b:70:2a:e7:f8:7f:64:06:cc:30:ba:f8:90:e2:d3:88:6e:
5b:82:61:7f:2b:56:af:bb:7a:18:f7:02:e9:05:0f:64:b6:bc:
36:8e:6a:6f:d5:f6:84:21:fb:6d:ba:8c:e1:51:fb:b7:a7:42:
c4:14:98:00:cc:95:a1:f1:f4:ec:4e:be:5d:9c:39:15:32:d7:
c2:4d:49:17:89:a6:c9:e9:fd:f7:4c:d7:ec:71:e3:dc:0b:d1:
11:be:42:5e:a1:8c:ea:2c:52:2d:0a:7e:9c:03:01:d1:c1:ac:
9b:27:7e:a8:6b:1e:3b:3f:75:0b:a3:fd:46:9d:d9:46:10:97:
fd:bb:34:a1:3c:8c:bb:81:86:1e:29:de:70:32:1e:4b:48:d6:
65:d6:cb:78:26:ff:cc:f4:49:38:58:b6:14:a9:8a:33:69:6a:
ce:2c:0a:4a:19:3b:93:9c:1d:d4:e8:e5:03:27:41:d8:f1:ef:
85:03:48:10:13:b6:42:b3:da:4d:dd:78:eb:91:1e:ea:95:42:
4a:04:49:aa:6a:04:11:81:03:82:9c:98:0c:dc:f4:d5:86:84:
e1:a0:94:03:9c:42:df:2b:90:c9:eb:f4:95:5e:9a:f5:b3:26:
8b:12:56:f4:cb:76:42:a6:39:18:99:cd:12:b6:cf:5f:c7:42:
4f:c5:95:24
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYi+MLnWb1Ia7p4Acx13FMcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjE1MDgzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQzZDFlZjk4N2JlMzVkN2U0Mjk5YWI3YTg2M2MyZGQ5YTI0MTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko8dcSp03fPL5ZUlI65kgMjWOsr1
gunmrlEZOvU/11rQ1vJuQr9L+WcHE69XbmTMi7ryt6GEPDvG2h56ShHXihFxaZAX
/HTUEaBJ8wKj7I5H1s6m0m67FT6NDtJvoO1VoM2X0uShs8Vkb8wNgbN7FAXBvrzk
Ink3dQbx+bvKwPUEuGAlFX8sgzdn9GcypoEvneLjrsoOefLBkS16aVntKe2WZ4aF
bbBAR7BRHOIISzysTJPB+cctk5pSsFt7dqHRLkteJQKv7bJUhgmU+0ktfcykITof
PASkLuNOCFq2wAxCjyfpC5eFcddDMi238pwAQvoUC1/ms0Vc6jPZiBYJiQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIND0e+Ye+NdfkKZq3qGPC3ZokEDMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZzBQUjc1aDc0MTEtUXBtcmVvWThMZG1pUVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBBWkYAwQA
BWkhAwQABWkoAwQABWkrAwQABWkyAwQABWk5AwQABWlRAwQABWlgAwQABWmoAwQA
BWm4MA0GCSqGSIb3DQEBCwUAA4IBAQB8e3Aq5/h/ZAbMMLr4kOLTiG5bgmF/K1av
u3oY9wLpBQ9ktrw2jmpv1faEIfttuozhUfu3p0LEFJgAzJWh8fTsTr5dnDkVMtfC
TUkXiabJ6f33TNfscePcC9ERvkJeoYzqLFItCn6cAwHRwaybJ36oax47P3ULo/1G
ndlGEJf9uzShPIy7gYYeKd5wMh5LSNZl1st4Jv/M9Ek4WLYUqYozaWrOLApKGTuT
nB3U6OUDJ0HY8e+FA0gQE7ZCs9pN3XjrkR7qlUJKBEmqagQRgQOCnJgM3PTVhoTh
oJQDnELfK5DJ6/SVXpr1syaLElb0y3ZCpjkYmc0Sts9fx0JPxZUk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:28 2024 by rpki-client on console-fra.rpki-client.org