Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ilXNurYrGHNRgBJBAwgVxvMYN4A.roa
File: ilXNurYrGHNRgBJBAwgVxvMYN4A.roa (raw, json)
Hash identifier: ifUBXNSdVnaiOeGEUyDXS9rq/l3/alwZGBsAghKH74s=
Subject key identifier: 8A:55:CD:BA:B6:2B:18:73:51:80:12:41:03:08:15:C6:F3:18:37:80
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01894A5462D2BF8E36BF12850422DD0070E4
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ilXNurYrGHNRgBJBAwgVxvMYN4A.roa
Signing time: Wed 12 Jul 2023 13:39:51 +0000
ROA not before: Wed 12 Jul 2023 13:39:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 5.105.123.0/24 maxlen: 24
5.105.122.0/24 maxlen: 24
5.105.15.0/24 maxlen: 24
5.105.26.0/24 maxlen: 24
5.105.253.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4a:54:62:d2:bf:8e:36:bf:12:85:04:22:dd:00:70:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 12 13:39:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a55cdbab62b187351801241030815c6f3183780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:da:24:8a:9f:5e:7a:54:7f:dd:b4:4c:c3:78:
cf:df:71:12:46:d9:f5:aa:f6:13:8c:8b:c7:60:24:
a4:73:85:1f:ae:da:6a:54:da:6d:8c:f8:b1:97:ac:
19:df:80:c4:61:ed:e9:4e:7f:fe:43:47:8b:64:ce:
17:63:9f:3a:6a:d9:08:de:fd:db:da:52:6c:89:c9:
d3:9c:18:36:09:1b:e2:42:ab:81:57:57:36:e7:34:
be:d5:6a:71:5b:09:79:fd:e1:c9:62:1b:59:4a:c4:
cf:7b:9e:6d:36:27:6c:2a:02:1b:72:9e:ee:5d:b0:
8a:20:e1:52:37:eb:e7:9c:62:3f:c7:a4:4d:f5:fe:
1f:63:ce:60:8f:35:15:1d:22:8f:06:18:76:73:e3:
7b:02:ae:5f:d1:41:52:3b:48:70:09:6e:ed:23:6a:
16:27:0d:35:63:a4:15:5a:e7:a6:b9:bf:b4:8d:b7:
f6:f1:e0:f0:5c:fc:4e:66:24:9c:02:d9:66:a3:a8:
15:89:cf:d7:46:c7:fe:ae:88:20:3e:3d:ef:03:af:
9c:7a:72:e6:37:52:d6:c1:d1:e8:b7:de:c4:d5:07:
99:b0:7a:a7:0c:43:7b:12:df:20:95:16:de:d6:2e:
f2:ae:aa:ff:ed:fa:0c:c1:eb:e0:f2:dd:8f:ce:14:
8c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:55:CD:BA:B6:2B:18:73:51:80:12:41:03:08:15:C6:F3:18:37:80
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ilXNurYrGHNRgBJBAwgVxvMYN4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.2.0/24
5.105.15.0/24
5.105.26.0/24
5.105.32.0/24
5.105.122.0/23
5.105.253.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:83:69:bd:a4:9e:7c:ec:cc:ba:6b:30:e4:16:e8:35:31:70:
5d:1a:22:10:7e:2e:cb:b3:8d:b6:e1:8f:6c:87:b5:06:30:31:
d4:57:90:45:9d:e5:22:23:44:6d:ce:66:7d:c6:1e:fb:2a:be:
7b:74:cb:bb:c7:83:27:25:4a:71:04:aa:e5:16:36:8d:10:d6:
bd:95:c0:79:3c:02:d6:34:de:88:bf:25:75:db:50:08:71:01:
0c:aa:f4:04:f3:0c:3d:c6:56:6e:9f:4e:d2:cc:5a:fc:e3:72:
68:04:db:f2:13:e8:10:d8:87:64:00:ec:d4:52:22:9f:55:25:
b7:40:c9:48:7c:05:b6:46:73:53:f3:18:ad:d7:f6:24:19:8a:
ec:4f:80:f3:6e:cd:f1:4e:02:5a:01:51:ee:66:cd:44:61:b0:
e7:c7:3e:45:94:07:55:b3:b6:6d:6f:13:18:56:1e:e3:60:7f:
67:fc:77:7d:e5:17:2f:d6:2a:2b:eb:06:ac:5c:c6:33:49:90:
2f:a1:e8:2e:33:03:a9:6d:c4:f1:8c:d8:f3:0a:1f:43:91:d6:
2f:f4:ea:5f:50:56:d1:cd:d5:ad:16:ec:8b:2a:eb:b7:1a:da:
ec:aa:32:7a:a4:af:33:01:64:39:ee:7a:94:80:1a:c7:15:45:
44:22:7a:64
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYlKVGLSv442vxKFBCLdAHDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzEyMTMzOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTU1Y2RiYWI2MmIxODczNTE4MDEyNDEwMzA4MTVjNmYzMTgzNzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9okip9eelR/3bRMw3jP33ESRtn1
qvYTjIvHYCSkc4UfrtpqVNptjPixl6wZ34DEYe3pTn/+Q0eLZM4XY586atkI3v3b
2lJsicnTnBg2CRviQquBV1c25zS+1WpxWwl5/eHJYhtZSsTPe55tNidsKgIbcp7u
XbCKIOFSN+vnnGI/x6RN9f4fY85gjzUVHSKPBhh2c+N7Aq5f0UFSO0hwCW7tI2oW
Jw01Y6QVWuemub+0jbf28eDwXPxOZiScAtlmo6gVic/XRsf+roggPj3vA6+cenLm
N1LWwdHot97E1QeZsHqnDEN7Et8glRbe1i7yrqr/7foMwevg8t2PzhSMYQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIpVzbq2KxhzUYASQQMIFcbzGDeAMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvaWxYTnVyWXJHSE5SZ0JKQkF3Z1Z4dk1ZTjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABWkCAwQA
BWkPAwQABWkaAwQABWkgAwQBBWl6AwQABWn9MA0GCSqGSIb3DQEBCwUAA4IBAQC3
g2m9pJ587My6azDkFug1MXBdGiIQfi7Ls4224Y9sh7UGMDHUV5BFneUiI0RtzmZ9
xh77Kr57dMu7x4MnJUpxBKrlFjaNENa9lcB5PALWNN6IvyV121AIcQEMqvQE8ww9
xlZun07SzFr843JoBNvyE+gQ2IdkAOzUUiKfVSW3QMlIfAW2RnNT8xit1/YkGYrs
T4Dzbs3xTgJaAVHuZs1EYbDnxz5FlAdVs7ZtbxMYVh7jYH9n/Hd95Rcv1ior6was
XMYzSZAvoeguMwOpbcTxjNjzCh9DkdYv9OpfUFbRzdWtFuyLKuu3GtrsqjJ6pK8z
AWQ57nqUgBrHFUVEInpk
-----END CERTIFICATE-----
Generated at Fri Jul 28 09:06:59 2023 by rpki-client on console-fra.rpki-client.org