Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/laNPpcIZeJm3l2LYiKzneoDef_k.roa
File: laNPpcIZeJm3l2LYiKzneoDef_k.roa (raw, json)
Hash identifier: 8kZe9O16xeAGHurGZ+0Sjna6NM9kiWwMK87RWTdklI4=
Subject key identifier: 95:A3:4F:A5:C2:19:78:99:B7:97:62:D8:88:AC:E7:7A:80:DE:7F:F9
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0187C1AB0112E55DA47E8C3298176118D029
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/laNPpcIZeJm3l2LYiKzneoDef_k.roa
Signing time: Thu 27 Apr 2023 07:43:42 +0000
ROA not before: Thu 27 Apr 2023 07:43:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 5.105.36.0/24 maxlen: 24
5.105.37.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c1:ab:01:12:e5:5d:a4:7e:8c:32:98:17:61:18:d0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Apr 27 07:43:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95a34fa5c2197899b79762d888ace77a80de7ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:47:39:d4:58:8c:6d:63:e5:4a:ce:c8:b0:de:
2b:27:2f:58:a9:02:ac:9b:f2:d6:34:7d:60:6c:f6:
08:1c:13:24:ae:2d:8d:1e:8d:43:58:96:4c:c8:4b:
22:e5:07:c6:e2:fb:61:cb:40:ef:ca:72:15:8b:cd:
88:39:0e:d7:85:36:39:4d:9b:4b:e7:33:4a:c5:dd:
2f:7f:82:dc:4c:4b:df:0c:11:b7:44:73:7e:54:f7:
39:7d:f4:e7:e2:25:bc:30:62:92:d6:02:20:cc:fb:
f9:bd:ba:8c:c5:22:1f:25:25:68:99:93:5a:83:f7:
bb:1e:f2:4a:ca:5e:99:98:80:5f:27:7e:1d:54:2f:
a6:9d:d3:7b:ea:cb:39:2e:be:94:f3:28:fd:1e:b8:
73:db:14:37:a7:db:ca:d6:ad:41:80:fb:98:39:78:
87:d7:b2:b1:48:3b:ff:75:eb:0c:07:be:7d:5d:4b:
d5:08:7e:72:57:c5:71:4c:9a:b0:06:38:7d:1c:6c:
84:e7:b9:e8:3c:ff:0a:29:0c:12:85:08:c6:d8:95:
05:24:a7:a4:9a:ce:dc:07:c5:32:af:b2:46:00:b7:
45:3f:ad:fe:46:b3:ab:63:80:f9:8f:36:7c:bf:4a:
45:d4:c9:53:2d:85:19:8e:2d:de:16:4f:f3:bf:d5:
d8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A3:4F:A5:C2:19:78:99:B7:97:62:D8:88:AC:E7:7A:80:DE:7F:F9
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/laNPpcIZeJm3l2LYiKzneoDef_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.32.0/24
5.105.36.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:3d:62:24:6f:8b:e0:5c:0a:37:9d:20:dc:69:20:a0:a6:48:
0a:86:e9:58:6f:be:8a:56:4b:ca:45:fb:30:00:d7:98:d5:13:
90:97:0f:dc:c7:f2:40:f8:2f:fd:f7:03:ae:98:d7:5a:f3:c4:
35:b2:32:d5:0e:81:b2:52:30:e5:bb:21:48:06:19:f8:a8:88:
f7:1a:a9:43:ce:ba:34:54:14:17:0e:71:30:09:ea:e1:16:20:
8c:b5:6d:84:ba:33:2d:3f:71:1d:71:cf:9e:60:31:41:1f:42:
e7:87:22:24:52:70:b2:e8:76:ab:1f:26:34:7b:70:48:53:ce:
5a:2c:98:aa:ae:65:1b:54:4e:86:be:4e:b0:d0:2f:fe:fe:1e:
c6:c6:03:f9:47:4e:3f:e4:a4:5c:5a:d9:5d:e8:56:11:3f:51:
bf:1b:da:b9:dd:49:aa:3b:49:84:11:da:5d:12:50:60:65:2f:
8c:21:fe:49:60:37:ef:cd:61:0b:e5:8a:3d:f3:09:a0:5b:ef:
99:6e:29:c7:86:64:e3:52:21:e5:f7:c3:3c:3f:f7:59:9f:44:
0e:27:b4:96:d1:1f:25:6b:6a:42:dc:e0:ca:51:35:22:ef:d1:
99:6e:e8:cf:f3:57:49:a9:c9:ef:5b:ba:e2:d1:03:da:b0:52:
87:f8:59:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfBqwES5V2kfowymBdhGNApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNDI3MDc0MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWEzNGZhNWMyMTk3ODk5Yjc5NzYyZDg4OGFjZTc3YTgwZGU3ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUc51FiMbWPlSs7IsN4rJy9YqQKs
m/LWNH1gbPYIHBMkri2NHo1DWJZMyEsi5QfG4vthy0DvynIVi82IOQ7XhTY5TZtL
5zNKxd0vf4LcTEvfDBG3RHN+VPc5ffTn4iW8MGKS1gIgzPv5vbqMxSIfJSVomZNa
g/e7HvJKyl6ZmIBfJ34dVC+mndN76ss5Lr6U8yj9Hrhz2xQ3p9vK1q1BgPuYOXiH
17KxSDv/desMB759XUvVCH5yV8VxTJqwBjh9HGyE57noPP8KKQwShQjG2JUFJKek
ms7cB8Uyr7JGALdFP63+RrOrY4D5jzZ8v0pF1MlTLYUZji3eFk/zv9XYbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJWjT6XCGXiZt5di2Iis53qA3n/5MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvbGFOUHBjSVplSm0zbDJMWWlLem5lb0RlZl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWkgAwQB
BWkkMA0GCSqGSIb3DQEBCwUAA4IBAQDJPWIkb4vgXAo3nSDcaSCgpkgKhulYb76K
VkvKRfswANeY1ROQlw/cx/JA+C/99wOumNda88Q1sjLVDoGyUjDluyFIBhn4qIj3
GqlDzro0VBQXDnEwCerhFiCMtW2EujMtP3Edcc+eYDFBH0LnhyIkUnCy6HarHyY0
e3BIU85aLJiqrmUbVE6Gvk6w0C/+/h7GxgP5R04/5KRcWtld6FYRP1G/G9q53Umq
O0mEEdpdElBgZS+MIf5JYDfvzWEL5Yo98wmgW++ZbinHhmTjUiHl98M8P/dZn0QO
J7SW0R8la2pC3ODKUTUi79GZbujP81dJqcnvW7ri0QPasFKH+FmQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:01 2023 by rpki-client on console-ams.rpki-client.org