Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/mO-Bb-I6zGopnKWIgaR9BGtseX4.roa
File: mO-Bb-I6zGopnKWIgaR9BGtseX4.roa (raw, json)
Hash identifier: uYHCJDRoo/BOXN7NBBWhWYHcj8c2nylPexHMy8h1e8A=
Subject key identifier: 98:EF:81:6F:E2:3A:CC:6A:29:9C:A5:88:81:A4:7D:04:6B:6C:79:7E
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189B558BCD260BC71ACE4CE36D1C0872E52
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/mO-Bb-I6zGopnKWIgaR9BGtseX4.roa
Signing time: Wed 02 Aug 2023 08:23:58 +0000
ROA not before: Wed 02 Aug 2023 08:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 5.105.122.0/24 maxlen: 24
5.105.131.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.136.0/24 maxlen: 24
5.105.134.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.165.0/24 maxlen: 24
5.105.164.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.169.0/24 maxlen: 24
5.105.101.0/24 maxlen: 24
5.105.111.0/24 maxlen: 24
5.105.117.0/24 maxlen: 24
5.105.228.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.247.0/24 maxlen: 24
193.46.210.0/24 maxlen: 24
5.105.209.0/24 maxlen: 24
5.105.15.0/24 maxlen: 24
5.105.14.0/24 maxlen: 24
5.105.13.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
5.105.23.0/24 maxlen: 24
5.105.18.0/24 maxlen: 24
5.105.26.0/24 maxlen: 24
5.105.30.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.44.0/24 maxlen: 24
5.105.50.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.63.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:58:bc:d2:60:bc:71:ac:e4:ce:36:d1:c0:87:2e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 2 08:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98ef816fe23acc6a299ca58881a47d046b6c797e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b4:fd:04:26:41:ed:6c:1c:ac:07:93:fa:7e:
e6:88:5a:82:39:03:bc:29:91:20:cd:80:df:df:7f:
fa:3d:4a:aa:92:b4:d6:ce:f5:87:d9:fc:9d:0c:69:
95:e8:3f:7e:ce:90:e6:de:97:f6:17:15:e4:50:a6:
a8:b4:3b:86:ca:e8:fc:f5:fc:91:e0:62:d3:61:10:
d2:ed:23:e6:a0:28:a7:fe:8f:7c:e1:02:cd:df:50:
ef:8f:d0:13:4a:a5:b7:4c:84:d0:ca:e6:02:e6:6e:
ed:78:4b:b9:0c:20:29:68:42:fc:83:f9:54:e1:2e:
fa:5e:bd:09:51:a5:5f:57:e5:d7:f0:52:52:42:5f:
26:39:47:88:cb:7f:8d:39:8f:2f:83:bb:8b:10:78:
8e:79:39:45:51:7f:2a:7c:8e:75:13:5d:ac:ed:f5:
29:68:19:1a:2b:b8:ac:da:8d:1c:d4:da:a7:9b:82:
20:d5:65:ad:e2:b3:2b:1c:81:18:d6:ca:c4:61:85:
d9:ce:ed:a2:e3:cc:24:5c:f6:21:35:4c:d4:ab:2e:
65:07:15:f7:f2:a7:e1:f5:ba:b4:73:25:66:18:90:
8b:72:f3:3e:13:a1:ab:33:99:a3:6a:d2:3d:80:3e:
cb:81:b5:34:35:78:c4:1a:34:8c:8a:dc:3d:83:03:
0b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EF:81:6F:E2:3A:CC:6A:29:9C:A5:88:81:A4:7D:04:6B:6C:79:7E
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/mO-Bb-I6zGopnKWIgaR9BGtseX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.2.0/24
5.105.13.0-5.105.15.255
5.105.18.0/24
5.105.21.0/24
5.105.23.0/24
5.105.26.0/24
5.105.30.0/24
5.105.32.0/23
5.105.40.0/24
5.105.44.0/24
5.105.50.0/24
5.105.57.0/24
5.105.63.0/24
5.105.101.0/24
5.105.111.0/24
5.105.117.0/24
5.105.122.0/24
5.105.127.0/24
5.105.131.0/24
5.105.134.0/24
5.105.136.0/24
5.105.157.0/24
5.105.162.0/24
5.105.164.0/23
5.105.169.0/24
5.105.209.0/24
5.105.228.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.247.0/24
5.105.249.0/24
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:16:8f:b8:4f:9a:02:8e:7d:9a:f8:8a:3f:fc:40:7d:01:12:
8d:a3:5c:12:ce:ae:b6:38:3d:9d:33:6a:60:c1:02:7a:4e:91:
e8:b0:35:66:de:53:74:e4:49:52:b1:ba:ab:9a:2c:f4:61:ec:
27:fa:27:5a:5b:bc:0f:ce:63:7c:cd:ea:67:f0:3a:da:67:f8:
6c:d9:72:5e:58:9a:32:81:1e:e6:aa:28:9a:0f:34:20:8c:c9:
17:ca:2e:21:c8:2a:98:1e:81:ed:bd:40:b0:d4:40:28:e2:4d:
c6:e3:14:de:c3:8e:d6:10:70:0a:9d:ce:87:89:b3:3b:65:b5:
0c:c1:47:5f:14:53:70:bb:3f:9e:c0:53:26:50:16:5c:9f:05:
46:61:ff:93:96:89:3f:ff:e5:9e:c7:e7:ae:62:ab:32:99:27:
b1:60:05:ef:38:e0:1d:23:17:6b:18:5a:2e:f6:64:cd:ce:9e:
01:4e:bf:84:f9:4b:e4:80:6d:47:7b:70:c0:01:02:2b:93:2a:
b6:5f:11:6d:fb:60:6a:97:29:b3:a7:f3:bf:68:cb:ff:6d:30:
28:b9:f0:fe:15:a5:25:8a:87:02:02:c6:27:69:c2:bb:e5:39:
e1:6d:dc:92:34:1e:d2:5e:97:cd:b4:e2:64:c4:99:f1:44:ea:
e4:a8:dd:31
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYm1WLzSYLxxrOTONtHAhy5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODAyMDgyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGVmODE2ZmUyM2FjYzZhMjk5Y2E1ODg4MWE0N2QwNDZiNmM3OTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bT9BCZB7WwcrAeT+n7miFqCOQO8
KZEgzYDf33/6PUqqkrTWzvWH2fydDGmV6D9+zpDm3pf2FxXkUKaotDuGyuj89fyR
4GLTYRDS7SPmoCin/o984QLN31Dvj9ATSqW3TITQyuYC5m7teEu5DCApaEL8g/lU
4S76Xr0JUaVfV+XX8FJSQl8mOUeIy3+NOY8vg7uLEHiOeTlFUX8qfI51E12s7fUp
aBkaK7is2o0c1Nqnm4Ig1WWt4rMrHIEY1srEYYXZzu2i48wkXPYhNUzUqy5lBxX3
8qfh9bq0cyVmGJCLcvM+E6GrM5mjatI9gD7LgbU0NXjEGjSMitw9gwML/wIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFJjvgW/iOsxqKZyliIGkfQRrbHl+MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvbU8tQmItSTZ6R29wbktXSWdhUjlCR3RzZVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAAF
aQIwDAMEAAVpDQMEBAVpAAMEAAVpEgMEAAVpFQMEAAVpFwMEAAVpGgMEAAVpHgME
AQVpIAMEAAVpKAMEAAVpLAMEAAVpMgMEAAVpOQMEAAVpPwMEAAVpZQMEAAVpbwME
AAVpdQMEAAVpegMEAAVpfwMEAAVpgwMEAAVphgMEAAVpiAMEAAVpnQMEAAVpogME
AQVppAMEAAVpqQMEAAVp0QMEAAVp5DAMAwQABWnvAwQABWnwAwQBBWn0AwQABWn3
AwQABWn5AwQABbSwAwQAwS7SMA0GCSqGSIb3DQEBCwUAA4IBAQAuFo+4T5oCjn2a
+Io//EB9ARKNo1wSzq62OD2dM2pgwQJ6TpHosDVm3lN05ElSsbqrmiz0Yewn+ida
W7wPzmN8zepn8DraZ/hs2XJeWJoygR7mqiiaDzQgjMkXyi4hyCqYHoHtvUCw1EAo
4k3G4xTew47WEHAKnc6HibM7ZbUMwUdfFFNwuz+ewFMmUBZcnwVGYf+Tlok//+We
x+euYqsymSexYAXvOOAdIxdrGFou9mTNzp4BTr+E+UvkgG1He3DAAQIrkyq2XxFt
+2Bqlymzp/O/aMv/bTAoufD+FaUliocCAsYnacK75TnhbdySNB7SXpfNtOJkxJnx
ROrkqN0x
-----END CERTIFICATE-----
Generated at Wed Aug 2 09:25:18 2023 by rpki-client on console-fra.rpki-client.org