Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/mpzzDIO7jsC5oscEfJYNYtZRVK0.roa
File: mpzzDIO7jsC5oscEfJYNYtZRVK0.roa (raw, json)
Hash identifier: D5lQ+MDD4pCF2EPPClj0MPvSRC44ZhO7Bfbu+x2Z33U=
Subject key identifier: 9A:9C:F3:0C:83:BB:8E:C0:B9:A2:C7:04:7C:96:0D:62:D6:51:54:AD
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01878407E1EF4EF16B7E90F49F55798AC476
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/mpzzDIO7jsC5oscEfJYNYtZRVK0.roa
Signing time: Sat 15 Apr 2023 08:28:41 +0000
ROA not before: Sat 15 Apr 2023 08:28:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46573
IP address blocks: 5.105.125.0/24 maxlen: 24
5.105.229.0/24 maxlen: 24
5.105.28.0/24 maxlen: 24
5.105.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 08:24:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:84:07:e1:ef:4e:f1:6b:7e:90:f4:9f:55:79:8a:c4:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Apr 15 08:28:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a9cf30c83bb8ec0b9a2c7047c960d62d65154ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1c:c0:b2:76:4b:83:a1:3b:36:33:c6:1f:1b:
a4:a6:ea:eb:6b:ef:7e:25:fd:3c:ec:14:7e:2c:7a:
5b:fa:6f:53:49:e9:75:0c:91:10:c0:46:15:81:c9:
32:eb:4a:72:00:8b:39:97:c5:75:90:8d:26:36:cf:
6b:c8:48:b7:fb:d7:70:5e:53:0d:70:f8:d2:17:9f:
60:d7:ab:ca:ff:11:16:e7:79:8e:3c:16:66:92:6d:
51:00:eb:9c:04:5b:47:9f:48:c9:cb:89:ee:11:53:
96:9d:95:d7:4d:c7:4b:c8:05:e3:d2:79:35:34:4d:
e6:10:a3:02:b2:a7:72:16:10:af:3a:d0:44:32:94:
fa:5d:72:2f:02:b8:85:01:98:8f:8c:fc:5f:35:0d:
10:34:be:48:26:6d:0d:90:28:1d:bf:2d:c0:bf:23:
56:a8:5c:ff:b0:2b:40:0e:41:e4:94:16:3d:b6:58:
16:a0:b2:76:a1:f7:c5:68:e4:7e:9a:a1:c5:cb:7b:
72:3d:95:6f:6d:0e:06:0d:f9:a5:4e:f4:63:69:27:
3a:24:16:c6:80:a8:61:92:f0:78:cc:a1:68:0e:ba:
e3:1e:69:d9:30:0e:f6:12:f0:26:a3:a9:5b:0d:1a:
42:09:99:c8:a0:91:48:98:09:d4:e2:18:5b:92:e9:
90:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9C:F3:0C:83:BB:8E:C0:B9:A2:C7:04:7C:96:0D:62:D6:51:54:AD
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/mpzzDIO7jsC5oscEfJYNYtZRVK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.28.0/24
5.105.77.0/24
5.105.125.0/24
5.105.229.0/24
Signature Algorithm: sha256WithRSAEncryption
07:26:4b:1e:13:5b:f0:bb:36:22:2a:bf:e0:b1:79:29:8f:95:
2f:3e:5a:28:67:cb:b3:78:b7:b4:ce:d4:8a:79:9c:99:e4:fd:
08:7e:6d:9c:5b:bb:a2:4f:33:f0:5d:d5:97:c7:de:d8:ba:de:
13:98:c4:30:a7:c3:eb:5a:60:d0:93:fe:a7:0b:9f:83:a8:83:
25:ce:00:66:5e:7a:46:72:01:aa:17:fa:73:fd:de:68:81:03:
3c:31:60:90:87:8b:07:c6:cb:fd:97:77:3f:53:fe:64:dd:d1:
ee:00:1e:1e:dc:27:71:5c:ed:80:c4:e2:7a:8f:44:56:c5:7c:
93:22:45:e3:c2:da:3c:cb:7f:68:f2:57:ad:14:cc:5b:e3:70:
53:79:59:14:a6:59:20:78:19:d3:16:eb:08:3d:60:0e:39:65:
f6:26:5d:d5:75:18:ea:0e:19:1c:78:a4:24:7b:6e:bd:82:88:
73:df:9f:27:d4:1c:81:60:e3:47:aa:57:d6:33:27:98:52:3b:
d1:b9:89:00:fb:fa:4c:bb:63:9b:33:e9:d6:14:30:5d:d0:24:
82:af:0f:98:3c:4c:18:db:7e:9e:f0:c0:01:4e:8f:93:fc:1c:
75:0c:8c:d9:63:25:c8:da:60:e2:0a:eb:55:13:de:f9:79:00:
d7:82:fd:4c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYeEB+HvTvFrfpD0n1V5isR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNDE1MDgyODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTljZjMwYzgzYmI4ZWMwYjlhMmM3MDQ3Yzk2MGQ2MmQ2NTE1NGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBzAsnZLg6E7NjPGHxukpurra+9+
Jf087BR+LHpb+m9TSel1DJEQwEYVgcky60pyAIs5l8V1kI0mNs9ryEi3+9dwXlMN
cPjSF59g16vK/xEW53mOPBZmkm1RAOucBFtHn0jJy4nuEVOWnZXXTcdLyAXj0nk1
NE3mEKMCsqdyFhCvOtBEMpT6XXIvAriFAZiPjPxfNQ0QNL5IJm0NkCgdvy3AvyNW
qFz/sCtADkHklBY9tlgWoLJ2offFaOR+mqHFy3tyPZVvbQ4GDfmlTvRjaSc6JBbG
gKhhkvB4zKFoDrrjHmnZMA72EvAmo6lbDRpCCZnIoJFImAnU4hhbkumQ9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJqc8wyDu47AuaLHBHyWDWLWUVStMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvbXB6ekRJTzdqc0M1b3NjRWZKWU5ZdFpSVkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWkcAwQA
BWlNAwQABWl9AwQABWnlMA0GCSqGSIb3DQEBCwUAA4IBAQAHJkseE1vwuzYiKr/g
sXkpj5UvPlooZ8uzeLe0ztSKeZyZ5P0Ifm2cW7uiTzPwXdWXx97Yut4TmMQwp8Pr
WmDQk/6nC5+DqIMlzgBmXnpGcgGqF/pz/d5ogQM8MWCQh4sHxsv9l3c/U/5k3dHu
AB4e3CdxXO2AxOJ6j0RWxXyTIkXjwto8y39o8letFMxb43BTeVkUplkgeBnTFusI
PWAOOWX2Jl3VdRjqDhkceKQke269gohz358n1ByBYONHqlfWMyeYUjvRuYkA+/pM
u2ObM+nWFDBd0CSCrw+YPEwY236e8MABTo+T/Bx1DIzZYyXI2mDiCutVE975eQDX
gv1M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:29 2024 by rpki-client on console-fra.rpki-client.org