Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/pU9GDPX8ikdQ918xoT9U_nvU3UU.roa
File: pU9GDPX8ikdQ918xoT9U_nvU3UU.roa (raw, json)
Hash identifier: lX/5hj6QLAQmFw95WS+uLyeP6NKlLDYqyKmyYSsyUBE=
Subject key identifier: A5:4F:46:0C:F5:FC:8A:47:50:F7:5F:31:A1:3F:54:FE:7B:D4:DD:45
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0187A59ADB2A5ACFF3C5215CCD2D909CD3FD
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/pU9GDPX8ikdQ918xoT9U_nvU3UU.roa
Signing time: Fri 21 Apr 2023 20:56:41 +0000
ROA not before: Fri 21 Apr 2023 20:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 5.105.22.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a5:9a:db:2a:5a:cf:f3:c5:21:5c:cd:2d:90:9c:d3:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Apr 21 20:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a54f460cf5fc8a4750f75f31a13f54fe7bd4dd45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:73:3d:78:70:9f:66:dd:81:35:63:16:d1:b3:
8b:dd:d4:34:b7:3a:f4:34:ee:6f:32:21:18:8d:8e:
ec:5d:0c:4c:0b:4f:65:8a:eb:01:33:c2:75:4a:fa:
4c:e6:66:6b:4a:c0:ce:8d:f0:1f:68:0e:81:d0:a4:
ff:11:db:a7:8b:b6:de:53:51:ca:40:40:55:2e:29:
bf:32:8a:2b:c3:bb:f1:8c:df:d7:6a:59:ae:c6:a6:
e8:e4:d9:59:6d:3b:b6:ef:5c:ac:de:53:dc:0e:1f:
71:ce:0c:d7:d3:0b:21:f8:49:83:dc:ed:94:c2:4d:
56:5e:af:81:ae:7b:07:08:99:f4:1a:c7:20:72:b2:
ff:9e:13:2c:67:91:fb:53:4b:0d:15:7e:ec:2c:c4:
c4:28:b0:95:21:e0:99:24:8a:43:1f:2d:59:5d:28:
d8:93:83:14:f2:ac:c8:ed:99:34:7c:eb:45:14:61:
90:2f:da:65:83:95:9b:f0:06:62:09:41:c1:1c:b4:
79:7d:e8:d3:6c:4e:33:05:88:c7:30:3b:e6:7f:77:
a7:5b:95:89:b2:f0:e6:b9:01:a4:ba:61:de:7e:03:
34:ca:72:63:ba:7c:33:85:d4:ae:50:f6:89:12:0d:
0c:14:5e:1c:a8:ee:0c:53:57:da:38:15:22:6b:c5:
75:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4F:46:0C:F5:FC:8A:47:50:F7:5F:31:A1:3F:54:FE:7B:D4:DD:45
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/pU9GDPX8ikdQ918xoT9U_nvU3UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.21.0-5.105.22.255
Signature Algorithm: sha256WithRSAEncryption
67:17:63:fe:84:59:86:81:ae:52:67:e9:43:ce:22:96:d7:e9:
fb:2a:ca:0b:ca:ff:e9:8a:10:04:88:53:e8:81:c8:a6:ab:13:
d9:d2:34:cb:b3:d6:c1:ce:2c:46:f6:b7:d7:12:98:c1:1e:e5:
d5:68:fd:e3:af:6c:13:8e:55:28:1f:5d:f8:81:04:39:a1:af:
5c:e0:22:2f:d2:80:76:a7:4c:2c:64:eb:ee:99:3e:55:89:8f:
d6:65:20:89:37:2f:55:60:45:a0:3d:5b:e5:78:f0:b3:9e:a1:
e9:e7:3f:c0:07:6d:db:c6:4d:85:68:95:bf:50:dc:22:86:e9:
46:b1:4d:fc:89:9d:44:c2:53:bf:b5:91:ea:10:f0:83:20:2a:
89:64:f1:50:1a:0e:5e:f7:94:8e:66:c9:e5:ea:6f:01:cb:a1:
cb:74:a3:0b:1b:bb:7d:fd:84:df:91:10:d8:19:ef:a0:45:d5:
e6:85:16:b9:f7:20:5f:9e:b6:fc:f4:62:38:97:58:0a:f5:91:
d9:21:10:6f:4c:8b:34:44:e4:46:a5:79:5c:5a:ab:33:dc:8c:
04:7d:6d:2b:e2:fc:ca:50:72:d8:3c:f6:da:f3:42:f8:4e:de:
2c:4e:36:c4:0d:98:6a:c7:d2:ad:16:e1:ff:2f:15:46:ff:b6:
04:54:ed:37
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYelmtsqWs/zxSFczS2QnNP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNDIxMjA1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTRmNDYwY2Y1ZmM4YTQ3NTBmNzVmMzFhMTNmNTRmZTdiZDRkZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHM9eHCfZt2BNWMW0bOL3dQ0tzr0
NO5vMiEYjY7sXQxMC09liusBM8J1SvpM5mZrSsDOjfAfaA6B0KT/Eduni7beU1HK
QEBVLim/Moorw7vxjN/Xalmuxqbo5NlZbTu271ys3lPcDh9xzgzX0wsh+EmD3O2U
wk1WXq+BrnsHCJn0GscgcrL/nhMsZ5H7U0sNFX7sLMTEKLCVIeCZJIpDHy1ZXSjY
k4MU8qzI7Zk0fOtFFGGQL9plg5Wb8AZiCUHBHLR5fejTbE4zBYjHMDvmf3enW5WJ
svDmuQGkumHefgM0ynJjunwzhdSuUPaJEg0MFF4cqO4MU1faOBUia8V1uQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKVPRgz1/IpHUPdfMaE/VP571N1FMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvcFU5R0RQWDhpa2RROTE4eG9UOVVfbnZVM1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAFaRUD
BAAFaRYwDQYJKoZIhvcNAQELBQADggEBAGcXY/6EWYaBrlJn6UPOIpbX6fsqygvK
/+mKEASIU+iByKarE9nSNMuz1sHOLEb2t9cSmMEe5dVo/eOvbBOOVSgfXfiBBDmh
r1zgIi/SgHanTCxk6+6ZPlWJj9ZlIIk3L1VgRaA9W+V48LOeoennP8AHbdvGTYVo
lb9Q3CKG6UaxTfyJnUTCU7+1keoQ8IMgKolk8VAaDl73lI5myeXqbwHLoct0owsb
u339hN+RENgZ76BF1eaFFrn3IF+etvz0YjiXWAr1kdkhEG9MizRE5EaleVxaqzPc
jAR9bSvi/MpQctg89trzQvhO3ixONsQNmGrH0q0W4f8vFUb/tgRU7Tc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-fra.rpki-client.org