Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/pVGr4VxFWneIYU46me76vOs9iL0.roa
File: pVGr4VxFWneIYU46me76vOs9iL0.roa (raw, json)
Hash identifier: pXsAqT4QUc7GmptThqOaLRS2pOCxvNSv+nyh2D0MyW4=
Subject key identifier: A5:51:AB:E1:5C:45:5A:77:88:61:4E:3A:99:EE:FA:BC:EB:3D:88:BD
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01863A839A9EED7CEFC9457526301E242AB9
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/pVGr4VxFWneIYU46me76vOs9iL0.roa
Signing time: Fri 10 Feb 2023 08:49:08 +0000
ROA not before: Fri 10 Feb 2023 08:49:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 5.105.24.0/24 maxlen: 24
5.105.25.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.65.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:83:9a:9e:ed:7c:ef:c9:45:75:26:30:1e:24:2a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 10 08:49:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a551abe15c455a7788614e3a99eefabceb3d88bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4f:42:3a:c1:25:41:33:97:1d:12:fa:f2:7e:
74:ee:9a:98:74:48:67:5f:9e:a2:91:7a:ad:e4:b7:
f7:99:64:b1:cc:96:4c:5b:24:7a:40:f0:c6:e0:e9:
79:f7:88:fb:d8:37:68:8e:58:43:80:92:51:fb:0f:
84:de:d2:fb:fb:27:c7:1e:aa:b8:75:25:a1:7a:e8:
c7:e8:75:c5:0c:9a:18:d7:30:02:07:f2:0c:2b:60:
2f:07:b8:6d:c6:b7:af:5f:b5:4d:fe:c4:18:fa:e9:
7b:b6:b9:9e:b5:78:7f:70:ef:af:64:f9:af:3b:d4:
ee:22:28:db:cb:c9:bc:2f:87:f6:50:4d:7e:42:09:
ce:3b:45:b0:57:07:31:d0:a0:81:3d:21:14:a8:a7:
16:f2:42:9e:ca:5d:7e:a8:46:b6:d4:9d:aa:8c:7d:
d7:e8:d6:29:07:8a:50:08:b2:ba:dc:91:b7:76:2f:
f9:9b:41:b9:9f:9d:40:01:c5:96:f1:06:9c:78:e0:
76:a9:b3:21:07:ef:5e:0f:5e:3e:87:f2:8a:53:e7:
6e:02:8e:32:7d:ac:bf:bc:e4:dc:8d:ab:8c:60:f8:
57:47:6c:67:f7:39:83:91:00:95:9f:a2:31:91:51:
19:be:a0:a5:bf:f5:39:4b:d8:2c:71:21:7e:43:ca:
24:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:51:AB:E1:5C:45:5A:77:88:61:4E:3A:99:EE:FA:BC:EB:3D:88:BD
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/pVGr4VxFWneIYU46me76vOs9iL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.24.0/23
5.105.33.0/24
5.105.40.0/24
5.105.43.0/24
5.105.57.0/24
5.105.65.0/24
5.105.81.0/24
Signature Algorithm: sha256WithRSAEncryption
43:3c:31:01:5a:20:6c:db:1c:bf:13:ae:97:5d:19:ff:57:08:
94:61:23:3b:ad:03:48:fa:23:96:51:4a:a9:ee:41:d7:45:db:
68:2e:41:ab:aa:f2:9f:8d:d0:09:8e:86:d7:9f:42:14:cb:09:
85:83:42:6b:0b:8f:83:dc:31:89:99:93:b3:4b:d5:12:32:26:
74:1e:07:a7:f2:ae:dc:3a:6b:4c:6d:7c:64:6d:3d:43:95:0c:
53:81:a7:50:dc:9a:1d:8c:32:ce:ff:54:3f:12:be:ef:41:9f:
98:84:6d:17:3c:55:38:97:c9:75:0d:28:a7:76:b2:8d:47:82:
3a:80:4a:18:eb:58:08:e6:9f:06:17:57:d4:43:3a:f2:78:df:
e2:b3:d0:57:4b:68:67:50:ad:93:e0:73:27:6b:b5:ec:2f:f4:
fe:20:f1:27:a4:85:04:18:3f:48:e9:ae:d6:48:c6:b1:a8:fc:
08:b5:48:dc:2a:ff:89:33:89:10:b9:e6:a7:2d:24:49:d9:4a:
60:ad:73:94:51:ec:74:26:9a:76:d1:e6:59:53:e7:e5:e3:ea:
eb:fc:27:c4:f8:36:0a:23:98:57:32:05:4d:51:3d:e2:1e:fc:
9d:e5:f4:3c:f4:5b:cd:fe:06:e5:16:6f:63:d6:8c:b4:4f:af:
ae:b1:ec:f2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYY6g5qe7XzvyUV1JjAeJCq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjEwMDg0OTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTUxYWJlMTVjNDU1YTc3ODg2MTRlM2E5OWVlZmFiY2ViM2Q4OGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE9COsElQTOXHRL68n507pqYdEhn
X56ikXqt5Lf3mWSxzJZMWyR6QPDG4Ol594j72DdojlhDgJJR+w+E3tL7+yfHHqq4
dSWheujH6HXFDJoY1zACB/IMK2AvB7htxrevX7VN/sQY+ul7trmetXh/cO+vZPmv
O9TuIijby8m8L4f2UE1+QgnOO0WwVwcx0KCBPSEUqKcW8kKeyl1+qEa21J2qjH3X
6NYpB4pQCLK63JG3di/5m0G5n51AAcWW8QaceOB2qbMhB+9eD14+h/KKU+duAo4y
fay/vOTcjauMYPhXR2xn9zmDkQCVn6IxkVEZvqClv/U5S9gscSF+Q8okLwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKVRq+FcRVp3iGFOOpnu+rzrPYi9MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvcFZHcjRWeEZXbmVJWVU0Nm1lNzZ2T3M5aUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBBWkYAwQA
BWkhAwQABWkoAwQABWkrAwQABWk5AwQABWlBAwQABWlRMA0GCSqGSIb3DQEBCwUA
A4IBAQBDPDEBWiBs2xy/E66XXRn/VwiUYSM7rQNI+iOWUUqp7kHXRdtoLkGrqvKf
jdAJjobXn0IUywmFg0JrC4+D3DGJmZOzS9USMiZ0Hgen8q7cOmtMbXxkbT1DlQxT
gadQ3JodjDLO/1Q/Er7vQZ+YhG0XPFU4l8l1DSindrKNR4I6gEoY61gI5p8GF1fU
QzryeN/is9BXS2hnUK2T4HMna7XsL/T+IPEnpIUEGD9I6a7WSMaxqPwItUjcKv+J
M4kQueanLSRJ2UpgrXOUUex0Jpp20eZZU+fl4+rr/CfE+DYKI5hXMgVNUT3iHvyd
5fQ89FvN/gblFm9j1oy0T6+usezy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:01 2023 by rpki-client on console-ams.rpki-client.org