Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/phaPjzWmXha-ZvmcgCn66FiYXYU.roa
File: phaPjzWmXha-ZvmcgCn66FiYXYU.roa (raw, json)
Hash identifier: kNcp6pjAKbuOlnXrW5NaDnuwiWUeSSa5Ds7kN8wu8H4=
Subject key identifier: A6:16:8F:8F:35:A6:5E:16:BE:66:F9:9C:80:29:FA:E8:58:98:5D:85
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A4FBEE50DC47582EFB4637C3025B6682A
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/phaPjzWmXha-ZvmcgCn66FiYXYU.roa
Signing time: Fri 01 Sep 2023 07:57:05 +0000
ROA not before: Fri 01 Sep 2023 07:57:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 5.105.186.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Sep 2023 14:46:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:be:e5:0d:c4:75:82:ef:b4:63:7c:30:25:b6:68:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 1 07:57:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6168f8f35a65e16be66f99c8029fae858985d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6b:ee:43:0a:8c:0d:c0:3e:16:4a:27:5b:62:
11:3c:39:f2:87:e9:b3:45:f8:be:d7:3b:ff:9b:36:
48:6f:4c:92:f9:7b:a1:28:15:9d:eb:8b:80:81:91:
d8:37:c1:96:d9:94:74:2a:d7:a2:4e:d3:d0:a1:3d:
e5:b6:1b:10:67:ba:d1:ad:11:ed:d3:19:6d:bc:4e:
2c:2c:1f:c0:d3:59:34:c9:99:8a:a5:bc:2a:87:f7:
a4:15:87:98:bd:90:8d:ce:4b:5b:e6:eb:46:87:a5:
6d:42:a1:05:31:47:36:e0:da:ac:94:f3:cd:13:a1:
4f:4f:44:28:92:13:e8:4d:5f:33:18:2f:f7:e5:23:
ab:da:45:f7:1e:a4:04:22:a6:7c:09:3c:45:a3:72:
be:3d:01:1f:fc:e4:0e:7f:5d:34:61:84:51:50:27:
fe:5e:6f:c4:e2:53:76:a1:b7:34:e3:5d:1c:ff:e2:
f5:42:fc:14:ae:1f:89:6c:b7:67:39:9f:1d:5a:3e:
5d:9a:ed:07:d6:65:be:41:f3:fb:bd:37:e9:07:eb:
dd:a6:63:37:49:f4:3c:ba:db:93:f5:ba:4d:44:1c:
e7:be:c6:da:e6:c0:b1:a5:89:ce:0b:4a:ea:3d:e0:
b4:3c:8d:50:d6:ea:c4:cd:eb:c6:f8:3c:e9:d8:13:
4f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:16:8F:8F:35:A6:5E:16:BE:66:F9:9C:80:29:FA:E8:58:98:5D:85
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/phaPjzWmXha-ZvmcgCn66FiYXYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.107.0/24
5.105.186.0/23
5.105.202.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:ce:96:72:f8:3c:68:13:53:3a:d7:23:6d:00:ef:60:ad:dd:
55:7a:64:eb:83:72:c5:57:65:2e:d8:4a:34:6c:8b:19:5f:b9:
f3:30:94:3f:76:24:87:52:b4:c9:fe:dc:c0:d6:72:26:f9:16:
ab:3d:44:fb:9d:94:35:29:89:e5:7b:1d:91:af:c5:ea:ba:ae:
80:81:c9:34:86:67:06:80:b2:87:5f:42:c6:92:25:67:01:a5:
bb:81:51:5c:6d:b8:cc:76:33:34:75:dc:5c:31:0b:79:f6:d9:
12:b3:03:f1:45:aa:03:20:09:d1:3d:e1:b2:d3:1b:02:e5:89:
87:f7:be:e3:73:71:94:5f:f2:ba:9d:f2:b6:14:9a:96:ed:be:
d6:0b:ec:6f:ce:59:ce:ed:1f:1d:40:d3:9f:19:4d:ba:2f:65:
6c:7b:bb:27:d2:21:ee:db:df:34:97:61:09:bb:7a:51:24:84:
5b:1d:53:a0:82:08:24:a1:09:03:b5:f8:aa:c0:f4:88:98:48:
85:b1:c3:68:c9:96:61:ce:7f:8a:81:53:da:5e:ff:f2:37:0c:
8c:4d:41:42:18:d2:b5:56:a5:38:10:d9:34:29:f2:39:1a:83:
8b:2a:fb:4c:c1:39:7d:4b:39:13:ab:d9:b1:ce:77:07:94:6c:
38:bb:24:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpPvuUNxHWC77RjfDAltmgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwOTAxMDc1NzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjE2OGY4ZjM1YTY1ZTE2YmU2NmY5OWM4MDI5ZmFlODU4OTg1ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGvuQwqMDcA+FkonW2IRPDnyh+mz
Rfi+1zv/mzZIb0yS+XuhKBWd64uAgZHYN8GW2ZR0KteiTtPQoT3lthsQZ7rRrRHt
0xltvE4sLB/A01k0yZmKpbwqh/ekFYeYvZCNzktb5utGh6VtQqEFMUc24NqslPPN
E6FPT0QokhPoTV8zGC/35SOr2kX3HqQEIqZ8CTxFo3K+PQEf/OQOf100YYRRUCf+
Xm/E4lN2obc0410c/+L1QvwUrh+JbLdnOZ8dWj5dmu0H1mW+QfP7vTfpB+vdpmM3
SfQ8utuT9bpNRBznvsba5sCxpYnOC0rqPeC0PI1Q1urEzevG+Dzp2BNPgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKYWj481pl4Wvmb5nIAp+uhYmF2FMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvcGhhUGp6V21YaGEtWnZtY2dDbjY2RmlZWFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWlrAwQB
BWm6AwQABWnKMA0GCSqGSIb3DQEBCwUAA4IBAQC6zpZy+DxoE1M61yNtAO9grd1V
emTrg3LFV2Uu2Eo0bIsZX7nzMJQ/diSHUrTJ/tzA1nIm+RarPUT7nZQ1KYnlex2R
r8Xquq6Agck0hmcGgLKHX0LGkiVnAaW7gVFcbbjMdjM0ddxcMQt59tkSswPxRaoD
IAnRPeGy0xsC5YmH977jc3GUX/K6nfK2FJqW7b7WC+xvzlnO7R8dQNOfGU26L2Vs
e7sn0iHu2980l2EJu3pRJIRbHVOggggkoQkDtfiqwPSImEiFscNoyZZhzn+KgVPa
Xv/yNwyMTUFCGNK1VqU4ENk0KfI5GoOLKvtMwTl9SzkTq9mxzncHlGw4uyQy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:29 2024 by rpki-client on console-fra.rpki-client.org