Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/sGn7JPWcZH4El26uGj-M2bgYbpY.roa
File: sGn7JPWcZH4El26uGj-M2bgYbpY.roa (raw, json)
Hash identifier: GoVERw2t3WzMh2qorWteDB7nq5pUw/5bBRg0E2xJnkE=
Subject key identifier: B0:69:FB:24:F5:9C:64:7E:04:97:6E:AE:1A:3F:8C:D9:B8:18:6E:96
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0187E29539CD5FA33FADFBDCC4CF0A9FA666
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/sGn7JPWcZH4El26uGj-M2bgYbpY.roa
Signing time: Wed 03 May 2023 17:07:23 +0000
ROA not before: Wed 03 May 2023 17:07:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 5.105.21.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e2:95:39:cd:5f:a3:3f:ad:fb:dc:c4:cf:0a:9f:a6:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: May 3 17:07:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b069fb24f59c647e04976eae1a3f8cd9b8186e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7a:26:6f:98:16:63:04:e5:aa:80:67:9e:42:
cc:b4:d8:70:15:62:91:ff:fe:7d:49:50:72:34:5c:
7f:70:47:15:b7:57:b9:5a:72:c5:bc:d2:48:03:8e:
21:a9:c4:ea:56:fd:29:20:47:6c:85:03:b9:f7:10:
1e:0d:6b:95:26:2f:bb:0b:ec:c3:d9:19:c6:e7:d7:
e2:b9:3a:6e:02:3e:c5:e2:d6:54:e5:fd:d9:31:7a:
ac:61:b0:e2:3a:5b:bb:e9:10:f0:84:a7:ac:59:2c:
b2:76:a0:f4:f6:e1:a6:cc:ff:ba:4c:09:35:f3:73:
7a:98:58:6e:86:ed:df:93:f9:46:b7:08:35:a6:e2:
0b:da:98:88:64:ac:d4:61:8f:06:de:13:5f:e0:1c:
a7:cd:c5:c0:02:4d:96:5f:ed:6b:6e:2a:35:af:be:
88:fd:ce:52:c9:49:02:57:8f:81:61:44:4a:63:dc:
0d:19:f3:ff:37:12:67:fd:7d:a3:82:a8:0b:27:3b:
38:06:6b:53:ef:93:ae:6f:a8:b7:7b:b6:2a:3f:04:
e3:18:74:82:1c:67:69:b9:83:33:58:07:98:17:aa:
ec:c3:77:f9:5f:e2:bc:61:b3:d7:6e:57:e6:07:07:
b1:2c:47:28:54:d1:88:30:6b:ad:f3:03:fa:98:44:
b1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:69:FB:24:F5:9C:64:7E:04:97:6E:AE:1A:3F:8C:D9:B8:18:6E:96
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/sGn7JPWcZH4El26uGj-M2bgYbpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.21.0/24
5.105.138.0/24
Signature Algorithm: sha256WithRSAEncryption
59:98:6e:60:ca:fb:c3:25:8a:ee:76:93:1f:77:98:f7:11:c0:
61:07:a2:1e:74:48:0a:88:55:6b:d8:27:28:15:59:f7:04:48:
cd:c4:65:df:20:07:aa:4a:45:23:de:8c:2d:c7:38:2b:b0:8a:
fe:d7:ed:c1:c7:36:bf:1e:b8:7f:c4:5a:fb:ba:1c:27:6b:0e:
da:f2:d3:1b:ad:42:83:1d:89:30:40:7b:80:bd:9f:77:1f:58:
a7:2a:3e:a7:72:8a:cf:fd:c4:0f:ab:d5:5e:82:74:f1:77:9a:
2c:1a:40:d8:8c:04:25:5e:19:44:bb:65:66:a3:86:37:75:0d:
b4:31:48:f8:e8:c3:7b:37:a4:a5:9d:14:b7:03:ac:4d:d6:d1:
1f:84:b6:dc:6a:51:e3:6b:1c:f9:c7:ef:e8:48:95:4f:6b:91:
c2:f0:71:4a:86:25:b5:7e:f2:ee:fc:86:d2:32:29:6e:83:3a:
81:49:04:72:26:da:89:4c:99:ca:31:fe:52:9f:22:6c:0e:79:
4a:d6:fa:68:7e:e3:2b:a7:b4:ca:22:fb:27:22:7e:88:77:2a:
2a:8b:64:2f:db:d3:6b:9f:a8:d6:35:2a:e5:22:9c:29:b5:71:
98:65:82:04:18:0d:26:57:2b:db:36:e9:3f:60:62:9d:ef:d4:
dd:d9:5b:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfilTnNX6M/rfvcxM8Kn6ZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTAzMTcwNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDY5ZmIyNGY1OWM2NDdlMDQ5NzZlYWUxYTNmOGNkOWI4MTg2ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHomb5gWYwTlqoBnnkLMtNhwFWKR
//59SVByNFx/cEcVt1e5WnLFvNJIA44hqcTqVv0pIEdshQO59xAeDWuVJi+7C+zD
2RnG59fiuTpuAj7F4tZU5f3ZMXqsYbDiOlu76RDwhKesWSyydqD09uGmzP+6TAk1
83N6mFhuhu3fk/lGtwg1puIL2piIZKzUYY8G3hNf4BynzcXAAk2WX+1rbio1r76I
/c5SyUkCV4+BYURKY9wNGfP/NxJn/X2jgqgLJzs4BmtT75Oub6i3e7YqPwTjGHSC
HGdpuYMzWAeYF6rsw3f5X+K8YbPXblfmBwexLEcoVNGIMGut8wP6mESxJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLBp+yT1nGR+BJdurho/jNm4GG6WMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvc0duN0pQV2NaSDRFbDI2dUdqLU0yYmdZYnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWkVAwQA
BWmKMA0GCSqGSIb3DQEBCwUAA4IBAQBZmG5gyvvDJYrudpMfd5j3EcBhB6IedEgK
iFVr2CcoFVn3BEjNxGXfIAeqSkUj3owtxzgrsIr+1+3Bxza/Hrh/xFr7uhwnaw7a
8tMbrUKDHYkwQHuAvZ93H1inKj6ncorP/cQPq9VegnTxd5osGkDYjAQlXhlEu2Vm
o4Y3dQ20MUj46MN7N6SlnRS3A6xN1tEfhLbcalHjaxz5x+/oSJVPa5HC8HFKhiW1
fvLu/IbSMilugzqBSQRyJtqJTJnKMf5SnyJsDnlK1vpofuMrp7TKIvsnIn6Idyoq
i2Qv29Nrn6jWNSrlIpwptXGYZYIEGA0mVyvbNuk/YGKd79Td2VuM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:01 2023 by rpki-client on console-ams.rpki-client.org