Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/tpFlUESmcuRPtByV8vkYCHMxBwo.roa
File: tpFlUESmcuRPtByV8vkYCHMxBwo.roa (raw, json)
Hash identifier: bCrTJa4dLlTiwv3MOMy25yFAXEaoYDnir5ZUjWYkgBU=
Subject key identifier: B6:91:65:50:44:A6:72:E4:4F:B4:1C:95:F2:F9:18:08:73:31:07:0A
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018669597C313CA99E631A7305765AAF91FF
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/tpFlUESmcuRPtByV8vkYCHMxBwo.roa
Signing time: Sun 19 Feb 2023 11:05:17 +0000
ROA not before: Sun 19 Feb 2023 11:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 5.105.22.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
5.105.36.0/24 maxlen: 24
5.105.35.0/24 maxlen: 24
5.105.34.0/24 maxlen: 24
5.105.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:69:59:7c:31:3c:a9:9e:63:1a:73:05:76:5a:af:91:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 19 11:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b691655044a672e44fb41c95f2f918087331070a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a1:dc:d9:73:23:44:c3:ff:43:a5:71:07:7f:
b9:66:a6:84:38:9d:49:51:3e:c9:3e:ef:7c:95:e3:
bb:9b:81:8b:a5:59:0c:05:68:83:21:36:8f:ff:4e:
db:3e:01:b1:57:68:95:6b:c6:d7:61:19:98:66:d2:
d3:99:e0:31:78:fa:81:81:dc:27:4f:64:f3:c2:aa:
76:2b:cc:95:e1:fd:e8:a5:5f:6a:1d:f4:ea:5e:0f:
26:4e:63:a7:40:19:08:3a:ec:d6:53:3f:6e:6b:55:
3b:11:9c:5c:ed:47:53:7d:32:9f:0a:49:6d:f0:87:
80:dd:b9:16:10:0c:f0:9c:ea:8f:83:75:7c:66:76:
80:77:4a:0f:5f:e4:66:3a:ca:fd:26:c4:39:f9:76:
be:7e:22:1b:4b:f0:fe:2a:42:c4:68:c7:a6:92:0f:
6a:b9:66:af:de:a6:01:16:c8:4e:f5:b5:d1:ad:e8:
2f:03:9d:a8:ee:a7:25:ef:b9:df:73:cd:f1:48:6b:
8b:99:c0:1f:2d:af:ce:44:dc:05:26:8f:13:f6:69:
50:53:be:1d:b2:dc:86:5b:ec:01:47:bd:0f:c0:0d:
2b:0c:16:9f:e8:fc:75:4c:d5:1b:eb:08:e9:b1:63:
85:bf:cb:79:23:ea:d1:f8:1f:82:82:31:ca:48:dc:
4c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:91:65:50:44:A6:72:E4:4F:B4:1C:95:F2:F9:18:08:73:31:07:0A
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/tpFlUESmcuRPtByV8vkYCHMxBwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.21.0-5.105.22.255
5.105.34.0-5.105.37.255
Signature Algorithm: sha256WithRSAEncryption
63:05:a4:4c:34:95:94:a7:7a:79:75:0d:eb:0e:0c:fd:a3:e3:
ee:6e:5e:bf:ea:60:77:a2:49:0d:d6:35:64:ba:82:24:ec:08:
24:d0:3c:c5:95:68:01:44:ee:c6:8f:0e:3d:8b:8a:5b:b0:b6:
de:b3:cd:43:ab:59:fc:05:aa:b3:fd:fa:34:a1:5d:ec:94:5e:
44:68:b6:d1:b5:38:73:6f:f9:68:7d:2b:45:62:db:86:f2:7a:
79:70:e6:9b:1d:6e:4c:c3:fc:99:92:70:7c:29:2a:71:64:10:
3c:63:40:20:d1:14:b8:50:ce:28:7a:77:45:ce:43:42:cb:ad:
e1:82:f2:d7:35:20:73:8f:a3:fe:0e:16:54:c6:a9:43:b2:62:
fd:46:39:53:67:9e:c3:47:93:e2:8c:9b:78:30:81:f2:db:82:
ce:f8:0b:88:66:61:66:7b:14:4d:2b:0d:27:16:44:b2:f8:6c:
33:86:c0:90:45:2b:9b:e0:37:26:4f:4f:46:4d:86:3e:30:eb:
94:95:d4:e2:95:f4:50:95:b1:99:84:2a:5d:9d:13:82:c6:20:
48:0b:f5:29:f9:ba:e6:c1:ca:65:e0:ac:aa:fa:53:c2:58:50:
90:ec:10:14:a5:4b:22:01:e4:37:c3:e4:8d:15:f2:1d:a4:9c:
91:12:6d:14
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYZpWXwxPKmeYxpzBXZar5H/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjE5MTEwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjkxNjU1MDQ0YTY3MmU0NGZiNDFjOTVmMmY5MTgwODczMzEwNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6Hc2XMjRMP/Q6VxB3+5ZqaEOJ1J
UT7JPu98leO7m4GLpVkMBWiDITaP/07bPgGxV2iVa8bXYRmYZtLTmeAxePqBgdwn
T2Tzwqp2K8yV4f3opV9qHfTqXg8mTmOnQBkIOuzWUz9ua1U7EZxc7UdTfTKfCklt
8IeA3bkWEAzwnOqPg3V8ZnaAd0oPX+RmOsr9JsQ5+Xa+fiIbS/D+KkLEaMemkg9q
uWav3qYBFshO9bXRregvA52o7qcl77nfc83xSGuLmcAfLa/ORNwFJo8T9mlQU74d
styGW+wBR70PwA0rDBaf6Px1TNUb6wjpsWOFv8t5I+rR+B+CgjHKSNxMtQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLaRZVBEpnLkT7QclfL5GAhzMQcKMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvdHBGbFVFU21jdVJQdEJ5Vjh2a1lDSE14QndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAFaRUD
BAAFaRYwDAMEAQVpIgMEAQVpJDANBgkqhkiG9w0BAQsFAAOCAQEAYwWkTDSVlKd6
eXUN6w4M/aPj7m5ev+pgd6JJDdY1ZLqCJOwIJNA8xZVoAUTuxo8OPYuKW7C23rPN
Q6tZ/AWqs/36NKFd7JReRGi20bU4c2/5aH0rRWLbhvJ6eXDmmx1uTMP8mZJwfCkq
cWQQPGNAINEUuFDOKHp3Rc5DQsut4YLy1zUgc4+j/g4WVMapQ7Ji/UY5U2eew0eT
4oybeDCB8tuCzvgLiGZhZnsUTSsNJxZEsvhsM4bAkEUrm+A3Jk9PRk2GPjDrlJXU
4pX0UJWxmYQqXZ0TgsYgSAv1Kfm65sHKZeCsqvpTwlhQkOwQFKVLIgHkN8PkjRXy
HaSckRJtFA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:01 2023 by rpki-client on console-ams.rpki-client.org