Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/uwSVjrpuFyrZHpy7qQ2cYMgDqfI.roa
File: uwSVjrpuFyrZHpy7qQ2cYMgDqfI.roa (raw, json)
Hash identifier: SaCcMczY4+lTLjeLlnFtvNunLob8RjfV0J8CTpCzuu0=
Subject key identifier: BB:04:95:8E:BA:6E:17:2A:D9:1E:9C:BB:A9:0D:9C:60:C8:03:A9:F2
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018663634D8789893CAAF4C98150876E5BA0
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/uwSVjrpuFyrZHpy7qQ2cYMgDqfI.roa
Signing time: Sat 18 Feb 2023 07:18:17 +0000
ROA not before: Sat 18 Feb 2023 07:18:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 5.105.31.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.247.0/24 maxlen: 24
5.105.63.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.215.0/24 maxlen: 24
5.105.226.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:63:63:4d:87:89:89:3c:aa:f4:c9:81:50:87:6e:5b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 18 07:18:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb04958eba6e172ad91e9cbba90d9c60c803a9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ec:92:9a:c8:6f:e4:09:58:ac:ad:4d:e2:c1:
d3:5e:9d:c4:40:45:39:35:55:d9:1d:83:01:4e:2e:
4d:a7:65:5c:6f:fb:af:74:c6:45:65:bc:7f:7b:a3:
0c:c0:51:dd:c4:62:c1:f2:64:c8:db:31:7c:9c:d2:
c2:33:43:1a:cd:12:8f:16:d1:96:1f:5a:ec:1c:f6:
47:71:ea:72:d9:2f:3c:95:e1:7a:d3:41:63:0b:67:
9f:f1:c9:de:2e:94:1b:5a:13:da:c4:49:79:9f:e1:
13:5f:4e:29:59:29:7d:c6:50:c3:e1:af:dc:fe:e5:
ab:6e:9e:17:53:f8:46:8b:52:7d:a6:b2:cf:85:de:
65:6e:a9:37:f4:3e:25:4a:40:be:2d:b0:1c:a1:d8:
7f:c6:0b:4e:1a:bb:4b:68:5b:d4:2d:09:62:c9:4c:
3b:0e:30:49:b8:d0:e2:23:cc:7c:26:e8:ec:86:4f:
62:af:9e:bd:b2:fa:6a:6a:ad:a3:7b:77:bb:0d:fd:
b9:d8:40:72:64:a0:ad:a4:5c:97:69:ab:83:d5:10:
00:23:9b:81:8f:9c:ed:7c:20:c6:69:e7:55:1b:dd:
11:4c:e5:06:91:4f:f1:6e:dd:00:70:ff:2d:17:cc:
30:e6:99:5d:bb:c1:bd:43:97:e5:4b:2a:4b:cf:ef:
48:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:04:95:8E:BA:6E:17:2A:D9:1E:9C:BB:A9:0D:9C:60:C8:03:A9:F2
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/uwSVjrpuFyrZHpy7qQ2cYMgDqfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.31.0-5.105.32.255
5.105.63.0/24
5.105.96.0/24
5.105.184.0/24
5.105.200.0/24
5.105.215.0/24
5.105.226.0/24
5.105.247.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c9:ce:08:d6:c6:ef:9d:59:a6:7e:9c:3f:4e:d2:10:08:d6:
52:10:d5:dd:62:01:06:2f:28:00:2e:ad:4d:7f:ce:79:2d:d7:
89:ce:d2:cc:62:98:be:81:b1:fd:2d:85:da:73:8e:40:74:5c:
a7:36:6b:3e:ea:05:c4:4e:8c:28:0b:3d:76:12:ab:a7:e5:cc:
72:8e:62:97:f0:70:09:60:44:c1:d7:b5:22:e9:6f:c4:65:a5:
f9:54:c5:40:0b:82:22:25:c9:c7:a1:78:70:68:bd:15:87:a8:
67:4d:55:a3:ad:98:71:c7:92:92:a6:88:35:42:2f:f8:83:a5:
62:85:91:82:4e:f7:e4:81:df:b5:de:1e:5e:74:b8:3d:70:08:
2b:4e:6c:d3:77:a5:e0:b6:f6:f5:1c:03:7a:a9:3d:5f:d2:25:
e8:f5:b9:8f:de:c4:dc:2e:44:38:eb:6f:d0:6f:bb:b2:33:26:
84:7b:bf:0e:e5:ae:a9:38:e5:58:a7:d3:74:05:f5:5e:95:7f:
ab:46:98:7b:cd:d2:6f:2c:be:91:aa:9d:c3:13:51:c4:52:92:
dc:d8:4d:84:9d:18:c7:5f:7a:6d:94:4a:8e:f6:47:40:db:af:
47:34:7b:6c:ab:89:96:e5:1c:44:e8:ea:0f:8a:72:56:1d:62:
d1:f5:0c:0a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYZjY02HiYk8qvTJgVCHblugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjE4MDcxODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjA0OTU4ZWJhNmUxNzJhZDkxZTljYmJhOTBkOWM2MGM4MDNhOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguySmshv5AlYrK1N4sHTXp3EQEU5
NVXZHYMBTi5Np2Vcb/uvdMZFZbx/e6MMwFHdxGLB8mTI2zF8nNLCM0MazRKPFtGW
H1rsHPZHcepy2S88leF600FjC2ef8cneLpQbWhPaxEl5n+ETX04pWSl9xlDD4a/c
/uWrbp4XU/hGi1J9prLPhd5lbqk39D4lSkC+LbAcodh/xgtOGrtLaFvULQliyUw7
DjBJuNDiI8x8Jujshk9ir569svpqaq2je3e7Df252EByZKCtpFyXaauD1RAAI5uB
j5ztfCDGaedVG90RTOUGkU/xbt0AcP8tF8ww5pldu8G9Q5flSypLz+9I2QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLsElY66bhcq2R6cu6kNnGDIA6nyMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvdXdTVmpycHVGeXJaSHB5N3FRMmNZTWdEcWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAAFaR8D
BAAFaSADBAAFaT8DBAAFaWADBAAFabgDBAAFacgDBAAFadcDBAAFaeIDBAAFafcw
DQYJKoZIhvcNAQELBQADggEBACnJzgjWxu+dWaZ+nD9O0hAI1lIQ1d1iAQYvKAAu
rU1/znkt14nO0sximL6Bsf0thdpzjkB0XKc2az7qBcROjCgLPXYSq6flzHKOYpfw
cAlgRMHXtSLpb8RlpflUxUALgiIlyceheHBovRWHqGdNVaOtmHHHkpKmiDVCL/iD
pWKFkYJO9+SB37XeHl50uD1wCCtObNN3peC29vUcA3qpPV/SJej1uY/exNwuRDjr
b9Bvu7IzJoR7vw7lrqk45Vin03QF9V6Vf6tGmHvN0m8svpGqncMTUcRSktzYTYSd
GMdfem2USo72R0Dbr0c0e2yriZblHETo6g+KclYdYtH1DAo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-fra.rpki-client.org