Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/w7b2HLXuz0fv3NbK8LUIsZdncNo.roa
File: w7b2HLXuz0fv3NbK8LUIsZdncNo.roa (raw, json)
Hash identifier: CpnFZ5RNGJ3nuo9Xehit716BHaVcwRyCmpQx49+fA1Y=
Subject key identifier: C3:B6:F6:1C:B5:EE:CF:47:EF:DC:D6:CA:F0:B5:08:B1:97:67:70:DA
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01870DB9663860D5F7B099926255547082E3
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/w7b2HLXuz0fv3NbK8LUIsZdncNo.roa
Signing time: Thu 23 Mar 2023 09:07:46 +0000
ROA not before: Thu 23 Mar 2023 09:07:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 5.105.30.0/24 maxlen: 24
5.105.31.0/24 maxlen: 24
5.105.63.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
5.105.85.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:b9:66:38:60:d5:f7:b0:99:92:62:55:54:70:82:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Mar 23 09:07:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3b6f61cb5eecf47efdcd6caf0b508b1976770da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d2:39:d7:61:46:fd:eb:9c:6d:7e:85:6f:60:
22:0d:93:a3:84:a2:af:23:96:36:f5:c6:b1:c7:da:
b9:7b:7b:5e:ae:69:cf:e7:6c:d7:03:d3:39:5f:32:
8c:ba:cd:d0:c1:ff:d7:70:22:c1:2d:8a:ad:c9:38:
af:81:4e:2f:45:48:e0:67:94:d4:35:56:06:8a:c5:
3c:1a:ae:f4:bf:b8:f8:e6:0f:51:5d:0c:60:5b:96:
f8:ff:16:ab:88:67:09:8b:49:ee:f5:b2:25:0a:19:
d6:be:3b:54:42:5a:ec:64:00:40:d3:8c:46:c9:24:
3a:8e:aa:c7:5b:3d:78:01:be:dc:d4:ca:aa:ee:2f:
a6:24:f7:e8:52:d1:6a:66:5c:b3:9c:1f:ab:b7:c3:
a7:c3:9b:c8:93:02:e6:87:02:03:2a:2c:73:0e:be:
2d:0f:a1:ee:f6:64:03:2e:d5:fa:e4:5f:34:a9:41:
34:1b:2b:78:38:d0:b5:ed:ce:3b:87:6f:f6:28:01:
0f:fd:0a:61:a8:10:5c:a6:da:8c:35:f5:22:ea:24:
31:4e:1d:f6:c6:d5:72:df:8e:2a:ed:28:34:39:b0:
40:ed:cc:2f:bf:ef:76:33:47:7a:78:08:b3:68:18:
d8:78:96:7b:cd:c7:86:9f:7b:bb:d9:f5:06:4e:09:
39:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:B6:F6:1C:B5:EE:CF:47:EF:DC:D6:CA:F0:B5:08:B1:97:67:70:DA
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/w7b2HLXuz0fv3NbK8LUIsZdncNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.30.0/23
5.105.63.0/24
5.105.85.0/24
5.105.184.0/24
5.105.200.0/24
Signature Algorithm: sha256WithRSAEncryption
15:db:9a:84:87:cd:8f:91:fd:d8:7a:ac:54:36:e4:a8:e4:e1:
3e:66:74:4c:5c:fe:44:73:27:34:9b:13:59:59:a4:c5:9d:c6:
16:72:73:5f:f9:85:7b:40:fa:83:ff:3e:61:c5:fe:15:8c:81:
7c:db:47:db:53:7b:34:16:79:28:74:ec:73:af:72:95:0e:0f:
60:81:c8:b1:f0:8f:e4:e8:de:5c:79:95:b0:62:56:d9:4e:4a:
f5:07:6f:d2:6a:ab:3e:f5:4f:df:c8:5b:28:35:fc:58:22:73:
66:28:90:42:35:6c:71:5b:88:ed:0e:fb:20:c9:aa:34:52:91:
e3:df:0f:ae:db:35:c5:5c:9e:2a:20:00:50:80:9f:4d:6d:e2:
df:c0:b1:26:c1:46:5e:e3:6c:f2:f2:0c:9a:f5:f5:d3:b1:de:
2a:5b:1b:46:83:cb:c0:29:c0:bf:50:86:f2:56:b2:cf:44:9c:
58:ad:da:16:59:e9:75:54:77:aa:25:4c:04:ad:f6:1d:e5:30:
28:13:f9:1b:7a:0d:21:64:f5:30:a6:60:54:b9:44:e0:d9:57:
b4:98:b8:c5:b8:78:23:0b:79:13:b8:ad:6f:87:b2:e5:73:c7:
f8:09:ca:3e:35:17:37:4b:e0:db:19:2f:eb:ba:cb:5f:7c:8f:
0a:e1:2e:0b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYcNuWY4YNX3sJmSYlVUcILjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzIzMDkwNzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2I2ZjYxY2I1ZWVjZjQ3ZWZkY2Q2Y2FmMGI1MDhiMTk3Njc3MGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9I512FG/eucbX6Fb2AiDZOjhKKv
I5Y29caxx9q5e3termnP52zXA9M5XzKMus3Qwf/XcCLBLYqtyTivgU4vRUjgZ5TU
NVYGisU8Gq70v7j45g9RXQxgW5b4/xariGcJi0nu9bIlChnWvjtUQlrsZABA04xG
ySQ6jqrHWz14Ab7c1Mqq7i+mJPfoUtFqZlyznB+rt8Onw5vIkwLmhwIDKixzDr4t
D6Hu9mQDLtX65F80qUE0Gyt4ONC17c47h2/2KAEP/QphqBBcptqMNfUi6iQxTh32
xtVy344q7Sg0ObBA7cwvv+92M0d6eAizaBjYeJZ7zceGn3u72fUGTgk5MwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMO29hy17s9H79zWyvC1CLGXZ3DaMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvdzdiMkhMWHV6MGZ2M05iSzhMVUlzWmRuY05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBWkeAwQA
BWk/AwQABWlVAwQABWm4AwQABWnIMA0GCSqGSIb3DQEBCwUAA4IBAQAV25qEh82P
kf3YeqxUNuSo5OE+ZnRMXP5Ecyc0mxNZWaTFncYWcnNf+YV7QPqD/z5hxf4VjIF8
20fbU3s0FnkodOxzr3KVDg9ggcix8I/k6N5ceZWwYlbZTkr1B2/Saqs+9U/fyFso
NfxYInNmKJBCNWxxW4jtDvsgyao0UpHj3w+u2zXFXJ4qIABQgJ9NbeLfwLEmwUZe
42zy8gya9fXTsd4qWxtGg8vAKcC/UIbyVrLPRJxYrdoWWel1VHeqJUwErfYd5TAo
E/kbeg0hZPUwpmBUuUTg2Ve0mLjFuHgjC3kTuK1vh7Llc8f4Cco+NRc3S+DbGS/r
ustffI8K4S4L
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-fra.rpki-client.org