Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xFwt_b1umDgM77Hda7QOtQxIwtE.roa
File: xFwt_b1umDgM77Hda7QOtQxIwtE.roa (raw, json)
Hash identifier: wP47hijaH7FVgbRVWNwiYP+ag6M05mqg1yzJsUce4NU=
Subject key identifier: C4:5C:2D:FD:BD:6E:98:38:0C:EF:B1:DD:6B:B4:0E:B5:0C:48:C2:D1
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0188B03E2871AB7E8C112314E64438AB4DA2
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xFwt_b1umDgM77Hda7QOtQxIwtE.roa
Signing time: Mon 12 Jun 2023 15:34:03 +0000
ROA not before: Mon 12 Jun 2023 15:34:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 5.105.124.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.14.0/24 maxlen: 24
5.105.29.0/24 maxlen: 24
5.105.34.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.39.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b0:3e:28:71:ab:7e:8c:11:23:14:e6:44:38:ab:4d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 12 15:34:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c45c2dfdbd6e98380cefb1dd6bb40eb50c48c2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:1a:af:20:e6:a2:01:12:76:45:17:cd:27:7e:
b6:76:f7:6b:db:bb:64:2c:aa:aa:87:e1:25:a8:33:
67:dd:05:7c:54:e4:0c:bb:38:59:c9:da:d7:87:77:
53:75:c1:56:be:a4:0a:5d:c0:fe:79:cd:77:a1:be:
31:1d:e0:38:56:21:e8:a9:ed:52:fc:9a:91:23:30:
c5:70:19:5e:c3:a6:86:42:79:a2:d2:5a:f0:23:60:
29:e0:49:e7:b2:5d:1c:86:af:3f:91:12:09:a8:7f:
7a:7e:74:6c:44:ba:1b:3a:a4:f7:1f:9f:e0:48:bc:
69:ac:70:72:11:7c:72:5d:19:2a:08:07:63:d1:07:
e7:ff:b4:c3:97:db:af:e4:f1:2c:00:43:f9:b3:66:
a4:90:15:1b:ed:95:74:4e:66:d9:a5:7d:b9:80:c7:
c4:e6:4b:e3:a5:56:56:24:33:68:6a:08:90:c0:67:
1f:b1:96:71:ac:a2:71:71:03:7f:8f:53:30:14:e3:
a8:4b:7d:ee:ba:45:96:92:7c:75:c4:c7:69:3c:46:
a4:38:a2:65:87:7b:02:51:5d:79:c9:f1:60:aa:06:
74:e0:38:95:11:ec:c8:1e:74:1e:e3:18:c2:e1:e7:
6a:90:ed:69:9c:f5:40:ba:4e:90:28:6e:46:96:d4:
38:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5C:2D:FD:BD:6E:98:38:0C:EF:B1:DD:6B:B4:0E:B5:0C:48:C2:D1
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xFwt_b1umDgM77Hda7QOtQxIwtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.14.0/24
5.105.29.0/24
5.105.34.0/24
5.105.39.0/24
5.105.124.0/24
5.105.127.0/24
5.105.139.0/24
5.105.142.0/24
5.105.157.0/24
5.105.200.0/24
5.105.207.0/24
5.105.221.0/24
5.105.249.0/24
Signature Algorithm: sha256WithRSAEncryption
98:19:28:af:9f:4c:30:01:ab:59:c4:0a:83:24:64:8c:4c:c1:
27:5b:6f:73:77:da:9f:03:e5:9d:d7:1b:e6:41:da:1c:1c:0f:
2c:c1:8b:51:03:f3:04:b1:a7:39:da:6a:ec:b6:55:07:a6:b7:
fb:fb:df:cb:97:aa:1a:ed:04:74:de:68:e6:a9:18:5e:3b:d4:
dc:93:25:5e:bb:f4:5e:ea:02:f3:38:b3:f3:6e:b2:71:e6:55:
2b:5e:a9:e9:96:ed:dd:83:6b:bd:89:23:aa:5e:59:ae:2b:07:
33:13:68:2a:f2:02:8b:f9:09:af:93:32:cf:96:ec:98:1a:21:
ac:64:88:ff:43:67:5a:54:b4:9e:0b:c9:de:cf:f0:0c:22:dd:
b0:c7:2c:cd:9c:0f:1c:2e:31:b3:d2:f1:07:02:74:86:7e:8f:
77:cd:6b:f6:0e:85:7d:43:6e:4b:53:73:ce:9e:30:ad:ce:bf:
93:45:9b:00:54:a9:3c:8c:a9:c0:d5:3e:30:d5:bd:d1:8d:6f:
3a:be:31:e8:f9:49:47:e8:86:82:5b:86:f7:8e:87:68:69:68:
d8:24:d3:68:d2:4a:c8:dd:9f:1b:14:fc:2c:a7:a0:55:25:3a:
c8:a3:e2:3b:bc:c2:36:d3:df:6f:ce:fa:2f:be:c1:36:4c:48:
d6:82:76:0a
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYiwPihxq36MESMU5kQ4q02iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjEyMTUzNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDVjMmRmZGJkNmU5ODM4MGNlZmIxZGQ2YmI0MGViNTBjNDhjMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BqvIOaiARJ2RRfNJ362dvdr27tk
LKqqh+ElqDNn3QV8VOQMuzhZydrXh3dTdcFWvqQKXcD+ec13ob4xHeA4ViHoqe1S
/JqRIzDFcBlew6aGQnmi0lrwI2Ap4Ennsl0chq8/kRIJqH96fnRsRLobOqT3H5/g
SLxprHByEXxyXRkqCAdj0Qfn/7TDl9uv5PEsAEP5s2akkBUb7ZV0TmbZpX25gMfE
5kvjpVZWJDNoagiQwGcfsZZxrKJxcQN/j1MwFOOoS33uukWWknx1xMdpPEakOKJl
h3sCUV15yfFgqgZ04DiVEezIHnQe4xjC4edqkO1pnPVAuk6QKG5GltQ4ewIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMRcLf29bpg4DO+x3Wu0DrUMSMLRMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEveEZ3dF9iMXVtRGdNNzdIZGE3UU90UXhJd3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABWkOAwQA
BWkdAwQABWkiAwQABWknAwQABWl8AwQABWl/AwQABWmLAwQABWmOAwQABWmdAwQA
BWnIAwQABWnPAwQABWndAwQABWn5MA0GCSqGSIb3DQEBCwUAA4IBAQCYGSivn0ww
AatZxAqDJGSMTMEnW29zd9qfA+Wd1xvmQdocHA8swYtRA/MEsac52mrstlUHprf7
+9/Ll6oa7QR03mjmqRheO9TckyVeu/Re6gLzOLPzbrJx5lUrXqnplu3dg2u9iSOq
XlmuKwczE2gq8gKL+QmvkzLPluyYGiGsZIj/Q2daVLSeC8nez/AMIt2wxyzNnA8c
LjGz0vEHAnSGfo93zWv2DoV9Q25LU3POnjCtzr+TRZsAVKk8jKnA1T4w1b3RjW86
vjHo+UlH6IaCW4b3jodoaWjYJNNo0krI3Z8bFPwsp6BVJTrIo+I7vMI2099vzvov
vsE2TEjWgnYK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:01 2023 by rpki-client on console-ams.rpki-client.org