Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xa9ckeUW2ez7bLdojlFPlGKbnKE.roa
File: xa9ckeUW2ez7bLdojlFPlGKbnKE.roa (raw, json)
Hash identifier: DBt6/GN86hrrAszPZZJOqJaJsMO8hDhE8BmjhCQwOfg=
Subject key identifier: C5:AF:5C:91:E5:16:D9:EC:FB:6C:B7:68:8E:51:4F:94:62:9B:9C:A1
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018AFBD9A2E93C0A7866A7DD4A4F864AB999
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xa9ckeUW2ez7bLdojlFPlGKbnKE.roa
Signing time: Wed 04 Oct 2023 18:00:58 +0000
ROA not before: Wed 04 Oct 2023 18:00:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 5.105.227.0/24 maxlen: 24
5.105.13.0/24 maxlen: 24
217.67.76.0/23 maxlen: 24
5.105.52.0/24 maxlen: 24
5.105.52.0/22 maxlen: 22
5.105.175.0/24 maxlen: 24
5.105.174.0/24 maxlen: 24
5.105.177.0/24 maxlen: 24
5.105.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:d9:a2:e9:3c:0a:78:66:a7:dd:4a:4f:86:4a:b9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 4 18:00:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5af5c91e516d9ecfb6cb7688e514f94629b9ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c1:af:1f:43:62:78:39:e3:94:f5:ea:e6:97:
00:5d:63:f7:22:4e:67:92:44:30:89:1d:2b:56:fb:
b6:1e:4e:9e:03:e7:1d:ff:35:e5:57:73:8e:3f:7c:
8b:83:67:d5:89:63:f1:59:2b:8e:ca:8d:0c:85:46:
a7:1d:b6:35:69:24:38:8d:a6:d4:5a:7a:76:25:5a:
45:0b:75:73:34:f7:a1:04:3e:22:81:03:03:9d:d5:
63:94:29:1e:39:17:89:a7:79:be:18:5e:c6:4f:c6:
98:14:4e:0d:f4:3f:ba:87:ce:a9:c7:0e:bd:86:76:
ce:bd:3b:d5:b9:3d:1e:ca:84:f1:dd:a8:2a:67:c1:
c4:c7:fb:b0:ba:7e:52:08:f2:2d:3e:51:03:2e:9c:
f1:54:5c:0b:69:97:a6:db:9c:fc:5a:40:17:af:a9:
be:62:ad:95:08:84:01:5e:de:1a:da:ed:b2:eb:40:
73:ca:6e:c8:f5:8e:67:1f:23:5e:73:12:34:bb:c2:
1d:12:6d:7f:9a:d5:63:c0:c3:5c:91:18:69:d9:8a:
03:c3:9f:b0:5d:7a:2f:6e:97:22:e5:77:3d:6a:6e:
05:2c:f2:66:ee:39:04:ad:1f:d3:f5:41:78:2a:10:
e4:d2:1b:30:43:7a:93:c5:d5:71:99:7d:37:f9:b0:
9a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:AF:5C:91:E5:16:D9:EC:FB:6C:B7:68:8E:51:4F:94:62:9B:9C:A1
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xa9ckeUW2ez7bLdojlFPlGKbnKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.13.0/24
5.105.52.0/22
5.105.174.0/23
5.105.177.0/24
5.105.219.0/24
5.105.227.0/24
217.67.76.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:12:a0:d1:5e:79:6a:1d:80:90:d1:03:db:16:8d:71:5b:b2:
3d:2c:08:55:b6:2d:45:db:c1:7c:37:88:c4:7a:16:9a:cb:bb:
e7:69:54:b6:1b:8e:fb:42:1c:36:b9:7f:b9:d2:54:8c:75:3a:
82:eb:5f:e7:eb:de:2a:54:4d:64:00:58:d0:5d:0f:72:e9:83:
fe:6d:59:a6:50:47:62:2c:b9:ac:ee:4c:b4:76:4c:30:d9:cb:
2d:f5:be:09:30:95:52:24:34:4c:99:51:38:f3:69:1a:04:0b:
90:93:8e:84:e4:6b:b4:77:dc:cd:22:c5:94:4a:21:4c:7d:46:
a2:80:a8:87:a1:f8:e9:6c:26:05:f3:3f:4d:2d:5c:45:cf:7e:
7e:55:46:e3:1b:01:5c:d8:ae:c1:d2:37:22:86:b6:90:8c:67:
15:af:22:ee:03:12:48:e0:9c:3f:9f:fb:2c:bf:4c:28:42:24:
58:73:48:75:61:8d:f6:54:ed:1b:1c:78:66:6c:d6:45:2d:ab:
50:92:6b:f6:45:38:55:db:f3:cf:4d:52:e6:78:e0:da:33:da:
00:e4:bc:89:11:9c:a2:8e:b9:a2:f6:b6:b5:da:cf:93:50:48:
94:99:1d:21:cc:f5:df:5c:77:4a:ae:ce:88:cc:69:17:45:41:
65:b7:88:0a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYr72aLpPAp4ZqfdSk+GSrmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMxMDA0MTgwMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWFmNWM5MWU1MTZkOWVjZmI2Y2I3Njg4ZTUxNGY5NDYyOWI5Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscGvH0NieDnjlPXq5pcAXWP3Ik5n
kkQwiR0rVvu2Hk6eA+cd/zXlV3OOP3yLg2fViWPxWSuOyo0MhUanHbY1aSQ4jabU
Wnp2JVpFC3VzNPehBD4igQMDndVjlCkeOReJp3m+GF7GT8aYFE4N9D+6h86pxw69
hnbOvTvVuT0eyoTx3agqZ8HEx/uwun5SCPItPlEDLpzxVFwLaZem25z8WkAXr6m+
Yq2VCIQBXt4a2u2y60Bzym7I9Y5nHyNecxI0u8IdEm1/mtVjwMNckRhp2YoDw5+w
XXovbpci5Xc9am4FLPJm7jkErR/T9UF4KhDk0hswQ3qTxdVxmX03+bCapwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMWvXJHlFtns+2y3aI5RT5Rim5yhMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEveGE5Y2tlVVcyZXo3Ykxkb2psRlBsR0tibktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABWkNAwQC
BWk0AwQBBWmuAwQABWmxAwQABWnbAwQABWnjAwQB2UNMMA0GCSqGSIb3DQEBCwUA
A4IBAQBuEqDRXnlqHYCQ0QPbFo1xW7I9LAhVti1F28F8N4jEehaay7vnaVS2G477
Qhw2uX+50lSMdTqC61/n694qVE1kAFjQXQ9y6YP+bVmmUEdiLLms7ky0dkww2cst
9b4JMJVSJDRMmVE482kaBAuQk46E5Gu0d9zNIsWUSiFMfUaigKiHofjpbCYF8z9N
LVxFz35+VUbjGwFc2K7B0jcihraQjGcVryLuAxJI4Jw/n/ssv0woQiRYc0h1YY32
VO0bHHhmbNZFLatQkmv2RThV2/PPTVLmeODaM9oA5LyJEZyijrmi9ra12s+TUEiU
mR0hzPXfXHdKrs6IzGkXRUFlt4gK
-----END CERTIFICATE-----
Generated at Mon Oct 9 18:33:32 2023 by rpki-client on console-fra.rpki-client.org