Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xm8Nhg0-jQfh1d38HjYzqakjTaI.roa
File: xm8Nhg0-jQfh1d38HjYzqakjTaI.roa (raw, json)
Hash identifier: EWIM6jAEASwOy3O48JGSZkOGbqDX7RtKafB7XtyKSos=
Subject key identifier: C6:6F:0D:86:0D:3E:8D:07:E1:D5:DD:FC:1E:36:33:A9:A9:23:4D:A2
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189442F83CF130CA6C6E48307005753EA2B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xm8Nhg0-jQfh1d38HjYzqakjTaI.roa
Signing time: Tue 11 Jul 2023 09:01:51 +0000
ROA not before: Tue 11 Jul 2023 09:01:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 5.105.24.0/24 maxlen: 24
5.105.25.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.168.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:2f:83:cf:13:0c:a6:c6:e4:83:07:00:57:53:ea:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 11 09:01:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c66f0d860d3e8d07e1d5ddfc1e3633a9a9234da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f7:48:6f:83:c8:e6:0e:b2:96:c3:6b:79:74:
21:d5:5c:58:b8:24:88:1d:47:bd:d4:59:5c:50:b0:
06:65:45:48:b2:b3:39:b6:93:fc:04:9e:f5:60:d6:
9d:f9:80:7a:ab:d4:90:30:41:cf:33:f1:78:3a:96:
d4:d0:8a:72:69:74:01:f5:36:23:95:50:da:d8:1d:
75:b5:ca:d9:dd:a5:79:e8:e1:6f:4b:fa:7a:95:8b:
50:3d:aa:b1:05:11:c2:4f:4e:b0:0f:ad:29:7f:ed:
0c:8b:59:e4:41:52:f6:a0:44:d4:8c:83:cc:f0:08:
e6:be:f8:a7:92:01:12:52:b6:19:80:03:07:47:a6:
64:06:1c:46:c9:bd:ff:c9:23:1a:7b:f3:63:43:fd:
35:d5:43:60:a3:37:75:f0:cb:5c:5a:28:22:7e:da:
a5:75:25:95:bd:d1:3a:fd:3e:6e:2d:60:f4:3e:74:
5b:c5:98:b4:91:df:43:f3:d6:dd:4c:b7:ef:17:fb:
fc:9d:50:42:2c:de:30:51:ae:f0:4e:26:57:2f:ef:
d2:a6:eb:05:ac:a6:78:b5:f2:b1:73:a7:02:10:d6:
c6:6d:6c:1c:29:c0:62:b4:7c:3e:9f:5f:56:0f:3e:
ca:c7:b5:f7:a9:ab:86:df:72:55:e6:55:82:06:ea:
5e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:6F:0D:86:0D:3E:8D:07:E1:D5:DD:FC:1E:36:33:A9:A9:23:4D:A2
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xm8Nhg0-jQfh1d38HjYzqakjTaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.24.0/23
5.105.33.0/24
5.105.43.0/24
5.105.81.0/24
5.105.96.0/24
5.105.168.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:82:81:5b:5e:22:e8:c1:bd:f8:af:5b:88:c1:6b:79:e9:1f:
e9:20:13:e0:fa:60:3b:09:75:14:b0:5a:24:41:ac:8f:f1:e2:
a2:33:c6:38:5e:89:59:81:c1:ca:df:43:b4:44:5e:98:e8:62:
a9:7f:b8:96:61:e2:07:b6:98:6a:eb:d9:ad:20:b4:ed:8c:a5:
32:ec:49:71:ca:fa:1e:80:8e:2e:9b:cf:43:f8:00:da:73:be:
41:da:d6:3c:4c:d9:25:5b:ce:97:d4:dc:ed:11:cf:04:78:3a:
71:c7:cd:be:7b:1e:20:bf:9e:00:b3:7f:3c:9a:87:b6:9b:aa:
a6:1d:21:63:72:31:29:48:f3:9a:5e:fe:1b:58:4b:5a:59:d6:
c2:76:2f:29:7d:17:d9:7f:f5:3c:4a:1f:78:0b:ad:43:b8:4f:
64:ba:d4:59:ac:08:b4:6e:e3:d3:01:d7:d6:07:66:8c:61:38:
8c:00:54:a6:c0:26:3e:44:d5:e3:d6:cd:50:da:48:73:95:30:
02:6c:ad:db:03:78:e5:9a:4d:ad:aa:27:78:3a:3f:66:59:71:
51:e2:df:e6:34:83:ba:fa:22:17:d6:ac:f9:de:a8:70:e5:91:
01:8b:b4:f1:c3:22:d5:37:84:fa:d8:6c:df:bc:16:0c:45:34:
53:9c:4b:aa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYlEL4PPEwymxuSDBwBXU+orMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzExMDkwMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjZmMGQ4NjBkM2U4ZDA3ZTFkNWRkZmMxZTM2MzNhOWE5MjM0ZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfdIb4PI5g6ylsNreXQh1VxYuCSI
HUe91FlcULAGZUVIsrM5tpP8BJ71YNad+YB6q9SQMEHPM/F4OpbU0IpyaXQB9TYj
lVDa2B11tcrZ3aV56OFvS/p6lYtQPaqxBRHCT06wD60pf+0Mi1nkQVL2oETUjIPM
8AjmvvinkgESUrYZgAMHR6ZkBhxGyb3/ySMae/NjQ/011UNgozd18MtcWigiftql
dSWVvdE6/T5uLWD0PnRbxZi0kd9D89bdTLfvF/v8nVBCLN4wUa7wTiZXL+/SpusF
rKZ4tfKxc6cCENbGbWwcKcBitHw+n19WDz7Kx7X3qauG33JV5lWCBupeQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMZvDYYNPo0H4dXd/B42M6mpI02iMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEveG04TmhnMC1qUWZoMWQzOEhqWXpxYWtqVGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBWkYAwQA
BWkhAwQABWkrAwQABWlRAwQABWlgAwQABWmoMA0GCSqGSIb3DQEBCwUAA4IBAQC3
goFbXiLowb34r1uIwWt56R/pIBPg+mA7CXUUsFokQayP8eKiM8Y4XolZgcHK30O0
RF6Y6GKpf7iWYeIHtphq69mtILTtjKUy7ElxyvoegI4um89D+ADac75B2tY8TNkl
W86X1NztEc8EeDpxx82+ex4gv54As388moe2m6qmHSFjcjEpSPOaXv4bWEtaWdbC
di8pfRfZf/U8Sh94C61DuE9kutRZrAi0buPTAdfWB2aMYTiMAFSmwCY+RNXj1s1Q
2khzlTACbK3bA3jlmk2tqid4Oj9mWXFR4t/mNIO6+iIX1qz53qhw5ZEBi7TxwyLV
N4T62GzfvBYMRTRTnEuq
-----END CERTIFICATE-----
Generated at Thu Jul 27 08:37:22 2023 by rpki-client on console-fra.rpki-client.org