Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/yD7BcLyYLDTPxrrv8JustXW4yqQ.roa
File: yD7BcLyYLDTPxrrv8JustXW4yqQ.roa (raw, json)
Hash identifier: poQOVuWkMNRL4Jeq6wcwRWkxGUqsuClV4eUHfrfM9Ek=
Subject key identifier: C8:3E:C1:70:BC:98:2C:34:CF:C6:BA:EF:F0:9B:AC:B5:75:B8:CA:A4
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01889AE006455355FD9C26D222D925277213
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/yD7BcLyYLDTPxrrv8JustXW4yqQ.roa
Signing time: Thu 08 Jun 2023 11:59:12 +0000
ROA not before: Thu 08 Jun 2023 11:59:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 5.105.168.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
5.105.230.0/24 maxlen: 24
5.105.19.0/24 maxlen: 24
5.105.24.0/24 maxlen: 24
5.105.25.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.50.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:e0:06:45:53:55:fd:9c:26:d2:22:d9:25:27:72:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 8 11:59:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c83ec170bc982c34cfc6baeff09bacb575b8caa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:29:27:65:a4:8a:e0:16:6f:ac:9b:f2:21:ab:
63:14:69:fc:a0:9a:61:21:0b:40:ea:23:89:cb:db:
d4:56:a0:a5:49:87:64:33:3a:10:26:04:2b:0b:f1:
be:35:2f:3d:72:de:65:ca:46:31:8b:99:a2:ed:8e:
d1:2b:af:7f:f2:49:03:0b:7b:56:f2:71:90:51:54:
f8:ce:b1:a5:99:45:a0:64:57:37:8a:8a:ac:d6:f6:
1d:fd:3a:56:70:53:8b:64:55:54:a7:7f:d9:23:8a:
10:39:28:01:e8:91:7f:ff:fe:13:f8:05:3f:a2:af:
63:f5:b6:8b:3b:c4:79:76:36:44:bb:e3:0d:6f:0f:
9a:ad:35:7e:a4:3b:c4:0a:c5:8f:16:9d:8a:74:9b:
4b:9d:bf:e8:08:4b:f2:5e:6d:53:f7:5c:de:90:94:
f9:33:ef:61:50:4a:ce:fd:ae:a6:92:9d:28:be:0a:
47:7a:1a:51:64:4e:f8:ce:41:d8:e2:b2:ea:c4:b7:
3f:47:9b:0e:0f:6d:b9:41:29:99:f1:98:05:5a:ae:
9f:ea:2f:15:88:4a:bc:b9:cc:58:37:6d:eb:ed:31:
33:be:79:86:8f:37:a4:58:52:5d:e8:95:b6:a6:85:
10:1a:b1:56:7e:81:29:c3:8e:62:88:dc:9f:c5:96:
ba:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3E:C1:70:BC:98:2C:34:CF:C6:BA:EF:F0:9B:AC:B5:75:B8:CA:A4
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/yD7BcLyYLDTPxrrv8JustXW4yqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.19.0/24
5.105.24.0/23
5.105.33.0/24
5.105.40.0/24
5.105.43.0/24
5.105.50.0/24
5.105.57.0/24
5.105.81.0/24
5.105.96.0/24
5.105.168.0/24
5.105.184.0/24
5.105.230.0/24
Signature Algorithm: sha256WithRSAEncryption
46:0f:9e:a3:77:f1:49:44:ef:fd:d6:45:7f:28:cd:55:36:1b:
ef:a0:31:63:5e:d7:88:8d:4c:b5:a2:9a:7b:15:f4:31:40:ab:
07:45:9d:c6:b8:a9:1d:25:12:50:89:c9:c5:2a:dd:c6:9b:05:
c3:21:9a:47:c7:a7:15:30:26:b8:50:d5:1f:b7:ff:ee:cb:2e:
7d:2b:01:43:25:c1:d1:e2:aa:a7:6f:6f:ad:02:e0:c4:49:a7:
0f:4d:46:fc:8a:33:dc:14:eb:67:24:fe:da:02:ec:77:ca:5a:
a9:a1:34:c3:d0:1d:d9:04:0d:11:c2:2f:85:cc:ce:21:71:2c:
f1:f6:31:53:b4:78:b1:90:0d:41:c7:b8:33:98:05:81:27:3d:
c7:54:2d:d1:8a:89:68:eb:28:b5:44:2d:02:25:ad:0b:71:19:
e9:05:c4:d3:0c:7e:d9:0f:24:ab:0f:05:89:d2:30:6a:b3:7b:
7d:6f:98:a8:ac:60:66:73:42:1b:be:32:b9:1a:25:d7:f7:90:
0e:c5:41:eb:51:3f:36:51:b1:5a:33:1b:dd:78:36:c4:89:0a:
2a:dd:10:ac:97:d7:e2:c7:07:67:90:bd:ac:96:cf:6b:be:e6:
52:3b:46:e9:43:d2:35:f0:b0:e4:74:62:96:20:53:74:ad:3a:
c4:8d:f5:da
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYia4AZFU1X9nCbSItklJ3ITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjA4MTE1OTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNlYzE3MGJjOTgyYzM0Y2ZjNmJhZWZmMDliYWNiNTc1YjhjYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSknZaSK4BZvrJvyIatjFGn8oJph
IQtA6iOJy9vUVqClSYdkMzoQJgQrC/G+NS89ct5lykYxi5mi7Y7RK69/8kkDC3tW
8nGQUVT4zrGlmUWgZFc3ioqs1vYd/TpWcFOLZFVUp3/ZI4oQOSgB6JF///4T+AU/
oq9j9baLO8R5djZEu+MNbw+arTV+pDvECsWPFp2KdJtLnb/oCEvyXm1T91zekJT5
M+9hUErO/a6mkp0ovgpHehpRZE74zkHY4rLqxLc/R5sOD225QSmZ8ZgFWq6f6i8V
iEq8ucxYN23r7TEzvnmGjzekWFJd6JW2poUQGrFWfoEpw45iiNyfxZa6vwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMg+wXC8mCw0z8a67/CbrLV1uMqkMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEveUQ3QmNMeVlMRFRQeHJydjhKdXN0WFc0eXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABWkTAwQB
BWkYAwQABWkhAwQABWkoAwQABWkrAwQABWkyAwQABWk5AwQABWlRAwQABWlgAwQA
BWmoAwQABWm4AwQABWnmMA0GCSqGSIb3DQEBCwUAA4IBAQBGD56jd/FJRO/91kV/
KM1VNhvvoDFjXteIjUy1opp7FfQxQKsHRZ3GuKkdJRJQicnFKt3GmwXDIZpHx6cV
MCa4UNUft//uyy59KwFDJcHR4qqnb2+tAuDESacPTUb8ijPcFOtnJP7aAux3ylqp
oTTD0B3ZBA0Rwi+FzM4hcSzx9jFTtHixkA1Bx7gzmAWBJz3HVC3Riolo6yi1RC0C
Ja0LcRnpBcTTDH7ZDySrDwWJ0jBqs3t9b5iorGBmc0IbvjK5GiXX95AOxUHrUT82
UbFaMxvdeDbEiQoq3RCsl9fixwdnkL2sls9rvuZSO0bpQ9I18LDkdGKWIFN0rTrE
jfXa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:01 2023 by rpki-client on console-ams.rpki-client.org