Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/yS40fSL2peu7qm-IPq4T3HndjKs.roa
File: yS40fSL2peu7qm-IPq4T3HndjKs.roa (raw, json)
Hash identifier: MI3bekmwez8Pi4i+V+glyo9Qs5xB7m+SGAX3GLAJd9k=
Subject key identifier: C9:2E:34:7D:22:F6:A5:EB:BB:AA:6F:88:3E:AE:13:DC:79:DD:8C:AB
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0188ED78CE6DA980E11ED3396990EAD3DA3A
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/yS40fSL2peu7qm-IPq4T3HndjKs.roa
Signing time: Sat 24 Jun 2023 12:54:57 +0000
ROA not before: Sat 24 Jun 2023 12:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 5.105.158.0/24 maxlen: 24
91.200.212.0/22 maxlen: 24
5.105.172.0/24 maxlen: 24
5.105.71.0/24 maxlen: 24
5.105.65.0/24 maxlen: 24
5.105.80.0/24 maxlen: 24
5.105.98.0/24 maxlen: 24
5.105.104.0/24 maxlen: 24
5.105.31.0/24 maxlen: 24
217.67.68.0/22 maxlen: 22
5.105.46.0/24 maxlen: 24
5.105.64.0/24 maxlen: 24
5.105.188.0/24 maxlen: 24
85.255.176.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ed:78:ce:6d:a9:80:e1:1e:d3:39:69:90:ea:d3:da:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 24 12:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c92e347d22f6a5ebbbaa6f883eae13dc79dd8cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5c:7c:84:da:77:e9:4b:24:a3:7f:01:86:3b:
71:47:fa:50:91:e5:6c:48:cf:7c:2b:9a:9f:0b:9f:
e5:fd:34:a2:b3:60:a3:03:b7:d7:72:60:5c:dc:e7:
4a:68:15:c1:f1:70:0d:00:5d:62:bb:2f:c1:c9:fd:
6d:ad:dd:d3:75:48:d1:73:f8:97:16:17:4f:13:85:
4b:9f:6c:f9:a6:15:7f:a0:a1:d4:94:f9:a6:f5:6d:
08:e2:bd:97:e3:51:18:e3:d3:79:31:bd:28:00:f3:
9d:11:d4:ad:db:8d:c7:58:8b:fd:66:1c:1c:3a:65:
27:d4:53:4e:11:db:c3:79:7c:bb:93:d4:f8:a6:b8:
2b:d8:0b:93:f1:9b:f4:31:5a:13:1c:ac:ab:20:d1:
59:e5:49:f8:0d:fe:02:c5:b1:a6:c9:f5:db:f9:76:
05:7e:d5:e9:ff:9d:53:1e:a0:fe:64:d9:61:3e:1b:
db:36:9a:56:97:d7:c6:ea:15:54:25:b8:ba:05:8b:
bc:2b:b7:92:0b:0f:f8:ab:63:03:5b:ff:63:ce:88:
9d:ae:98:41:80:4a:24:9a:d3:2d:8b:f3:c1:1b:ff:
ca:da:aa:75:12:e5:42:7c:2d:4f:c3:8c:43:87:0f:
94:47:53:0e:98:03:30:9b:d4:7b:5f:85:07:87:9f:
29:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2E:34:7D:22:F6:A5:EB:BB:AA:6F:88:3E:AE:13:DC:79:DD:8C:AB
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/yS40fSL2peu7qm-IPq4T3HndjKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.31.0/24
5.105.46.0/24
5.105.64.0/23
5.105.71.0/24
5.105.80.0/24
5.105.98.0/24
5.105.104.0/24
5.105.158.0/24
5.105.172.0/24
5.105.188.0/24
85.255.176.0/21
91.200.212.0/22
217.67.68.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:08:fd:6a:d8:e7:b2:6c:00:63:c0:09:35:a1:a7:e0:a9:fc:
28:20:27:84:3d:59:29:4d:54:09:ed:05:6b:f6:54:a8:54:ad:
94:cb:a8:46:d9:55:bc:c0:ad:d0:74:2e:0f:4c:1b:f4:36:ef:
1d:ae:5e:65:98:22:d7:73:50:04:fb:d2:23:5f:38:41:42:a6:
57:c5:2e:42:2c:4c:da:60:75:6c:98:a2:39:85:67:dc:12:62:
90:ab:56:02:d5:13:33:cc:eb:0c:c5:5e:2a:f1:f8:58:ca:97:
70:81:53:44:8c:24:74:5b:24:df:c1:12:c1:d1:91:03:e2:5e:
83:47:25:8e:d7:89:60:04:d3:72:62:c1:2f:11:40:7d:4a:82:
c9:d1:f1:58:7a:91:d0:e2:02:f8:cc:49:22:36:c7:5d:09:f9:
28:47:93:32:09:78:41:42:6a:dd:b5:32:37:b6:ec:70:f6:d2:
29:9b:ae:30:db:ca:dc:59:5d:27:fe:0b:e1:f2:40:8a:37:33:
90:1a:6f:8c:6b:b1:16:90:b5:52:d7:ed:a4:db:68:c6:cd:68:
8a:dc:65:53:1b:d6:6f:df:57:03:2b:21:4b:f0:69:02:5e:4b:
f7:02:40:09:1e:fa:e5:6f:22:c5:19:b5:a0:98:68:32:62:7d:
c0:11:94:07
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYjteM5tqYDhHtM5aZDq09o6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjI0MTI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJlMzQ3ZDIyZjZhNWViYmJhYTZmODgzZWFlMTNkYzc5ZGQ4Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1x8hNp36Usko38BhjtxR/pQkeVs
SM98K5qfC5/l/TSis2CjA7fXcmBc3OdKaBXB8XANAF1iuy/Byf1trd3TdUjRc/iX
FhdPE4VLn2z5phV/oKHUlPmm9W0I4r2X41EY49N5Mb0oAPOdEdSt243HWIv9Zhwc
OmUn1FNOEdvDeXy7k9T4prgr2AuT8Zv0MVoTHKyrINFZ5Un4Df4CxbGmyfXb+XYF
ftXp/51THqD+ZNlhPhvbNppWl9fG6hVUJbi6BYu8K7eSCw/4q2MDW/9jzoidrphB
gEokmtMti/PBG//K2qp1EuVCfC1Pw4xDhw+UR1MOmAMwm9R7X4UHh58pFQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMkuNH0i9qXru6pviD6uE9x53YyrMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEveVM0MGZTTDJwZXU3cW0tSVBxNFQzSG5kaktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABWkfAwQA
BWkuAwQBBWlAAwQABWlHAwQABWlQAwQABWliAwQABWloAwQABWmeAwQABWmsAwQA
BWm8AwQDVf+wAwQCW8jUAwQC2UNEMA0GCSqGSIb3DQEBCwUAA4IBAQArCP1q2Oey
bABjwAk1oafgqfwoICeEPVkpTVQJ7QVr9lSoVK2Uy6hG2VW8wK3QdC4PTBv0Nu8d
rl5lmCLXc1AE+9IjXzhBQqZXxS5CLEzaYHVsmKI5hWfcEmKQq1YC1RMzzOsMxV4q
8fhYypdwgVNEjCR0WyTfwRLB0ZED4l6DRyWO14lgBNNyYsEvEUB9SoLJ0fFYepHQ
4gL4zEkiNsddCfkoR5MyCXhBQmrdtTI3tuxw9tIpm64w28rcWV0n/gvh8kCKNzOQ
Gm+Ma7EWkLVS1+2k22jGzWiK3GVTG9Zv31cDKyFL8GkCXkv3AkAJHvrlbyLFGbWg
mGgyYn3AEZQH
-----END CERTIFICATE-----
Generated at Sat Aug 26 10:01:27 2023 by rpki-client on console-ams.rpki-client.org