Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ymOPLKu6i7TsZ-FZd4S2wQ0HgRw.roa
File: ymOPLKu6i7TsZ-FZd4S2wQ0HgRw.roa (raw, json)
Hash identifier: pGPF674VCKCzxhldoolGxOdr88MbNYnAFvJcQJ3Eqx8=
Subject key identifier: CA:63:8F:2C:AB:BA:8B:B4:EC:67:E1:59:77:84:B6:C1:0D:07:81:1C
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A08C9504E00E717610FB0638213D6D521
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ymOPLKu6i7TsZ-FZd4S2wQ0HgRw.roa
Signing time: Fri 18 Aug 2023 13:15:25 +0000
ROA not before: Fri 18 Aug 2023 13:15:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 5.105.169.0/24 maxlen: 24
5.105.186.0/23 maxlen: 24
5.105.202.0/23 maxlen: 24
5.105.212.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:c9:50:4e:00:e7:17:61:0f:b0:63:82:13:d6:d5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 18 13:15:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca638f2cabba8bb4ec67e1597784b6c10d07811c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:91:33:13:6f:96:83:24:1a:c8:bb:ad:30:c3:
7b:25:95:71:eb:af:b5:9c:30:0d:0e:5d:cd:d9:fe:
46:9e:08:c3:d8:e0:21:bd:17:97:8b:5b:4c:58:e7:
51:89:0a:7d:18:76:81:ae:d8:7d:15:80:8e:3f:43:
8f:f2:b3:af:8a:42:1b:58:36:23:31:68:d7:69:cf:
ee:72:1e:f7:9b:0a:85:a8:18:ad:14:3a:ad:09:e2:
a1:60:d0:96:a9:20:a4:15:6f:2f:e4:ea:21:7e:20:
a2:32:bf:ff:f4:ae:5b:a9:57:69:82:a3:77:23:92:
7c:bf:b5:f5:1b:80:d4:f8:63:db:34:00:c8:20:8d:
9d:ac:be:b8:2b:14:0b:aa:16:34:bf:33:ea:80:cf:
ab:bb:57:76:d6:f6:50:d4:78:69:30:c1:fb:fa:f7:
db:07:7c:8f:6f:48:1d:9b:99:e9:08:ea:10:64:d5:
f7:c8:5a:69:04:1e:75:00:46:09:22:1c:da:c9:d3:
a8:06:06:8f:c9:51:0a:97:c8:e0:2b:98:97:31:92:
dc:60:19:36:de:48:f5:af:70:6e:53:87:38:0e:1b:
e3:9e:ac:42:49:52:2f:0a:4f:ed:b6:61:ca:41:3e:
53:9d:4d:c9:46:40:e0:cb:57:85:32:d2:be:d7:bd:
de:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:63:8F:2C:AB:BA:8B:B4:EC:67:E1:59:77:84:B6:C1:0D:07:81:1C
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ymOPLKu6i7TsZ-FZd4S2wQ0HgRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.169.0/24
5.105.186.0/23
5.105.202.0/23
5.105.212.0/24
Signature Algorithm: sha256WithRSAEncryption
17:a9:5d:37:f1:9b:f2:45:c1:d4:04:49:44:ac:42:5c:9c:69:
50:d8:2b:ae:96:a1:fd:bf:aa:5a:a8:00:26:ee:4a:68:22:55:
af:fa:1f:8e:58:41:37:d4:e9:9a:66:04:09:e6:17:f1:44:e9:
9b:f4:34:8c:b9:0a:7b:ee:2e:67:92:70:43:1c:4c:df:87:51:
51:42:ca:c0:8d:af:6f:8b:b9:58:84:c0:b9:7c:48:e0:63:24:
e9:b8:3f:9d:13:bb:31:d1:53:74:58:f7:72:9f:fd:8b:03:18:
a3:4b:a2:ad:e7:b6:1e:a0:a6:02:6e:c0:e2:39:75:1a:ac:3b:
c0:36:c5:a6:9b:03:80:e6:f2:34:b4:57:7a:49:64:1d:4c:2c:
34:3d:4c:27:1c:cf:c8:68:68:d0:91:8d:c6:ea:df:ad:03:99:
d0:31:1d:23:51:8a:0f:d6:47:1d:31:1f:74:34:98:6c:c9:71:
f9:eb:f6:e9:c5:e5:c5:73:44:27:d5:08:58:f1:44:c0:18:f5:
82:87:81:b9:c9:e5:47:b2:9f:86:f7:73:e5:a8:0b:ff:a1:ec:
c6:66:9e:2f:7c:77:ca:12:d9:5c:3d:07:e0:9a:ca:8c:1c:0f:
e7:d9:5b:59:03:fe:b2:13:60:ae:51:1a:eb:40:1f:1f:60:77:
79:af:b2:38
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYoIyVBOAOcXYQ+wY4IT1tUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODE4MTMxNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTYzOGYyY2FiYmE4YmI0ZWM2N2UxNTk3Nzg0YjZjMTBkMDc4MTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5EzE2+WgyQayLutMMN7JZVx66+1
nDANDl3N2f5GngjD2OAhvReXi1tMWOdRiQp9GHaBrth9FYCOP0OP8rOvikIbWDYj
MWjXac/uch73mwqFqBitFDqtCeKhYNCWqSCkFW8v5OohfiCiMr//9K5bqVdpgqN3
I5J8v7X1G4DU+GPbNADIII2drL64KxQLqhY0vzPqgM+ru1d21vZQ1HhpMMH7+vfb
B3yPb0gdm5npCOoQZNX3yFppBB51AEYJIhzaydOoBgaPyVEKl8jgK5iXMZLcYBk2
3kj1r3BuU4c4DhvjnqxCSVIvCk/ttmHKQT5TnU3JRkDgy1eFMtK+173enQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMpjjyyruou07GfhWXeEtsENB4EcMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEveW1PUExLdTZpN1RzWi1GWmQ0UzJ3UTBIZ1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWmpAwQB
BWm6AwQBBWnKAwQABWnUMA0GCSqGSIb3DQEBCwUAA4IBAQAXqV038ZvyRcHUBElE
rEJcnGlQ2CuulqH9v6paqAAm7kpoIlWv+h+OWEE31OmaZgQJ5hfxROmb9DSMuQp7
7i5nknBDHEzfh1FRQsrAja9vi7lYhMC5fEjgYyTpuD+dE7sx0VN0WPdyn/2LAxij
S6Kt57YeoKYCbsDiOXUarDvANsWmmwOA5vI0tFd6SWQdTCw0PUwnHM/IaGjQkY3G
6t+tA5nQMR0jUYoP1kcdMR90NJhsyXH56/bpxeXFc0Qn1QhY8UTAGPWCh4G5yeVH
sp+G93PlqAv/oezGZp4vfHfKEtlcPQfgmsqMHA/n2VtZA/6yE2CuURrrQB8fYHd5
r7I4
-----END CERTIFICATE-----
Generated at Tue Sep 19 11:05:47 2023 by rpki-client on console-ams.rpki-client.org