Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/z4tSRnkjX5iTs-NQeH05SqyNXCk.roa
File: z4tSRnkjX5iTs-NQeH05SqyNXCk.roa (raw, json)
Hash identifier: hsix5wanF94pryPtL5C79uXKvZ/S1kmJutnESH7os3I=
Subject key identifier: CF:8B:52:46:79:23:5F:98:93:B3:E3:50:78:7D:39:4A:AC:8D:5C:29
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189AD69A20683FCA10FDF13B9C73D4C02A8
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/z4tSRnkjX5iTs-NQeH05SqyNXCk.roa
Signing time: Mon 31 Jul 2023 19:25:28 +0000
ROA not before: Mon 31 Jul 2023 19:25:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 5.105.122.0/24 maxlen: 24
5.105.131.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.136.0/24 maxlen: 24
5.105.134.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.165.0/24 maxlen: 24
5.105.164.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.169.0/24 maxlen: 24
5.105.101.0/24 maxlen: 24
5.105.111.0/24 maxlen: 24
5.105.117.0/24 maxlen: 24
5.105.228.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.247.0/24 maxlen: 24
5.105.186.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
193.46.210.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.209.0/24 maxlen: 24
5.105.220.0/24 maxlen: 24
5.105.15.0/24 maxlen: 24
5.105.14.0/24 maxlen: 24
5.105.13.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
5.105.18.0/24 maxlen: 24
5.105.26.0/24 maxlen: 24
5.105.30.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.50.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ad:69:a2:06:83:fc:a1:0f:df:13:b9:c7:3d:4c:02:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 31 19:25:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf8b524679235f9893b3e350787d394aac8d5c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6c:86:e5:90:80:cd:e6:61:f8:c7:08:56:75:
4a:fb:73:20:8e:3b:0a:61:f0:33:1e:d0:4b:99:e5:
88:39:81:90:bd:e6:2c:2f:2b:6f:f3:34:b3:7f:8f:
e0:fc:07:90:f7:79:28:3c:9e:2e:7c:9d:7d:84:b0:
2e:91:8a:9b:3b:21:28:87:e5:ad:a0:d3:d3:22:98:
39:cb:35:82:cf:8e:ab:ce:18:d7:27:b3:84:75:2d:
ab:eb:c3:64:4f:85:10:69:87:e2:23:1e:e9:65:54:
bd:30:c8:61:b3:51:96:4d:2a:83:de:10:ef:15:e8:
07:67:45:aa:38:c7:56:42:22:02:6c:a9:dc:40:07:
df:51:c4:47:87:b3:cd:65:86:80:93:9f:64:48:25:
0a:97:9a:11:3d:a0:df:b4:e6:c8:1b:0a:be:83:df:
9c:f8:3b:c5:de:20:ad:c2:5a:1f:46:34:f6:a2:fc:
fc:39:b0:30:50:f2:96:c5:b2:fb:df:46:d5:85:f3:
bd:ac:b9:59:aa:dd:51:ba:24:e3:a7:20:cb:b3:c8:
e5:51:87:9d:94:f0:3a:b3:b8:18:4b:b7:0d:8b:64:
1c:25:df:1f:6c:50:37:71:f8:94:2b:97:b0:ae:8e:
b7:6f:9b:e5:b6:a2:54:68:bd:76:88:76:e1:6b:27:
ed:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:8B:52:46:79:23:5F:98:93:B3:E3:50:78:7D:39:4A:AC:8D:5C:29
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/z4tSRnkjX5iTs-NQeH05SqyNXCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.2.0/24
5.105.13.0-5.105.15.255
5.105.18.0/24
5.105.21.0/24
5.105.26.0/24
5.105.30.0/24
5.105.32.0/23
5.105.40.0/24
5.105.50.0/24
5.105.57.0/24
5.105.101.0/24
5.105.111.0/24
5.105.117.0/24
5.105.122.0/24
5.105.127.0/24
5.105.131.0/24
5.105.134.0/24
5.105.136.0/24
5.105.157.0/24
5.105.162.0/24
5.105.164.0/23
5.105.169.0/24
5.105.186.0/23
5.105.202.0/23
5.105.209.0/24
5.105.220.0/24
5.105.228.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.247.0/24
5.105.249.0/24
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
07:7b:21:60:f2:fc:48:55:4c:aa:8c:5f:f5:c7:d6:52:8d:cf:
2d:77:32:88:c9:69:1c:f5:76:a7:b4:86:b7:e8:b7:39:cd:3c:
d6:83:7c:00:a4:7c:68:8d:0f:80:ac:4b:1f:3c:b3:39:c7:61:
58:a4:80:4d:55:33:7c:79:54:1a:12:84:74:04:86:8c:3a:75:
25:f6:58:50:a7:c0:8c:46:8b:d8:4d:c7:dd:91:7b:99:e6:f4:
0c:be:4b:df:69:7e:9f:39:9d:45:42:1a:a9:f3:7f:53:64:98:
55:d1:52:75:00:bc:b4:5e:18:2a:3b:06:ff:a8:a3:07:da:da:
5f:be:49:20:9c:8c:f2:11:af:93:19:64:72:51:30:3a:73:d7:
46:76:7a:1f:00:5d:f8:ad:82:dc:a9:1f:44:ca:21:4a:5a:1c:
f1:fe:8c:28:46:7d:11:41:8c:08:6a:ba:c5:be:62:f7:61:6f:
57:b2:0c:25:70:f4:58:10:79:65:69:c9:f7:93:7d:54:86:a8:
10:68:fe:c5:87:60:60:9c:bd:1c:66:d9:8c:53:df:54:07:df:
52:2c:a8:18:d8:90:05:79:01:b7:ba:7a:53:f2:33:f5:29:04:
46:f5:87:d0:ed:24:85:91:13:14:45:52:2e:cd:3c:e0:04:46:
83:b7:a2:ac
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYmtaaIGg/yhD98Tucc9TAKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzMxMTkyNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjhiNTI0Njc5MjM1Zjk4OTNiM2UzNTA3ODdkMzk0YWFjOGQ1YzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWyG5ZCAzeZh+McIVnVK+3MgjjsK
YfAzHtBLmeWIOYGQveYsLytv8zSzf4/g/AeQ93koPJ4ufJ19hLAukYqbOyEoh+Wt
oNPTIpg5yzWCz46rzhjXJ7OEdS2r68NkT4UQaYfiIx7pZVS9MMhhs1GWTSqD3hDv
FegHZ0WqOMdWQiICbKncQAffUcRHh7PNZYaAk59kSCUKl5oRPaDftObIGwq+g9+c
+DvF3iCtwlofRjT2ovz8ObAwUPKWxbL730bVhfO9rLlZqt1RuiTjpyDLs8jlUYed
lPA6s7gYS7cNi2QcJd8fbFA3cfiUK5ewro63b5vltqJUaL12iHbhayftmQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFM+LUkZ5I1+Yk7PjUHh9OUqsjVwpMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvejR0U1Jua2pYNWlUcy1OUWVIMDVTcXlOWENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAAF
aQIwDAMEAAVpDQMEBAVpAAMEAAVpEgMEAAVpFQMEAAVpGgMEAAVpHgMEAQVpIAME
AAVpKAMEAAVpMgMEAAVpOQMEAAVpZQMEAAVpbwMEAAVpdQMEAAVpegMEAAVpfwME
AAVpgwMEAAVphgMEAAVpiAMEAAVpnQMEAAVpogMEAQVppAMEAAVpqQMEAQVpugME
AQVpygMEAAVp0QMEAAVp3AMEAAVp5DAMAwQABWnvAwQABWnwAwQBBWn0AwQABWn3
AwQABWn5AwQABbSwAwQAwS7SMA0GCSqGSIb3DQEBCwUAA4IBAQAHeyFg8vxIVUyq
jF/1x9ZSjc8tdzKIyWkc9XantIa36Lc5zTzWg3wApHxojQ+ArEsfPLM5x2FYpIBN
VTN8eVQaEoR0BIaMOnUl9lhQp8CMRovYTcfdkXuZ5vQMvkvfaX6fOZ1FQhqp839T
ZJhV0VJ1ALy0XhgqOwb/qKMH2tpfvkkgnIzyEa+TGWRyUTA6c9dGdnofAF34rYLc
qR9EyiFKWhzx/owoRn0RQYwIarrFvmL3YW9XsgwlcPRYEHllacn3k31UhqgQaP7F
h2BgnL0cZtmMU99UB99SLKgY2JAFeQG3unpT8jP1KQRG9YfQ7SSFkRMURVIuzTzg
BEaDt6Ks
-----END CERTIFICATE-----
Generated at Tue Aug 1 11:43:50 2023 by rpki-client on console-fra.rpki-client.org