Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zp47nrmQhraq8l-jyONT1NDPvjI.roa
File: zp47nrmQhraq8l-jyONT1NDPvjI.roa (raw, json)
Hash identifier: myXRXq2Hqr6ii2Fq3RczUnLqkUdXMXQD7ymfG0n+b8w=
Subject key identifier: CE:9E:3B:9E:B9:90:86:B6:AA:F2:5F:A3:C8:E3:53:D4:D0:CF:BE:32
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018682B2B723129B3773156E5BCE96E6DFEA
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zp47nrmQhraq8l-jyONT1NDPvjI.roa
Signing time: Fri 24 Feb 2023 09:13:15 +0000
ROA not before: Fri 24 Feb 2023 09:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 5.105.124.0/24 maxlen: 24
5.105.129.0/24 maxlen: 24
5.105.253.0/24 maxlen: 24
5.105.158.0/24 maxlen: 24
5.105.84.0/24 maxlen: 24
5.105.188.0/24 maxlen: 24
5.105.98.0/24 maxlen: 24
5.105.94.0/24 maxlen: 24
5.105.105.0/24 maxlen: 24
5.105.102.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:b2:b7:23:12:9b:37:73:15:6e:5b:ce:96:e6:df:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 24 09:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce9e3b9eb99086b6aaf25fa3c8e353d4d0cfbe32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d7:b6:69:c5:e6:f9:7f:31:82:24:ce:a7:a7:
d3:78:21:60:1a:1b:e5:53:ea:5f:0b:95:14:b6:86:
d6:6a:3f:74:83:9f:ea:2f:82:a1:84:dc:83:20:7b:
ee:91:0f:44:da:17:39:81:11:c2:12:aa:25:ab:4b:
37:6f:3f:46:63:76:4b:85:1f:3f:5c:fb:35:6d:e4:
2c:31:5a:4f:b9:58:0f:0a:68:d3:b8:8a:5b:2c:9b:
64:8a:69:3c:16:d2:9b:74:3f:b3:a3:de:61:74:ef:
8a:d3:58:2e:37:0a:1a:1b:f6:ed:9e:d3:d9:80:57:
f7:ec:5d:5b:fd:eb:30:80:34:c2:75:6b:9a:2e:fe:
f2:e9:6b:9a:a9:43:81:bf:ba:78:85:58:8c:62:ff:
a0:06:02:4a:17:0d:08:5b:47:22:45:ff:40:c3:1a:
1b:3e:cb:29:4a:fa:bc:95:c2:0f:ca:a5:a1:97:b1:
c9:f2:6d:ef:f1:0a:5a:20:06:9e:51:7c:63:7c:3c:
f1:25:08:c6:9e:d6:36:75:de:bc:05:36:c4:8e:90:
80:6d:ba:b4:59:82:5b:0e:1e:b2:df:80:4d:83:e1:
00:d6:b6:06:f8:4b:d5:f4:f5:a8:d0:70:32:ab:2e:
34:07:8d:77:76:9e:15:a9:bf:46:7a:87:20:60:89:
1d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9E:3B:9E:B9:90:86:B6:AA:F2:5F:A3:C8:E3:53:D4:D0:CF:BE:32
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zp47nrmQhraq8l-jyONT1NDPvjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.84.0/24
5.105.94.0/24
5.105.98.0/24
5.105.102.0/24
5.105.105.0/24
5.105.124.0/24
5.105.129.0/24
5.105.158.0/24
5.105.188.0/24
5.105.253.0/24
Signature Algorithm: sha256WithRSAEncryption
96:b1:0a:ec:a1:c0:63:a6:e4:90:ae:4b:9d:59:ed:59:e0:e4:
bf:82:3e:5c:41:7b:e6:1e:67:72:00:13:cc:a7:95:1a:b1:47:
50:10:99:ec:ee:fa:28:b2:74:7b:92:75:72:9b:23:7b:ed:f3:
f7:89:73:2c:23:ee:67:da:f2:24:72:33:80:39:23:34:24:e0:
84:d4:7c:b6:2a:7b:9e:b2:41:52:6f:b7:83:1a:6a:15:4a:9c:
35:f1:fd:dc:12:15:08:52:77:35:ae:8c:da:74:bd:f0:3b:cd:
7f:86:7d:84:6b:2c:68:ff:77:97:0a:79:44:a1:bb:ef:b4:e1:
04:65:8d:77:c4:f4:45:6b:43:a7:54:14:f5:b3:18:55:99:09:
69:22:89:8b:3b:b7:99:68:39:af:33:d0:8b:56:9e:da:0a:d8:
99:15:9a:41:23:4a:27:ee:4f:b7:22:7d:f5:c3:12:98:4c:33:
a3:e7:31:af:23:30:6d:5c:cc:f3:56:0f:52:3d:dd:d6:60:b3:
f2:04:eb:ed:68:d5:32:43:cf:82:f9:b3:23:3d:0a:63:85:2d:
a0:6c:29:93:c1:9f:92:ff:17:7d:27:28:1c:a8:fc:d3:3c:f3:
07:0a:a3:c2:0e:c0:a7:c6:f3:2e:92:6f:61:c2:65:42:35:2b:
6b:be:1d:65
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYaCsrcjEps3cxVuW86W5t/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjI0MDkxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTllM2I5ZWI5OTA4NmI2YWFmMjVmYTNjOGUzNTNkNGQwY2ZiZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9e2acXm+X8xgiTOp6fTeCFgGhvl
U+pfC5UUtobWaj90g5/qL4KhhNyDIHvukQ9E2hc5gRHCEqolq0s3bz9GY3ZLhR8/
XPs1beQsMVpPuVgPCmjTuIpbLJtkimk8FtKbdD+zo95hdO+K01guNwoaG/btntPZ
gFf37F1b/eswgDTCdWuaLv7y6WuaqUOBv7p4hViMYv+gBgJKFw0IW0ciRf9Awxob
PsspSvq8lcIPyqWhl7HJ8m3v8QpaIAaeUXxjfDzxJQjGntY2dd68BTbEjpCAbbq0
WYJbDh6y34BNg+EA1rYG+EvV9PWo0HAyqy40B413dp4Vqb9GeocgYIkdFQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFM6eO565kIa2qvJfo8jjU9TQz74yMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvenA0N25ybVFocmFxOGwtanlPTlQxTkRQdmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABWlUAwQA
BWleAwQABWliAwQABWlmAwQABWlpAwQABWl8AwQABWmBAwQABWmeAwQABWm8AwQA
BWn9MA0GCSqGSIb3DQEBCwUAA4IBAQCWsQrsocBjpuSQrkudWe1Z4OS/gj5cQXvm
HmdyABPMp5UasUdQEJns7voosnR7knVymyN77fP3iXMsI+5n2vIkcjOAOSM0JOCE
1Hy2KnueskFSb7eDGmoVSpw18f3cEhUIUnc1rozadL3wO81/hn2Eayxo/3eXCnlE
obvvtOEEZY13xPRFa0OnVBT1sxhVmQlpIomLO7eZaDmvM9CLVp7aCtiZFZpBI0on
7k+3In31wxKYTDOj5zGvIzBtXMzzVg9SPd3WYLPyBOvtaNUyQ8+C+bMjPQpjhS2g
bCmTwZ+S/xd9JygcqPzTPPMHCqPCDsCnxvMukm9hwmVCNStrvh1l
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-fra.rpki-client.org