Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/009nVeyIQYIX4bqdV95BRsX2lIk.roa
File: 009nVeyIQYIX4bqdV95BRsX2lIk.roa (raw, json)
Hash identifier: oR3U9t19lN/Cmm55v9ljjZHSZWUwpkDWlmVfYB6Vuzk=
Subject key identifier: D3:4F:67:55:EC:88:41:82:17:E1:BA:9D:57:DE:41:46:C5:F6:94:89
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 01878ED3DC267B15D1155CD214D34C8D4301
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/009nVeyIQYIX4bqdV95BRsX2lIk.roa
Signing time: Mon 17 Apr 2023 10:47:41 +0000
ROA not before: Mon 17 Apr 2023 10:47:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59458
IP address blocks: 5.149.97.0/24 maxlen: 24
5.149.98.0/24 maxlen: 24
5.149.104.0/24 maxlen: 24
5.149.105.0/24 maxlen: 24
5.149.99.0/24 maxlen: 24
5.149.100.0/24 maxlen: 24
5.149.101.0/24 maxlen: 24
5.149.102.0/24 maxlen: 24
5.149.103.0/24 maxlen: 24
5.149.111.0/24 maxlen: 24
5.149.109.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:d3:dc:26:7b:15:d1:15:5c:d2:14:d3:4c:8d:43:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Apr 17 10:47:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d34f6755ec88418217e1ba9d57de4146c5f69489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:86:3d:4d:82:d7:32:76:6f:13:9b:13:6a:4e:
f4:d5:18:89:d5:03:57:84:0b:35:ab:8e:50:02:f6:
5d:6e:5b:15:15:64:05:e1:58:c4:7a:fe:55:8f:90:
81:64:4a:a2:e5:b7:d1:c5:d9:f8:de:21:0f:4e:93:
d4:c4:21:a7:2c:e0:cf:9c:52:14:eb:54:39:3e:9d:
8b:1b:5b:37:c3:16:c0:a4:c9:95:62:9f:aa:fb:65:
fb:05:c7:0b:90:f1:02:4d:df:ce:49:80:f6:ea:3f:
5d:35:ed:11:87:96:9f:09:a7:10:ef:c1:71:a7:28:
cc:7a:43:ca:9b:32:57:8f:a7:63:46:4b:f3:bd:47:
ff:8f:e8:df:f0:37:63:b4:1a:87:73:7a:24:19:03:
e3:b1:1f:3b:2a:b9:31:e1:e3:63:bc:9d:ff:70:89:
e0:71:b6:49:da:95:fb:47:e7:c3:1e:fe:6d:02:48:
5c:84:f7:da:c7:d6:fe:ae:93:bc:87:b9:4e:c0:2c:
77:86:fc:90:88:1c:b8:3d:87:4c:29:1b:d3:9c:bb:
5b:e3:36:54:a0:5f:6b:5a:23:89:9e:17:0c:78:a6:
7e:cf:dd:bd:b5:b9:79:a6:24:8c:03:e1:cc:83:fb:
20:85:6e:d2:66:b4:a2:a9:7e:82:35:d1:03:16:29:
b0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:4F:67:55:EC:88:41:82:17:E1:BA:9D:57:DE:41:46:C5:F6:94:89
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/009nVeyIQYIX4bqdV95BRsX2lIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.97.0-5.149.105.255
5.149.109.0/24
5.149.111.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:f3:5f:de:a5:d9:f0:94:8c:40:00:e3:6e:2b:5c:a3:ef:19:
d5:54:43:b2:db:64:91:5b:4a:c7:ab:14:ad:33:08:e2:7d:00:
90:e8:cd:28:ce:01:4f:d9:83:7e:5c:7a:61:31:24:42:c1:a3:
e0:20:53:23:04:b8:7e:82:ac:a1:39:ce:c0:4b:38:7b:c1:24:
21:dc:ae:c7:91:29:8f:6d:fd:17:8d:2f:bd:b1:17:4a:27:7a:
78:ca:19:07:d7:91:77:87:80:23:37:92:70:90:d8:55:b2:01:
78:de:8c:ea:7c:3b:81:5e:ee:43:16:66:59:53:ff:39:46:b4:
10:92:ab:f1:18:fb:4c:c3:f4:f7:aa:bd:ba:bf:cc:71:6c:ed:
20:20:60:fa:e6:8d:6f:0b:f9:40:85:d3:6d:a4:05:54:94:22:
69:ef:6b:f4:58:44:14:a9:44:30:14:65:5e:c6:59:ce:82:cc:
a7:c3:f8:af:c9:16:81:40:4f:06:41:dc:3c:c7:d9:ab:2e:7a:
f9:84:b9:90:3e:97:b7:aa:76:f6:ea:f6:c6:11:55:27:21:35:
fc:8f:ec:a3:ca:5e:64:53:fe:a3:29:7d:a9:5f:2d:2b:eb:fa:
f6:23:0f:fe:6a:56:f8:f8:2c:77:61:d2:18:2c:3d:68:ac:74:
71:c6:c6:ad
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYeO09wmexXRFVzSFNNMjUMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjMwNDE3MTA0NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzRmNjc1NWVjODg0MTgyMTdlMWJhOWQ1N2RlNDE0NmM1ZjY5NDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYY9TYLXMnZvE5sTak701RiJ1QNX
hAs1q45QAvZdblsVFWQF4VjEev5Vj5CBZEqi5bfRxdn43iEPTpPUxCGnLODPnFIU
61Q5Pp2LG1s3wxbApMmVYp+q+2X7BccLkPECTd/OSYD26j9dNe0Rh5afCacQ78Fx
pyjMekPKmzJXj6djRkvzvUf/j+jf8DdjtBqHc3okGQPjsR87Krkx4eNjvJ3/cIng
cbZJ2pX7R+fDHv5tAkhchPfax9b+rpO8h7lOwCx3hvyQiBy4PYdMKRvTnLtb4zZU
oF9rWiOJnhcMeKZ+z929tbl5piSMA+HMg/sghW7SZrSiqX6CNdEDFimwQQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNNPZ1XsiEGCF+G6nVfeQUbF9pSJMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvMDA5blZleUlRWUlYNGJxZFY5NUJSc1gybElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAFlWED
BAEFlWgDBAAFlW0DBAAFlW8wDQYJKoZIhvcNAQELBQADggEBAA/zX96l2fCUjEAA
424rXKPvGdVUQ7LbZJFbSserFK0zCOJ9AJDozSjOAU/Zg35cemExJELBo+AgUyME
uH6CrKE5zsBLOHvBJCHcrseRKY9t/ReNL72xF0onenjKGQfXkXeHgCM3knCQ2FWy
AXjejOp8O4Fe7kMWZllT/zlGtBCSq/EY+0zD9Peqvbq/zHFs7SAgYPrmjW8L+UCF
022kBVSUImnva/RYRBSpRDAUZV7GWc6CzKfD+K/JFoFATwZB3DzH2asuevmEuZA+
l7eqdvbq9sYRVSchNfyP7KPKXmRT/qMpfalfLSvr+vYjD/5qVvj4LHdh0hgsPWis
dHHGxq0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:39 2023 by rpki-client on console-ams.rpki-client.org