Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/HjKLGagYaSG6wTJOkyxA5mK6_5w.roa
File: HjKLGagYaSG6wTJOkyxA5mK6_5w.roa (raw, json)
Hash identifier: vZ3danlJngZ2dNTtnsXDTcaHjJ1cxwrGXEGhoLHKChY=
Subject key identifier: 1E:32:8B:19:A8:18:69:21:BA:C1:32:4E:93:2C:40:E6:62:BA:FF:9C
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 018D505C8EB305AF5E95CD431025141E9CA7
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/HjKLGagYaSG6wTJOkyxA5mK6_5w.roa
Signing time: Sun 28 Jan 2024 13:57:39 +0000
ROA not before: Sun 28 Jan 2024 13:57:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59422
IP address blocks: 5.149.96.0/24 maxlen: 24
5.149.107.0/24 maxlen: 24
5.149.110.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Jan 2024 00:50:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:50:5c:8e:b3:05:af:5e:95:cd:43:10:25:14:1e:9c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jan 28 13:57:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e328b19a8186921bac1324e932c40e662baff9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6c:53:c1:a8:d6:e5:75:4c:3e:da:99:dc:a4:
1a:ab:32:e5:9e:c9:3c:f4:18:1c:90:fe:46:51:9b:
57:4b:a1:20:45:31:81:2c:65:a6:39:53:12:94:9a:
e6:cc:57:6d:38:32:c3:af:bf:be:de:6e:09:db:ed:
2b:17:1b:5f:8b:ff:78:29:f2:64:d5:8c:7f:85:00:
6a:66:4f:81:b6:38:dd:bf:c8:cd:64:9a:eb:89:85:
25:a2:0e:a0:b3:58:3e:f7:79:b1:9b:06:56:c3:33:
f0:e0:3a:67:a2:ea:f3:0c:5a:df:c8:a3:f1:9c:fb:
e2:4b:46:7d:2c:1d:04:18:f5:a1:e1:06:43:2b:39:
c5:85:dc:96:6e:82:f0:3f:6d:f4:ef:f3:1c:95:e1:
96:12:18:e0:70:8d:ba:a5:25:c7:6a:87:cf:6d:5f:
3b:52:bf:39:15:6b:bb:90:38:32:b3:0b:67:83:f0:
21:55:09:b3:93:47:7d:89:bc:ff:7b:07:8e:a9:0b:
09:20:dd:3a:dc:68:86:80:6f:ad:f6:68:97:ce:da:
e9:5c:fb:ee:ae:ea:9c:28:80:52:d5:33:03:35:80:
7a:86:5c:b6:07:03:ed:2b:27:82:65:7d:87:49:6a:
46:3c:7c:af:53:42:a1:d5:01:2f:63:65:38:22:9a:
5c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:32:8B:19:A8:18:69:21:BA:C1:32:4E:93:2C:40:E6:62:BA:FF:9C
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/HjKLGagYaSG6wTJOkyxA5mK6_5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.96.0/24
5.149.107.0/24
5.149.110.0/24
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
56:73:5a:55:8f:2a:5d:65:67:13:3a:3f:c7:5a:34:02:4b:39:
fd:13:28:f5:44:28:99:41:e3:cb:55:43:ea:10:da:95:9d:db:
2b:f7:83:be:51:9f:34:d8:58:83:46:77:74:4d:ee:41:ba:94:
0b:58:a7:65:5f:a2:63:64:64:a3:02:4b:2a:2b:46:52:ce:55:
0c:2c:4a:a6:99:0c:7b:bb:6d:5d:90:26:a7:58:61:c0:a3:e6:
da:f8:9d:5e:33:cb:38:c8:4b:c2:24:30:cd:dd:e5:18:59:48:
cb:8e:4c:24:65:0e:09:8f:c4:94:d2:b5:36:b6:6c:41:a5:46:
b6:f5:d4:71:18:5e:18:c0:f9:72:9d:08:51:9f:4b:69:fa:57:
26:c3:fc:d2:e2:23:d8:54:a2:82:68:bd:e7:b3:91:77:65:bd:
ff:3c:14:00:18:78:36:a2:cf:ac:bf:24:2b:e1:e8:f7:f3:4a:
a6:ad:d8:33:60:d4:dd:7b:2c:6e:6d:f5:a3:0c:76:43:5b:69:
33:20:22:80:1c:4f:7c:cc:dc:d8:52:66:1a:d0:b9:8b:81:00:
d9:65:02:a3:af:ed:2a:ab:c0:33:ec:dc:ce:3c:19:b7:97:00:
02:a8:3d:28:10:e4:78:3c:23:2c:ac:c9:4b:58:e0:59:6b:c6:
64:49:dd:04
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY1QXI6zBa9elc1DECUUHpynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjQwMTI4MTM1NzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTMyOGIxOWE4MTg2OTIxYmFjMTMyNGU5MzJjNDBlNjYyYmFmZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWxTwajW5XVMPtqZ3KQaqzLlnsk8
9BgckP5GUZtXS6EgRTGBLGWmOVMSlJrmzFdtODLDr7++3m4J2+0rFxtfi/94KfJk
1Yx/hQBqZk+Btjjdv8jNZJrriYUlog6gs1g+93mxmwZWwzPw4DpnourzDFrfyKPx
nPviS0Z9LB0EGPWh4QZDKznFhdyWboLwP2307/McleGWEhjgcI26pSXHaofPbV87
Ur85FWu7kDgyswtng/AhVQmzk0d9ibz/eweOqQsJIN063GiGgG+t9miXztrpXPvu
ruqcKIBS1TMDNYB6hly2BwPtKyeCZX2HSWpGPHyvU0Kh1QEvY2U4Ippc7QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFB4yixmoGGkhusEyTpMsQOZiuv+cMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvSGpLTEdhZ1lhU0c2d1RKT2t5eEE1bUs2XzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQABZVgAwQA
BZVrAwQABZVuMA8EAgACMAkDBwAqEiNAAAAwDQYJKoZIhvcNAQELBQADggEBAFZz
WlWPKl1lZxM6P8daNAJLOf0TKPVEKJlB48tVQ+oQ2pWd2yv3g75RnzTYWINGd3RN
7kG6lAtYp2VfomNkZKMCSyorRlLOVQwsSqaZDHu7bV2QJqdYYcCj5tr4nV4zyzjI
S8IkMM3d5RhZSMuOTCRlDgmPxJTStTa2bEGlRrb11HEYXhjA+XKdCFGfS2n6VybD
/NLiI9hUooJoveezkXdlvf88FAAYeDaiz6y/JCvh6PfzSqat2DNg1N17LG5t9aMM
dkNbaTMgIoAcT3zM3NhSZhrQuYuBANllAqOv7SqrwDPs3M48GbeXAAKoPSgQ5Hg8
IyysyUtY4FlrxmRJ3QQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:43:21 2025 by rpki-client