Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/OEV5YucQqTBpcCNJS8dP15-i7Jc.roa
File: OEV5YucQqTBpcCNJS8dP15-i7Jc.roa (raw, json)
Hash identifier: NR0eVdWGe6GOplCe/u28dTq1ytiuYAeQULMH1sxk2+M=
Subject key identifier: 38:45:79:62:E7:10:A9:30:69:70:23:49:4B:C7:4F:D7:9F:A2:EC:97
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 018CC79471B0704EFE46A6E21ED9981322CB
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/OEV5YucQqTBpcCNJS8dP15-i7Jc.roa
Signing time: Tue 02 Jan 2024 00:30:43 +0000
ROA not before: Tue 02 Jan 2024 00:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59422
IP address blocks: 5.149.96.0/24 maxlen: 24
5.149.110.0/24 maxlen: 24
5.149.107.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Jan 2024 13:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:71:b0:70:4e:fe:46:a6:e2:1e:d9:98:13:22:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jan 2 00:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38457962e710a930697023494bc74fd79fa2ec97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b4:1b:81:22:34:7d:ae:c1:f6:4a:d4:28:f3:
22:03:d7:ae:ea:8f:32:1e:22:f4:9c:90:ef:55:3e:
2c:c9:b9:19:d5:3b:a0:8f:e3:bb:b6:11:bc:44:e4:
42:42:37:64:e4:bc:79:d8:d5:39:f1:27:6a:d5:52:
bc:9b:cb:40:e0:45:56:e0:a3:dd:86:d9:d6:ff:a1:
ba:33:ec:a7:99:3b:58:c0:64:5e:f5:00:a3:cc:5d:
43:c7:37:a4:d2:a7:1d:17:b4:d8:21:13:b8:b3:b5:
38:d0:22:45:da:77:7b:17:fd:bd:3a:86:e1:54:df:
94:dd:a6:01:4b:68:dc:77:75:7d:23:f8:00:54:2b:
0a:29:3a:d1:05:ec:85:7e:f9:10:23:0b:38:47:11:
e9:12:5f:02:7a:bb:64:8a:f5:5d:09:3c:1e:aa:06:
48:43:05:7c:52:2f:33:4f:a9:23:3c:72:73:38:21:
08:ae:46:00:2c:28:35:b3:aa:05:c7:b9:b8:c3:a0:
9c:07:89:ea:27:07:8c:57:44:dd:aa:7b:96:ec:06:
e5:42:d1:ce:da:7e:14:d7:ae:c8:bc:b3:32:d1:dc:
26:5c:c2:31:86:5b:97:1c:82:e2:b5:ed:dc:4c:a4:
89:b6:3c:fd:45:2a:8d:b2:0e:93:b6:aa:67:0b:da:
8a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:45:79:62:E7:10:A9:30:69:70:23:49:4B:C7:4F:D7:9F:A2:EC:97
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/OEV5YucQqTBpcCNJS8dP15-i7Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.96.0/24
5.149.107.0/24
5.149.110.0/24
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
8c:80:2d:5d:4c:5e:ec:13:a6:56:ff:7b:9b:2c:bc:a8:7d:1b:
09:e7:2d:9d:5f:63:38:4d:53:55:e1:05:e0:15:91:a4:51:24:
75:55:a4:ab:41:e6:70:32:82:08:44:8b:cf:18:20:23:a7:f5:
ed:66:44:47:05:c9:64:c6:0b:ba:4a:4d:c5:65:35:05:f2:27:
68:59:54:b2:49:41:76:3e:81:8c:35:69:5f:b0:9d:6e:b9:6c:
42:19:c5:ac:7f:1a:13:f1:bd:39:e6:44:82:58:d1:0f:95:7c:
cf:16:f4:89:31:e2:f1:b4:b7:bc:dc:c5:88:8a:5b:78:57:87:
ff:0e:1c:c9:17:ab:dc:74:d9:ca:e1:de:e4:f8:c5:e4:cb:95:
c9:de:3c:cd:c3:e9:b8:50:17:4a:67:9a:3c:cd:6a:8b:fc:c9:
83:57:9a:dd:89:d3:11:b2:d1:b0:49:c4:46:a4:fe:76:0d:38:
69:e9:d8:61:d6:18:be:fc:a3:05:79:18:26:bb:1a:38:82:f0:
3e:63:63:e2:a0:32:9c:21:c1:89:75:3c:ee:7d:06:ab:f3:2a:
47:42:69:ca:74:6e:a5:e3:d2:b6:2c:4e:6c:07:f0:12:f6:af:
73:28:71:38:bb:ab:35:1b:3d:94:62:40:b1:f7:34:66:0f:f2:
59:ac:bd:36
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzHlHGwcE7+RqbiHtmYEyLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjQwMTAyMDAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQ1Nzk2MmU3MTBhOTMwNjk3MDIzNDk0YmM3NGZkNzlmYTJlYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLQbgSI0fa7B9krUKPMiA9eu6o8y
HiL0nJDvVT4sybkZ1Tugj+O7thG8RORCQjdk5Lx52NU58Sdq1VK8m8tA4EVW4KPd
htnW/6G6M+ynmTtYwGRe9QCjzF1Dxzek0qcdF7TYIRO4s7U40CJF2nd7F/29Oobh
VN+U3aYBS2jcd3V9I/gAVCsKKTrRBeyFfvkQIws4RxHpEl8CertkivVdCTweqgZI
QwV8Ui8zT6kjPHJzOCEIrkYALCg1s6oFx7m4w6CcB4nqJweMV0TdqnuW7AblQtHO
2n4U167IvLMy0dwmXMIxhluXHILite3cTKSJtjz9RSqNsg6TtqpnC9qKhwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDhFeWLnEKkwaXAjSUvHT9efouyXMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvT0VWNVl1Y1FxVEJwY0NOSlM4ZFAxNS1pN0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQABZVgAwQA
BZVrAwQABZVuMA8EAgACMAkDBwAqEiNAAAAwDQYJKoZIhvcNAQELBQADggEBAIyA
LV1MXuwTplb/e5ssvKh9GwnnLZ1fYzhNU1XhBeAVkaRRJHVVpKtB5nAygghEi88Y
ICOn9e1mREcFyWTGC7pKTcVlNQXyJ2hZVLJJQXY+gYw1aV+wnW65bEIZxax/GhPx
vTnmRIJY0Q+VfM8W9Ikx4vG0t7zcxYiKW3hXh/8OHMkXq9x02crh3uT4xeTLlcne
PM3D6bhQF0pnmjzNaov8yYNXmt2J0xGy0bBJxEak/nYNOGnp2GHWGL78owV5GCa7
GjiC8D5jY+KgMpwhwYl1PO59BqvzKkdCacp0bqXj0rYsTmwH8BL2r3MocTi7qzUb
PZRiQLH3NGYP8lmsvTY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:19 2025 by rpki-client