Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/Rta2tfurmbCxaw0WS2j1MgkJIJ8.roa
File: Rta2tfurmbCxaw0WS2j1MgkJIJ8.roa (raw, json)
Hash identifier: EOdN8JVS9x2ud0SmTiKE3A08rZnHmefMYTXWSsvStH4=
Subject key identifier: 46:D6:B6:B5:FB:AB:99:B0:B1:6B:0D:16:4B:68:F5:32:09:09:20:9F
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 01878F00B707398E594D5F5BEF4B5CC92626
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/Rta2tfurmbCxaw0WS2j1MgkJIJ8.roa
Signing time: Mon 17 Apr 2023 11:36:41 +0000
ROA not before: Mon 17 Apr 2023 11:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59458
IP address blocks: 5.149.97.0/24 maxlen: 24
5.149.98.0/24 maxlen: 24
5.149.96.0/24 maxlen: 24
5.149.104.0/24 maxlen: 24
5.149.105.0/24 maxlen: 24
5.149.99.0/24 maxlen: 24
5.149.100.0/24 maxlen: 24
5.149.101.0/24 maxlen: 24
5.149.102.0/24 maxlen: 24
5.149.103.0/24 maxlen: 24
5.149.111.0/24 maxlen: 24
5.149.109.0/24 maxlen: 24
5.149.110.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8f:00:b7:07:39:8e:59:4d:5f:5b:ef:4b:5c:c9:26:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Apr 17 11:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46d6b6b5fbab99b0b16b0d164b68f5320909209f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:91:25:81:19:c8:74:76:19:e2:c3:fe:07:06:
8c:b9:d5:6d:5a:2f:c8:18:00:e2:f2:fe:da:09:52:
0b:2f:bb:78:ba:ac:2b:38:7b:59:ef:c3:56:4f:06:
d6:29:5c:18:8c:a9:0a:88:80:5e:7c:71:d7:c3:a4:
49:ac:53:b1:e0:ec:3d:ae:bc:6b:e2:68:08:7c:d8:
79:56:b1:7d:5b:2c:9c:27:d2:32:b0:74:76:ff:88:
b9:90:e5:6d:91:c7:21:ac:3f:c2:75:75:61:36:39:
18:0f:10:55:26:f5:00:a2:bd:03:8a:fe:7b:42:a2:
0b:a7:64:e1:16:a1:42:e6:da:a9:bc:20:a3:5e:61:
0a:2f:63:86:61:b7:8f:6a:88:42:bd:f7:f9:55:b5:
8e:e2:7e:6d:dd:b3:60:ff:6b:5e:7f:2a:72:d3:61:
74:4d:63:9c:60:23:98:b8:83:44:4f:ac:29:64:d4:
ed:1f:a3:0f:c5:46:0b:17:39:3b:8a:a4:a7:33:9d:
50:ed:2e:d8:a3:a6:5d:26:e6:f5:bb:4a:be:f6:bb:
93:86:c6:6f:75:93:f7:74:fd:ca:ba:b9:33:3a:00:
0b:c5:29:c9:7c:7b:28:28:34:0b:c1:94:7e:44:2f:
86:e6:1c:b6:08:bc:78:4b:45:42:ea:10:85:e4:0f:
87:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D6:B6:B5:FB:AB:99:B0:B1:6B:0D:16:4B:68:F5:32:09:09:20:9F
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/Rta2tfurmbCxaw0WS2j1MgkJIJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.96.0-5.149.105.255
5.149.109.0-5.149.111.255
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
a0:94:7c:d0:d9:58:08:4b:7a:57:41:29:ed:8e:4b:d9:a4:a6:
e5:ac:6f:49:4d:2d:67:4a:f9:7f:9e:ef:51:a9:d0:c8:95:93:
5a:b8:cd:82:e2:bc:d0:72:70:c3:00:b7:35:42:b0:ba:04:52:
d9:6e:c8:44:0b:29:41:11:e2:cf:27:21:0b:4d:68:0f:b8:a5:
69:16:bc:1b:28:3d:e9:f2:3b:76:a1:c4:7c:71:a4:7b:f2:54:
47:2f:01:71:05:8d:21:cd:77:ad:77:76:93:b6:61:f9:0f:1f:
c1:eb:e5:a7:eb:d1:23:e5:4a:c4:e9:41:bd:96:68:60:38:95:
fd:70:eb:54:20:00:d1:03:e8:8b:06:ca:fc:95:5f:03:e4:b1:
d6:38:6d:ae:8e:4c:dc:5a:69:c2:04:6e:8b:47:0f:f7:32:84:
e3:12:ba:45:90:b2:ef:6d:a8:99:aa:a8:bd:fb:fc:70:f9:e8:
2e:51:ad:dc:6b:25:ab:63:78:72:0d:72:47:7e:b0:68:00:29:
aa:86:64:de:3f:14:1a:da:02:58:02:99:8d:3b:c7:66:aa:7a:
c6:b0:3c:42:0f:bd:ec:a7:98:62:15:08:a3:8d:ff:c8:17:f1:
e8:17:f2:e8:54:60:cb:63:cd:3f:eb:b8:36:30:43:e1:ec:9f:
71:c7:2b:94
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYePALcHOY5ZTV9b70tcySYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjMwNDE3MTEzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmQ2YjZiNWZiYWI5OWIwYjE2YjBkMTY0YjY4ZjUzMjA5MDkyMDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpElgRnIdHYZ4sP+BwaMudVtWi/I
GADi8v7aCVILL7t4uqwrOHtZ78NWTwbWKVwYjKkKiIBefHHXw6RJrFOx4Ow9rrxr
4mgIfNh5VrF9WyycJ9IysHR2/4i5kOVtkcchrD/CdXVhNjkYDxBVJvUAor0Div57
QqILp2ThFqFC5tqpvCCjXmEKL2OGYbePaohCvff5VbWO4n5t3bNg/2tefypy02F0
TWOcYCOYuINET6wpZNTtH6MPxUYLFzk7iqSnM51Q7S7Yo6ZdJub1u0q+9ruThsZv
dZP3dP3KurkzOgALxSnJfHsoKDQLwZR+RC+G5hy2CLx4S0VC6hCF5A+H9QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEbWtrX7q5mwsWsNFkto9TIJCSCfMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvUnRhMnRmdXJtYkN4YXcwV1MyajFNZ2tKSUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAiBAIAATAcMAwDBAUFlWAD
BAEFlWgwDAMEAAWVbQMEBAWVYDAPBAIAAjAJAwcAKhIjQAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQCglHzQ2VgIS3pXQSntjkvZpKblrG9JTS1nSvl/nu9RqdDIlZNauM2C
4rzQcnDDALc1QrC6BFLZbshECylBEeLPJyELTWgPuKVpFrwbKD3p8jt2ocR8caR7
8lRHLwFxBY0hzXetd3aTtmH5Dx/B6+Wn69Ej5UrE6UG9lmhgOJX9cOtUIADRA+iL
Bsr8lV8D5LHWOG2ujkzcWmnCBG6LRw/3MoTjErpFkLLvbaiZqqi9+/xw+eguUa3c
ayWrY3hyDXJHfrBoACmqhmTePxQa2gJYApmNO8dmqnrGsDxCD73sp5hiFQijjf/I
F/HoF/LoVGDLY80/67g2MEPh7J9xxyuU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:00 2024 by rpki-client on console-ams.rpki-client.org