Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/Xi6ArruUvCt7jem5_8uAvMGF50k.roa
File: Xi6ArruUvCt7jem5_8uAvMGF50k.roa (raw, json)
Hash identifier: mvLkhYCY4Hoz/dLKjjcgZxQGhTivdfEnRZ/SVhCOXcw=
Subject key identifier: 5E:2E:80:AE:BB:94:BC:2B:7B:8D:E9:B9:FF:CB:80:BC:C1:85:E7:49
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 01857445AE67DF4F5FCE10D8F0749EBC0A66
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/Xi6ArruUvCt7jem5_8uAvMGF50k.roa
Signing time: Mon 02 Jan 2023 20:56:41 +0000
ROA not before: Mon 02 Jan 2023 20:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59458
IP address blocks: 5.149.97.0/24 maxlen: 24
5.149.98.0/24 maxlen: 24
5.149.96.0/24 maxlen: 24
5.149.104.0/24 maxlen: 24
5.149.105.0/24 maxlen: 24
5.149.99.0/24 maxlen: 24
5.149.100.0/24 maxlen: 24
5.149.101.0/24 maxlen: 24
5.149.102.0/24 maxlen: 24
5.149.103.0/24 maxlen: 24
5.149.111.0/24 maxlen: 24
5.149.109.0/24 maxlen: 24
5.149.110.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Apr 2023 10:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:74:45:ae:67:df:4f:5f:ce:10:d8:f0:74:9e:bc:0a:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jan 2 20:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e2e80aebb94bc2b7b8de9b9ffcb80bcc185e749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9e:72:42:38:5f:dc:49:d7:fc:ab:ec:af:ae:
ae:c8:69:82:69:95:b7:31:a8:11:8f:61:2f:ce:7a:
2a:b1:06:2e:06:ee:ae:11:ab:b3:51:e0:e4:23:e8:
26:fb:37:44:6a:54:03:80:b3:57:e2:65:01:b4:67:
c0:df:d9:c1:c0:97:18:ec:85:cd:13:e1:0b:2c:28:
d8:c6:1e:6a:30:40:3d:e3:e6:a7:6a:91:a5:06:73:
db:c5:b6:93:3e:3b:b6:fd:1b:dd:fa:6e:14:69:2f:
be:e9:fe:43:4c:62:66:4f:34:3a:19:db:4f:6a:e1:
b4:44:02:82:41:0b:f9:7b:39:fd:df:98:6a:b3:18:
e9:02:9d:5b:60:b7:56:97:50:5d:12:34:60:a2:94:
10:4d:e0:9e:c2:02:bf:86:b8:d3:b1:b8:d8:e0:93:
1a:db:08:7f:79:5e:f0:9c:23:34:b1:2a:8e:79:b0:
2f:23:22:d3:e7:aa:38:91:61:e1:08:bd:30:95:8b:
5f:7b:ba:5d:fb:d2:ff:16:23:c3:0f:f5:b5:f1:08:
69:d5:b4:bc:14:87:80:da:ec:04:b3:20:d4:04:a2:
7f:ed:12:38:75:fb:98:55:ec:01:ad:72:36:b4:d5:
9c:b1:46:2c:37:4b:52:68:a8:55:42:89:2b:96:54:
57:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:2E:80:AE:BB:94:BC:2B:7B:8D:E9:B9:FF:CB:80:BC:C1:85:E7:49
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/Xi6ArruUvCt7jem5_8uAvMGF50k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.96.0-5.149.105.255
5.149.109.0-5.149.111.255
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
8a:f3:99:74:0c:05:d4:ad:b9:a2:30:c3:2b:dc:04:3a:31:08:
ce:8b:f2:08:96:cf:60:e4:36:a1:e5:47:62:dd:89:22:fd:56:
a8:56:a1:99:25:b6:00:f4:0d:c6:df:36:33:b6:9f:84:b8:03:
75:8d:18:32:bb:0d:b5:15:f0:5f:d4:6b:10:fb:d2:e8:4d:60:
1b:1f:11:76:f3:fb:0b:64:d1:0f:f1:16:1b:83:42:1c:d3:39:
3f:09:24:9b:05:be:a3:f5:6b:20:82:c7:50:a7:2a:4a:39:a8:
d6:03:0b:ca:60:fb:32:6e:2a:6d:24:75:fe:74:7e:50:0b:a0:
f9:f0:c4:39:be:e6:ab:47:9d:23:73:93:7e:28:9c:85:0f:9f:
cb:2a:cf:30:ab:52:3b:10:5b:9e:cf:cf:41:af:7d:f3:e4:3f:
ab:c3:e0:43:44:8a:cb:02:cc:c6:12:07:d5:31:b0:7f:66:f6:
6e:c1:56:f7:41:51:dd:97:13:36:d7:21:14:96:4d:57:17:ab:
9d:70:7b:b1:ef:29:9b:d3:7a:b8:8a:2e:c4:33:ca:89:59:48:
7c:11:5b:81:93:a9:94:c6:62:a4:4b:43:e9:24:a5:d2:7b:f3:
3f:7a:85:49:d1:4b:0d:ed:44:b8:91:84:fd:5d:62:02:b7:16:
ef:50:b3:f7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYV0Ra5n309fzhDY8HSevApmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjMwMTAyMjA1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTJlODBhZWJiOTRiYzJiN2I4ZGU5YjlmZmNiODBiY2MxODVlNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn55yQjhf3EnX/Kvsr66uyGmCaZW3
MagRj2EvznoqsQYuBu6uEauzUeDkI+gm+zdEalQDgLNX4mUBtGfA39nBwJcY7IXN
E+ELLCjYxh5qMEA94+anapGlBnPbxbaTPju2/Rvd+m4UaS++6f5DTGJmTzQ6GdtP
auG0RAKCQQv5ezn935hqsxjpAp1bYLdWl1BdEjRgopQQTeCewgK/hrjTsbjY4JMa
2wh/eV7wnCM0sSqOebAvIyLT56o4kWHhCL0wlYtfe7pd+9L/FiPDD/W18Qhp1bS8
FIeA2uwEsyDUBKJ/7RI4dfuYVewBrXI2tNWcsUYsN0tSaKhVQokrllRXtwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFF4ugK67lLwre43puf/LgLzBhedJMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvWGk2QXJydVV2Q3Q3amVtNV84dUF2TUdGNTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAiBAIAATAcMAwDBAUFlWAD
BAEFlWgwDAMEAAWVbQMEBAWVYDAPBAIAAjAJAwcAKhIjQAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQCK85l0DAXUrbmiMMMr3AQ6MQjOi/IIls9g5Dah5Udi3Yki/VaoVqGZ
JbYA9A3G3zYztp+EuAN1jRgyuw21FfBf1GsQ+9LoTWAbHxF28/sLZNEP8RYbg0Ic
0zk/CSSbBb6j9WsggsdQpypKOajWAwvKYPsybiptJHX+dH5QC6D58MQ5vuarR50j
c5N+KJyFD5/LKs8wq1I7EFuez89Br33z5D+rw+BDRIrLAszGEgfVMbB/ZvZuwVb3
QVHdlxM21yEUlk1XF6udcHux7ymb03q4ii7EM8qJWUh8EVuBk6mUxmKkS0PpJKXS
e/M/eoVJ0UsN7US4kYT9XWICtxbvULP3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:00 2024 by rpki-client on console-ams.rpki-client.org