Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/eYkVd3tfyaQu9Zq8_W6hTIuQC6M.roa
File: eYkVd3tfyaQu9Zq8_W6hTIuQC6M.roa (raw, json)
Hash identifier: //lfZ4WooA+KBNPUmJMFKGkeSr2bcHkWwdqHcF1QdKQ=
Subject key identifier: 79:89:15:77:7B:5F:C9:A4:2E:F5:9A:BC:FD:6E:A1:4C:8B:90:0B:A3
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 0193FC347EDF31E8B0B69A7D0DBB23E3A34C
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/eYkVd3tfyaQu9Zq8_W6hTIuQC6M.roa
Signing time: Wed 25 Dec 2024 05:05:18 +0000
ROA not before: Wed 25 Dec 2024 05:05:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59422
IP address blocks: 5.149.96.0/24 maxlen: 24
5.149.106.0/24 maxlen: 24
5.149.107.0/24 maxlen: 24
5.149.108.0/24 maxlen: 24
5.149.110.0/24 maxlen: 24
5.149.111.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fc:34:7e:df:31:e8:b0:b6:9a:7d:0d:bb:23:e3:a3:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Dec 25 05:05:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=798915777b5fc9a42ef59abcfd6ea14c8b900ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:35:31:8f:7c:2e:8b:16:8a:fc:1d:3a:64:db:
13:80:b4:31:48:9d:c6:c1:d0:a3:ff:2a:56:96:d3:
04:37:fc:c7:a2:a2:2b:13:e0:94:65:4c:18:9c:46:
6b:1e:d5:40:be:12:08:00:75:55:75:5d:bb:30:ac:
ac:20:e5:9d:79:fe:ec:50:f5:f7:7c:c6:15:fb:4b:
e8:31:b9:8b:42:45:c8:84:4b:d6:a3:e8:ad:17:de:
33:da:e0:cc:7d:6d:9a:2c:04:69:bc:2f:c3:dc:54:
16:90:e2:dc:d3:fa:c3:9c:30:a8:39:5d:d4:e9:0a:
1f:ec:27:7e:7a:0f:bd:47:9c:3a:40:69:0d:57:28:
4c:83:ba:8f:e2:51:b5:aa:d5:3d:bf:ff:12:f4:5c:
8c:c2:f3:63:ac:2e:6b:85:b3:64:a3:41:5d:7f:c5:
01:35:09:b3:b7:cb:a3:42:2f:2d:64:10:cd:2a:b7:
41:07:0a:cb:ad:4f:56:31:ea:0f:bb:46:ef:b8:b3:
8f:44:31:24:69:14:88:6e:52:f5:2f:4e:6e:74:aa:
20:8d:30:8d:6f:a7:43:d0:ac:cc:59:86:ed:73:b9:
f6:80:c1:7c:50:86:95:df:97:86:05:a2:c5:f0:5f:
3d:59:2a:7f:75:53:b7:fd:02:94:95:e7:94:69:a8:
d1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:89:15:77:7B:5F:C9:A4:2E:F5:9A:BC:FD:6E:A1:4C:8B:90:0B:A3
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/eYkVd3tfyaQu9Zq8_W6hTIuQC6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.96.0/24
5.149.106.0-5.149.108.255
5.149.110.0/23
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
00:b9:0c:e5:f0:f3:48:17:6d:c8:dc:ba:54:6e:15:f0:9a:e0:
db:df:ba:1a:8c:3f:f1:24:d5:b2:00:ea:31:cd:de:4d:0e:9d:
52:09:e4:f6:5e:24:5d:22:36:1f:2e:ba:d7:5b:70:b2:7c:ba:
45:a7:91:f1:46:e6:e9:e0:07:60:3f:00:72:0d:17:7a:97:3a:
2b:f8:83:7d:b8:3d:c7:d8:35:b6:c6:c0:74:c4:c4:4b:0a:fa:
75:7b:d2:b9:ec:c9:bf:dd:f5:19:2e:70:12:5d:78:b4:bc:e4:
ba:13:2c:87:a5:5f:30:a3:10:c6:ac:47:1a:3f:e6:62:ff:5c:
fe:a3:10:ad:5e:a7:d7:9e:32:b8:c0:6f:00:f0:0d:49:4e:78:
b7:a8:7c:39:79:09:71:8f:67:af:ec:58:7b:05:37:12:8c:8b:
34:9f:bf:f0:e5:d8:88:e9:7e:bd:37:5d:68:45:f2:da:85:6a:
ad:c1:4f:cd:6e:79:d8:17:f9:9e:4b:c0:90:4b:23:2d:59:4b:
f3:12:71:b1:a0:fd:17:e5:c0:4a:7b:07:19:fd:94:92:65:be:
79:6b:4e:e9:5a:ea:a4:14:97:50:d2:56:bd:a0:e2:5b:82:05:
d4:9f:ca:3d:e9:e8:6c:a2:d4:5b:ee:8d:7f:b0:d3:49:97:bd:
58:dd:ef:17
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZP8NH7fMeiwtpp9Dbsj46NMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjQxMjI1MDUwNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTg5MTU3NzdiNWZjOWE0MmVmNTlhYmNmZDZlYTE0YzhiOTAwYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzUxj3wuixaK/B06ZNsTgLQxSJ3G
wdCj/ypWltMEN/zHoqIrE+CUZUwYnEZrHtVAvhIIAHVVdV27MKysIOWdef7sUPX3
fMYV+0voMbmLQkXIhEvWo+itF94z2uDMfW2aLARpvC/D3FQWkOLc0/rDnDCoOV3U
6Qof7Cd+eg+9R5w6QGkNVyhMg7qP4lG1qtU9v/8S9FyMwvNjrC5rhbNko0Fdf8UB
NQmzt8ujQi8tZBDNKrdBBwrLrU9WMeoPu0bvuLOPRDEkaRSIblL1L05udKogjTCN
b6dD0KzMWYbtc7n2gMF8UIaV35eGBaLF8F89WSp/dVO3/QKUleeUaajRuwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHmJFXd7X8mkLvWavP1uoUyLkAujMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvZVlrVmQzdGZ5YVF1OVpxOF9XNmhUSXVRQzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQABZVgMAwD
BAEFlWoDBAAFlWwDBAEFlW4wDwQCAAIwCQMHACoSI0AAADANBgkqhkiG9w0BAQsF
AAOCAQEAALkM5fDzSBdtyNy6VG4V8Jrg29+6Gow/8STVsgDqMc3eTQ6dUgnk9l4k
XSI2Hy6611twsny6RaeR8Ubm6eAHYD8Acg0Xepc6K/iDfbg9x9g1tsbAdMTESwr6
dXvSuezJv931GS5wEl14tLzkuhMsh6VfMKMQxqxHGj/mYv9c/qMQrV6n154yuMBv
APANSU54t6h8OXkJcY9nr+xYewU3EoyLNJ+/8OXYiOl+vTddaEXy2oVqrcFPzW55
2Bf5nkvAkEsjLVlL8xJxsaD9F+XASnsHGf2UkmW+eWtO6VrqpBSXUNJWvaDiW4IF
1J/KPenobKLUW+6Nf7DTSZe9WN3vFw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:38:50 2025 by rpki-client