Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/nSWQ1jM3_6BN4wAdWCn5cW-Ot2c.roa
File: nSWQ1jM3_6BN4wAdWCn5cW-Ot2c.roa (raw, json)
Hash identifier: 9GeJp7dqWRUUJHwBIoE03x99rH4mMZYsgfi4wKn5S/k=
Subject key identifier: 9D:25:90:D6:33:37:FF:A0:4D:E3:00:1D:58:29:F9:71:6F:8E:B7:67
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 018CC7947077B4BD932FDB799B3B128E823C
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/nSWQ1jM3_6BN4wAdWCn5cW-Ot2c.roa
Signing time: Tue 02 Jan 2024 00:30:43 +0000
ROA not before: Tue 02 Jan 2024 00:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48980
IP address blocks: 5.149.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Mar 2024 15:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:70:77:b4:bd:93:2f:db:79:9b:3b:12:8e:82:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jan 2 00:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d2590d63337ffa04de3001d5829f9716f8eb767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:95:54:e2:9d:86:9f:78:cf:a1:00:66:9b:ba:
47:e7:a7:11:7b:e7:56:b0:1b:1f:a7:cc:f5:95:4e:
6e:5f:d3:95:55:df:89:61:fd:fe:ec:a5:1e:2d:30:
a1:05:25:a7:33:c9:e2:de:d8:5c:2f:ed:8b:31:01:
37:0a:a3:8f:17:6d:0c:d9:c9:e8:bd:d6:f1:cd:ca:
33:c3:ce:50:ca:85:92:6e:b6:6d:9c:f3:5a:f4:85:
a4:e9:c6:6f:4e:f1:c7:d6:d4:e5:4a:bb:61:2f:43:
f2:1c:20:99:24:a1:2e:c0:f0:29:9a:15:42:cb:97:
62:cd:18:ed:8d:a2:5f:35:6c:d5:98:fd:f4:1a:9f:
63:d3:3b:40:2c:d7:d0:8b:99:61:b3:eb:f3:b0:c2:
bf:99:6d:d6:44:da:98:7e:fd:86:57:f9:d8:80:af:
93:74:0b:95:e8:e1:06:1d:1c:3f:28:83:58:47:e5:
52:ad:36:a4:fb:6b:7b:dd:50:e3:57:b8:4b:56:62:
71:da:3d:90:da:cb:92:19:2d:10:ff:8f:4b:95:ee:
f6:27:47:48:61:f6:43:d8:71:91:f3:21:b3:0c:ce:
a9:21:ea:09:e0:13:54:33:e7:5d:f8:3b:0d:b4:ec:
4f:04:7c:fe:10:de:f1:49:79:96:d7:ae:82:d5:10:
9a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:25:90:D6:33:37:FF:A0:4D:E3:00:1D:58:29:F9:71:6F:8E:B7:67
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/nSWQ1jM3_6BN4wAdWCn5cW-Ot2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.108.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:03:a6:14:5c:4b:86:45:49:c1:dd:b5:23:58:9f:5c:f3:fe:
ec:cb:c0:41:cf:50:4e:b3:69:55:00:da:8f:d6:3c:38:03:5f:
05:48:20:f5:0c:a0:34:f0:ff:b4:2d:ba:c5:98:ab:d2:62:c7:
91:2a:39:7f:59:04:0e:c4:96:3a:18:87:35:ad:25:87:f2:4f:
aa:af:95:8e:5f:d6:8e:15:6b:99:1f:97:25:ff:98:f6:e2:21:
35:24:e5:db:04:de:f3:43:ec:56:7c:ff:f6:64:82:98:43:d4:
c9:ee:20:ea:91:81:73:e1:a8:39:c9:24:e1:1f:5a:b9:0e:15:
9a:c6:8a:c8:75:33:60:10:db:c8:da:c4:44:98:5f:75:bd:72:
1a:85:6e:71:5e:b4:e8:1c:1d:33:b8:f2:46:3a:b7:06:eb:1c:
7a:e3:1d:c8:51:c0:8e:a7:c4:e5:86:a1:e7:5d:2a:4d:e9:ae:
0f:df:3b:ff:ce:ee:3e:d6:38:bf:64:48:3a:fe:65:fa:d4:d0:
d6:5d:f4:98:ee:50:4b:a6:8a:97:5c:0b:58:22:64:02:9c:fa:
f4:29:a3:f2:87:e8:b5:99:29:29:1d:68:f4:f2:ea:31:9f:d7:
d4:d1:48:ef:39:23:e6:7a:b8:b1:bc:5f:b7:5a:48:3b:86:6e:
b3:02:aa:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlHB3tL2TL9t5mzsSjoI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjQwMTAyMDAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI1OTBkNjMzMzdmZmEwNGRlMzAwMWQ1ODI5Zjk3MTZmOGViNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJVU4p2Gn3jPoQBmm7pH56cRe+dW
sBsfp8z1lU5uX9OVVd+JYf3+7KUeLTChBSWnM8ni3thcL+2LMQE3CqOPF20M2cno
vdbxzcozw85QyoWSbrZtnPNa9IWk6cZvTvHH1tTlSrthL0PyHCCZJKEuwPApmhVC
y5dizRjtjaJfNWzVmP30Gp9j0ztALNfQi5lhs+vzsMK/mW3WRNqYfv2GV/nYgK+T
dAuV6OEGHRw/KINYR+VSrTak+2t73VDjV7hLVmJx2j2Q2suSGS0Q/49Lle72J0dI
YfZD2HGR8yGzDM6pIeoJ4BNUM+dd+DsNtOxPBHz+EN7xSXmW166C1RCatQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0lkNYzN/+gTeMAHVgp+XFvjrdnMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvblNXUTFqTTNfNkJONHdBZFdDbjVjVy1PdDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZVsMA0G
CSqGSIb3DQEBCwUAA4IBAQB7A6YUXEuGRUnB3bUjWJ9c8/7sy8BBz1BOs2lVANqP
1jw4A18FSCD1DKA08P+0LbrFmKvSYseRKjl/WQQOxJY6GIc1rSWH8k+qr5WOX9aO
FWuZH5cl/5j24iE1JOXbBN7zQ+xWfP/2ZIKYQ9TJ7iDqkYFz4ag5ySThH1q5DhWa
xorIdTNgENvI2sREmF91vXIahW5xXrToHB0zuPJGOrcG6xx64x3IUcCOp8TlhqHn
XSpN6a4P3zv/zu4+1ji/ZEg6/mX61NDWXfSY7lBLpoqXXAtYImQCnPr0KaPyh+i1
mSkpHWj08uoxn9fU0UjvOSPmerixvF+3Wkg7hm6zAqp1
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:27:10 2025 by rpki-client