Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/qCQnsjJR5k8zWvXvKOE3IdHRPNo.roa
File: qCQnsjJR5k8zWvXvKOE3IdHRPNo.roa (raw, json)
Hash identifier: afKUOPsugR3c+2DYTHnxOM9hgZgGnw1I6lS7NFtkqUM=
Subject key identifier: A8:24:27:B2:32:51:E6:4F:33:5A:F5:EF:28:E1:37:21:D1:D1:3C:DA
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 0193AE464AC844973E10ADEC68CAA882850A
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/qCQnsjJR5k8zWvXvKOE3IdHRPNo.roa
Signing time: Tue 10 Dec 2024 01:54:22 +0000
ROA not before: Tue 10 Dec 2024 01:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59422
IP address blocks: 5.149.96.0/24 maxlen: 24
5.149.107.0/24 maxlen: 24
5.149.108.0/24 maxlen: 24
5.149.110.0/24 maxlen: 24
5.149.111.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Dec 2024 05:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ae:46:4a:c8:44:97:3e:10:ad:ec:68:ca:a8:82:85:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Dec 10 01:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a82427b23251e64f335af5ef28e13721d1d13cda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:19:56:1d:45:c9:f6:dc:54:96:16:a3:f9:89:
08:3a:62:76:e6:09:6b:6b:49:46:b2:97:62:a6:73:
3c:50:2c:75:60:ea:52:6e:e7:13:0a:09:cf:a8:41:
07:f7:09:71:17:07:cc:34:2e:cd:1e:ba:b0:a5:c9:
b3:8b:2d:e9:47:27:4c:08:bc:30:3a:b3:11:8f:93:
af:23:a8:2a:16:20:10:1f:be:6e:a1:69:26:ae:39:
35:90:eb:63:3e:35:1e:78:80:b3:d4:cd:81:f9:62:
40:d0:f8:73:c7:79:7d:19:23:b3:ef:e0:f8:1f:6f:
24:d0:24:1d:b9:c3:0f:bd:9f:d2:08:f1:c7:ea:45:
48:4a:8f:d2:eb:9a:6a:9b:c8:e8:20:91:4c:65:57:
72:e0:ee:31:13:41:27:33:4e:ce:7b:c5:56:eb:80:
43:1f:ab:85:14:7b:f6:de:4c:1d:5d:66:1a:2c:0f:
7f:6f:7b:cb:b3:53:66:dc:ad:70:34:40:86:4b:67:
a2:58:82:db:2e:c9:04:16:2a:7b:13:7b:9b:20:fc:
8a:a3:99:de:69:df:19:5f:7d:e6:17:76:0a:70:a5:
d5:d3:c1:4e:45:c2:d6:44:da:4d:7a:d6:1a:97:a5:
b2:2c:a1:14:eb:cc:09:ff:28:8a:e4:bb:15:9e:0a:
14:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:24:27:B2:32:51:E6:4F:33:5A:F5:EF:28:E1:37:21:D1:D1:3C:DA
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/qCQnsjJR5k8zWvXvKOE3IdHRPNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.96.0/24
5.149.107.0-5.149.108.255
5.149.110.0/23
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
1a:e1:16:eb:bd:29:72:67:37:9f:ed:39:4a:54:8e:3b:0b:90:
78:57:f1:01:39:7c:79:5a:d3:12:32:12:82:b6:fc:5a:1d:31:
13:be:13:fe:14:92:b8:ef:9c:48:21:82:fe:71:52:fc:fb:c0:
3c:79:ab:5f:ef:5c:58:70:59:e7:38:ab:1b:74:b0:b7:ed:7b:
0e:d5:c0:c6:0c:fb:b5:52:7f:eb:bc:e9:94:d0:e4:42:3e:b1:
61:fd:d0:26:5e:df:63:0d:2b:06:25:47:39:fc:47:20:58:59:
28:a1:a9:af:1a:e4:61:ab:6e:e1:d1:37:7e:47:f8:8b:2a:17:
61:8a:4a:09:4a:32:e4:0d:6f:7d:9a:ef:2a:6d:e6:e4:2c:c5:
85:d1:74:54:55:ea:d7:4c:d8:a3:0d:2f:c0:1a:6c:cc:b3:03:
32:bd:d3:2e:26:21:ef:d1:9b:9b:3a:c2:40:03:81:77:7d:ba:
2f:de:5c:d7:4a:42:39:14:bd:6a:9a:80:be:04:e4:1f:97:03:
07:02:09:40:71:91:a9:a9:0d:01:46:70:91:ea:24:89:1c:cf:
23:91:72:41:9e:e9:50:d7:5b:91:b8:5b:1c:a2:f1:55:c4:ec:
f4:ba:f9:32:5c:7e:22:0e:6e:4e:9f:02:25:9d:50:47:dd:0a:
a5:7f:c6:a8
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZOuRkrIRJc+EK3saMqogoUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjQxMjEwMDE1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODI0MjdiMjMyNTFlNjRmMzM1YWY1ZWYyOGUxMzcyMWQxZDEzY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBlWHUXJ9txUlhaj+YkIOmJ25glr
a0lGspdipnM8UCx1YOpSbucTCgnPqEEH9wlxFwfMNC7NHrqwpcmziy3pRydMCLww
OrMRj5OvI6gqFiAQH75uoWkmrjk1kOtjPjUeeICz1M2B+WJA0Phzx3l9GSOz7+D4
H28k0CQducMPvZ/SCPHH6kVISo/S65pqm8joIJFMZVdy4O4xE0EnM07Oe8VW64BD
H6uFFHv23kwdXWYaLA9/b3vLs1Nm3K1wNECGS2eiWILbLskEFip7E3ubIPyKo5ne
ad8ZX33mF3YKcKXV08FORcLWRNpNetYal6WyLKEU68wJ/yiK5LsVngoU1QIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFKgkJ7IyUeZPM1r17yjhNyHR0TzaMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvcUNRbnNqSlI1azh6V3ZYdktPRTNJZEhSUE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQABZVgMAwD
BAAFlWsDBAAFlWwDBAEFlW4wDwQCAAIwCQMHACoSI0AAADANBgkqhkiG9w0BAQsF
AAOCAQEAGuEW670pcmc3n+05SlSOOwuQeFfxATl8eVrTEjISgrb8Wh0xE74T/hSS
uO+cSCGC/nFS/PvAPHmrX+9cWHBZ5zirG3Swt+17DtXAxgz7tVJ/67zplNDkQj6x
Yf3QJl7fYw0rBiVHOfxHIFhZKKGprxrkYatu4dE3fkf4iyoXYYpKCUoy5A1vfZrv
Km3m5CzFhdF0VFXq10zYow0vwBpszLMDMr3TLiYh79GbmzrCQAOBd326L95c10pC
ORS9apqAvgTkH5cDBwIJQHGRqakNAUZwkeokiRzPI5FyQZ7pUNdbkbhbHKLxVcTs
9Lr5Mlx+Ig5uTp8CJZ1QR90KpX/GqA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:35:31 2025 by rpki-client