Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/z9ztgR0k7vquHCnxSEbXlyxIY1c.roa
File: z9ztgR0k7vquHCnxSEbXlyxIY1c.roa (raw, json)
Hash identifier: gPlb3ISME1r5JoEKWwEduTAZoiNn/QLxYKuKtdSv1dA=
Subject key identifier: CF:DC:ED:81:1D:24:EE:FA:AE:1C:29:F1:48:46:D7:97:2C:48:63:57
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 018D40D5D53128BB42296206600D285666DB
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/z9ztgR0k7vquHCnxSEbXlyxIY1c.roa
Signing time: Thu 25 Jan 2024 13:36:11 +0000
ROA not before: Thu 25 Jan 2024 13:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59422
IP address blocks: 5.149.96.0/24 maxlen: 24
5.149.107.0/24 maxlen: 24
5.149.110.0/24 maxlen: 24
185.155.157.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 28 Jan 2024 13:57:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:d5:d5:31:28:bb:42:29:62:06:60:0d:28:56:66:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jan 25 13:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfdced811d24eefaae1c29f14846d7972c486357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b1:00:5c:f4:30:74:05:57:d2:51:3d:59:5c:
c1:cb:51:8f:97:0c:95:6f:4f:73:cc:3f:6c:1e:fe:
d1:a7:2f:a6:2e:d7:9c:b9:77:10:3d:f3:3b:0f:34:
94:82:2e:56:98:b0:26:83:a2:38:1a:8f:43:ed:65:
d5:dd:9e:ed:be:1e:b1:4b:82:cc:25:ba:98:d4:ba:
95:96:54:77:e4:c3:58:10:06:9a:27:6c:b5:4e:ee:
fa:9d:52:5a:b1:26:b9:b4:83:5d:8a:04:1b:fe:77:
59:ed:65:04:c3:a2:94:22:4f:11:db:65:60:d7:9c:
4b:ac:c7:81:cb:a3:28:f7:d6:0d:f3:5d:57:dc:23:
ad:e4:3a:d1:f2:49:f3:c4:9e:59:79:99:01:40:50:
69:79:11:3f:fd:e2:ca:20:f2:93:35:bf:4d:70:dc:
92:65:b6:90:7c:55:14:a6:77:7a:4e:fe:f0:80:df:
d7:54:6a:d6:a3:33:3f:2f:46:ec:62:37:b0:d7:ff:
26:e2:9b:76:1e:67:f2:46:67:8c:ca:2d:42:0a:a5:
ed:ad:2e:58:4a:b5:9e:61:47:4a:71:fd:a2:ca:cc:
ef:db:fd:73:93:cc:7b:90:27:c4:04:09:40:1f:3e:
aa:1f:79:12:fa:9a:15:b8:12:93:08:22:70:ec:a4:
ca:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:DC:ED:81:1D:24:EE:FA:AE:1C:29:F1:48:46:D7:97:2C:48:63:57
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/z9ztgR0k7vquHCnxSEbXlyxIY1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.96.0/24
5.149.107.0/24
5.149.110.0/24
185.155.157.0/24
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
9a:55:49:61:db:c3:0d:ef:04:66:42:03:01:ec:1d:3d:40:eb:
1c:f7:99:f5:f7:5b:29:7f:c2:de:ad:98:3c:de:6a:f6:f7:2a:
56:85:0d:0d:84:86:a4:6d:dd:84:f2:e0:e5:aa:70:0c:6e:ab:
8e:65:97:e7:b6:8c:f4:00:5a:0a:7c:77:2e:b1:a4:27:29:6b:
df:18:e6:2a:ed:66:1d:ec:86:b9:86:3b:6d:4d:85:66:c5:67:
4e:32:5e:bd:bc:7a:cc:42:b8:7a:af:0d:5b:c4:1a:11:76:2a:
33:87:67:bb:f0:a8:a3:b9:d2:f8:cf:c6:2e:54:84:1f:ca:94:
9e:1c:63:85:16:54:c6:34:06:31:63:6f:6f:85:3e:51:73:88:
28:65:43:a1:bb:3e:6a:69:e0:9e:5e:45:a5:9f:26:f5:03:dd:
bf:df:b1:bc:a1:e9:23:9a:d9:80:d2:80:8d:41:37:df:56:21:
80:f3:05:9d:96:59:fa:ed:70:fb:42:ab:d7:3a:0b:c0:df:51:
76:b7:3b:52:99:26:7e:21:76:65:1c:04:a7:24:7a:0a:e4:04:
07:59:84:28:d5:20:dd:68:4e:f9:93:b4:4e:cc:12:21:c7:d5:
58:14:53:82:8c:6c:98:3d:7a:91:1e:d5:d8:3c:3c:a6:22:5c:
cb:31:fa:ee
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAY1A1dUxKLtCKWIGYA0oVmbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjQwMTI1MTMzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmRjZWQ4MTFkMjRlZWZhYWUxYzI5ZjE0ODQ2ZDc5NzJjNDg2MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrEAXPQwdAVX0lE9WVzBy1GPlwyV
b09zzD9sHv7Rpy+mLtecuXcQPfM7DzSUgi5WmLAmg6I4Go9D7WXV3Z7tvh6xS4LM
JbqY1LqVllR35MNYEAaaJ2y1Tu76nVJasSa5tINdigQb/ndZ7WUEw6KUIk8R22Vg
15xLrMeBy6Mo99YN811X3COt5DrR8knzxJ5ZeZkBQFBpeRE//eLKIPKTNb9NcNyS
ZbaQfFUUpnd6Tv7wgN/XVGrWozM/L0bsYjew1/8m4pt2HmfyRmeMyi1CCqXtrS5Y
SrWeYUdKcf2iyszv2/1zk8x7kCfEBAlAHz6qH3kS+poVuBKTCCJw7KTKFwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFM/c7YEdJO76rhwp8UhG15csSGNXMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvejl6dGdSMGs3dnF1SENueFNFYlhseXhJWTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQABZVgAwQA
BZVrAwQABZVuAwQAuZudMA8EAgACMAkDBwAqEiNAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAJpVSWHbww3vBGZCAwHsHT1A6xz3mfX3Wyl/wt6tmDzeavb3KlaFDQ2EhqRt
3YTy4OWqcAxuq45ll+e2jPQAWgp8dy6xpCcpa98Y5irtZh3shrmGO21NhWbFZ04y
Xr28esxCuHqvDVvEGhF2KjOHZ7vwqKO50vjPxi5UhB/KlJ4cY4UWVMY0BjFjb2+F
PlFziChlQ6G7Pmpp4J5eRaWfJvUD3b/fsbyh6SOa2YDSgI1BN99WIYDzBZ2WWfrt
cPtCq9c6C8DfUXa3O1KZJn4hdmUcBKckegrkBAdZhCjVIN1oTvmTtE7MEiHH1VgU
U4KMbJg9epEe1dg8PKYiXMsx+u4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:01 2024 by rpki-client on console-ams.rpki-client.org