Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/eGyb94vStH5d6CaD-reyFJGV4qI.roa
File: eGyb94vStH5d6CaD-reyFJGV4qI.roa (raw, json)
Hash identifier: P0A/Vm7wnGyBfwMQlfuq9QQOmMDdqTUYp4DCGJ0aBNw=
Subject key identifier: 78:6C:9B:F7:8B:D2:B4:7E:5D:E8:26:83:FA:B7:B2:14:91:95:E2:A2
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01859C4EF92B6621E662E62E50EB8F65987B
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/eGyb94vStH5d6CaD-reyFJGV4qI.roa
Signing time: Tue 10 Jan 2023 15:31:39 +0000
ROA not before: Tue 10 Jan 2023 15:31:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5089
IP address blocks: 109.206.248.0/22 maxlen: 23
109.206.250.0/23 maxlen: 23
2a0c:9e06::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 31 Mar 2023 12:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:4e:f9:2b:66:21:e6:62:e6:2e:50:eb:8f:65:98:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 10 15:31:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=786c9bf78bd2b47e5de82683fab7b2149195e2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ab:7b:ad:98:f0:a9:07:7e:5c:45:88:f2:0e:
4b:36:fd:8e:d5:c9:88:74:c0:84:dd:49:3c:23:98:
a9:92:96:4a:61:81:a7:a2:a9:49:f3:55:69:05:00:
a7:e0:bb:c6:5f:fb:59:78:25:cb:e2:09:2c:4a:dc:
b7:7c:1b:64:71:15:98:06:4d:1d:9e:20:71:4c:bb:
b3:29:62:59:a9:1c:e1:ba:f9:a1:57:ff:67:f5:2b:
8f:ec:35:b0:22:57:93:e9:95:8f:82:b3:93:b3:86:
68:58:32:92:f7:5c:f7:77:67:a1:eb:7f:df:4e:c5:
82:6c:e3:3c:ab:bb:f1:6a:64:ab:3f:43:9c:ef:95:
e6:1a:60:3f:82:52:9d:6c:55:cc:06:95:7b:e6:38:
d6:70:48:90:dc:75:ef:c3:50:ca:77:e7:59:f0:47:
34:4c:91:44:92:c1:b1:4e:e0:2b:ef:5a:39:19:b3:
cb:8b:5d:2c:ba:33:09:2a:38:53:83:e7:c6:d8:33:
b5:ea:31:24:4b:a2:fc:b6:8f:08:49:ea:c1:2e:48:
6a:9f:95:a5:88:a2:2c:b5:3d:93:e7:8b:9f:3a:8b:
f1:09:74:bc:12:0a:c4:f6:74:e8:dd:86:1a:a1:0d:
6b:95:e0:12:4b:0e:bd:39:63:6b:e4:a5:0c:b0:83:
14:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:6C:9B:F7:8B:D2:B4:7E:5D:E8:26:83:FA:B7:B2:14:91:95:E2:A2
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/eGyb94vStH5d6CaD-reyFJGV4qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.248.0/22
IPv6:
2a0c:9e06::/32
Signature Algorithm: sha256WithRSAEncryption
51:7c:31:d9:31:2d:f5:66:c4:e7:8e:ed:85:7d:ca:56:86:bc:
d3:5a:57:4b:b8:cc:2d:01:00:9f:0e:bb:a2:d0:ec:4e:db:12:
25:ff:ac:a3:d6:65:f8:8c:a0:85:95:a7:b3:dd:63:7f:ea:24:
83:cf:6d:b5:87:9c:00:a3:e8:f4:df:21:61:8e:65:88:74:fe:
32:48:ab:cb:fe:c6:53:f9:c6:26:8c:35:5e:88:0f:a6:72:50:
9b:8a:82:dd:17:fb:f6:c1:a8:9e:2d:74:e5:95:4f:c8:0d:f7:
d9:f7:13:74:a7:40:19:e0:1f:b7:fc:89:10:6f:3f:f1:fc:de:
69:58:6e:4b:b1:c0:de:17:4b:ea:86:4f:c7:49:ad:de:f5:07:
25:87:40:3b:2d:08:ee:cb:2c:92:ba:04:97:a5:9c:08:3a:8e:
d8:21:a8:32:5b:b5:20:1d:f8:10:3f:cf:e8:88:f4:56:4e:19:
5e:0b:13:66:3d:a1:08:6f:35:df:4d:86:4b:0b:f0:d4:5f:54:
88:d7:44:73:91:1b:3c:e9:cc:00:e8:fd:26:51:a2:38:77:e8:
f8:75:13:f9:0a:89:13:c4:96:f7:0a:a3:c4:ad:42:7b:83:4a:
0f:1c:06:0e:09:17:eb:ab:1a:72:1a:2a:5d:dc:16:f0:ea:dd:
5d:76:33:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYWcTvkrZiHmYuYuUOuPZZh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTEwMTUzMTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODZjOWJmNzhiZDJiNDdlNWRlODI2ODNmYWI3YjIxNDkxOTVlMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkat7rZjwqQd+XEWI8g5LNv2O1cmI
dMCE3Uk8I5ipkpZKYYGnoqlJ81VpBQCn4LvGX/tZeCXL4gksSty3fBtkcRWYBk0d
niBxTLuzKWJZqRzhuvmhV/9n9SuP7DWwIleT6ZWPgrOTs4ZoWDKS91z3d2eh63/f
TsWCbOM8q7vxamSrP0Oc75XmGmA/glKdbFXMBpV75jjWcEiQ3HXvw1DKd+dZ8Ec0
TJFEksGxTuAr71o5GbPLi10sujMJKjhTg+fG2DO16jEkS6L8to8ISerBLkhqn5Wl
iKIstT2T54ufOovxCXS8EgrE9nTo3YYaoQ1rleASSw69OWNr5KUMsIMU2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHhsm/eL0rR+Xegmg/q3shSRleKiMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvZUd5Yjk0dlN0SDVkNkNhRC1yZXlGSkdWNHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCbc74MA0E
AgACMAcDBQAqDJ4GMA0GCSqGSIb3DQEBCwUAA4IBAQBRfDHZMS31ZsTnju2FfcpW
hrzTWldLuMwtAQCfDrui0OxO2xIl/6yj1mX4jKCFlaez3WN/6iSDz221h5wAo+j0
3yFhjmWIdP4ySKvL/sZT+cYmjDVeiA+mclCbioLdF/v2waieLXTllU/IDffZ9xN0
p0AZ4B+3/IkQbz/x/N5pWG5LscDeF0vqhk/HSa3e9Qclh0A7LQjuyyySugSXpZwI
Oo7YIagyW7UgHfgQP8/oiPRWThleCxNmPaEIbzXfTYZLC/DUX1SI10RzkRs86cwA
6P0mUaI4d+j4dRP5CokTxJb3CqPErUJ7g0oPHAYOCRfrqxpyGipd3Bbw6t1ddjOt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org