Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/gO4Y07z-fQGoiWLcVvFLcQkTBus.roa
File: gO4Y07z-fQGoiWLcVvFLcQkTBus.roa (raw, json)
Hash identifier: 3zukcnDi9uGN6bAlrI9O0ydJNS19VVcXlTP5W6laeaU=
Subject key identifier: 80:EE:18:D3:BC:FE:7D:01:A8:89:62:DC:56:F1:4B:71:09:13:06:EB
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01872784F2B0A04CDAE20E06424E436FEC0B
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/gO4Y07z-fQGoiWLcVvFLcQkTBus.roa
Signing time: Tue 28 Mar 2023 09:20:36 +0000
ROA not before: Tue 28 Mar 2023 09:20:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 109.206.248.0/23 maxlen: 23
2a0b:3c40:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 Mar 2023 12:12:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:84:f2:b0:a0:4c:da:e2:0e:06:42:4e:43:6f:ec:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 28 09:20:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80ee18d3bcfe7d01a88962dc56f14b71091306eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:fe:3b:7c:e4:bc:ae:84:3f:76:3b:44:53:3d:
0b:93:89:74:71:e2:79:76:1a:02:db:28:0c:fa:eb:
b7:b0:70:33:de:27:99:b3:aa:85:41:d9:2c:c8:be:
f9:e4:18:75:37:7b:4d:bc:51:b8:05:73:04:66:06:
f6:e7:bd:1c:5b:f5:94:2c:79:a2:0d:1b:2b:f6:bd:
af:5b:43:55:86:95:87:79:8e:df:4b:0d:17:d1:b0:
3e:6f:52:db:a7:44:02:51:64:86:f0:64:fd:e3:c3:
a0:fa:7b:73:f6:3d:7d:2a:00:15:76:9f:d0:54:71:
2f:09:cb:44:f6:1a:45:64:c3:68:8d:21:ed:e0:6a:
46:1b:b3:26:4b:c5:cf:84:e9:b6:98:20:75:dd:6b:
ea:49:8c:54:56:87:72:39:03:52:8a:3c:36:f5:82:
b0:4f:89:ff:78:12:f7:25:8f:2f:5b:b9:95:3b:4c:
cb:74:00:d0:2e:a6:b1:54:b1:e0:02:f4:da:12:eb:
4c:36:1f:38:13:c2:ad:be:86:13:d3:79:a5:20:e6:
ed:9e:06:9c:45:0e:33:b0:cd:d7:92:5e:95:cb:d4:
32:b4:a8:8c:76:b4:dc:81:70:dc:d9:a6:83:79:5b:
00:d7:eb:98:e2:46:36:4d:1c:59:1f:b9:4f:d9:75:
fe:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:EE:18:D3:BC:FE:7D:01:A8:89:62:DC:56:F1:4B:71:09:13:06:EB
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/gO4Y07z-fQGoiWLcVvFLcQkTBus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.248.0/23
IPv6:
2a0b:3c40:10::/48
Signature Algorithm: sha256WithRSAEncryption
08:9b:57:e4:3a:98:ea:c1:76:60:a1:04:cd:bf:b9:2c:64:30:
91:21:36:01:c9:19:28:18:e8:91:28:2b:64:b3:8a:d4:70:6c:
16:ff:cd:68:be:45:56:d6:d7:85:82:6c:a9:4c:08:32:50:af:
98:c0:89:39:01:73:57:1c:f2:a6:4c:fc:a9:73:69:b2:05:7c:
31:50:2a:da:85:e5:6f:de:c3:f2:59:93:cf:e0:b2:d6:34:7e:
7e:6b:1e:d7:8e:6c:03:fb:92:1e:db:90:df:4e:c3:e0:9b:28:
c7:4b:b0:9f:68:31:38:30:f6:87:48:d8:11:49:84:4a:b9:45:
c6:34:74:13:8a:4a:40:72:7b:60:9d:32:4a:24:10:2b:b8:a6:
4d:ba:98:e4:34:37:ad:85:16:ca:d3:85:82:db:f4:92:19:2c:
3c:f7:b0:69:0a:0d:bf:34:4f:bb:0b:1e:2c:7b:fe:40:df:e2:
a2:18:a2:e3:bf:17:36:a1:75:bb:1e:bf:fa:fb:b8:76:70:4f:
80:c2:ad:a4:0d:ae:89:80:f7:6d:63:4c:c3:6c:b6:9f:88:ae:
cb:b6:b5:58:89:87:90:79:d0:b5:f1:65:4d:3e:2d:6d:52:3c:
18:35:ad:47:e6:8d:ad:2d:af:2f:14:43:a7:ff:61:67:8a:a5:
bd:4f:f0:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcnhPKwoEza4g4GQk5Db+wLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMzI4MDkyMDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGVlMThkM2JjZmU3ZDAxYTg4OTYyZGM1NmYxNGI3MTA5MTMwNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgP47fOS8roQ/djtEUz0Lk4l0ceJ5
dhoC2ygM+uu3sHAz3ieZs6qFQdksyL755Bh1N3tNvFG4BXMEZgb2570cW/WULHmi
DRsr9r2vW0NVhpWHeY7fSw0X0bA+b1Lbp0QCUWSG8GT948Og+ntz9j19KgAVdp/Q
VHEvCctE9hpFZMNojSHt4GpGG7MmS8XPhOm2mCB13WvqSYxUVodyOQNSijw29YKw
T4n/eBL3JY8vW7mVO0zLdADQLqaxVLHgAvTaEutMNh84E8KtvoYT03mlIObtngac
RQ4zsM3Xkl6Vy9QytKiMdrTcgXDc2aaDeVsA1+uY4kY2TRxZH7lP2XX+MQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIDuGNO8/n0BqIli3FbxS3EJEwbrMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvZ080WTA3ei1mUUdvaVdMY1Z2RkxjUWtUQnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBbc74MA8E
AgACMAkDBwAqCzxAABAwDQYJKoZIhvcNAQELBQADggEBAAibV+Q6mOrBdmChBM2/
uSxkMJEhNgHJGSgY6JEoK2SzitRwbBb/zWi+RVbW14WCbKlMCDJQr5jAiTkBc1cc
8qZM/KlzabIFfDFQKtqF5W/ew/JZk8/gstY0fn5rHteObAP7kh7bkN9Ow+CbKMdL
sJ9oMTgw9odI2BFJhEq5RcY0dBOKSkBye2CdMkokECu4pk26mOQ0N62FFsrThYLb
9JIZLDz3sGkKDb80T7sLHix7/kDf4qIYouO/Fzahdbsev/r7uHZwT4DCraQNromA
921jTMNstp+Irsu2tViJh5B50LXxZU0+LW1SPBg1rUfmja0try8UQ6f/YWeKpb1P
8F8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org