Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/k1bkeJ7-N3pNgiaXb8upgNnqFZw.roa
File: k1bkeJ7-N3pNgiaXb8upgNnqFZw.roa (raw, json)
Hash identifier: Dm+6UDBYJccLTY09oqeKnhld7x7lgxeZ+5knU+R6WtI=
Subject key identifier: 93:56:E4:78:9E:FE:37:7A:4D:82:26:97:6F:CB:A9:80:D9:EA:15:9C
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01873795C2F72B84F93999405B1F09CECB48
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/k1bkeJ7-N3pNgiaXb8upgNnqFZw.roa
Signing time: Fri 31 Mar 2023 12:12:54 +0000
ROA not before: Fri 31 Mar 2023 12:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 109.206.248.0/23 maxlen: 23
2a0c:9e06::/32 maxlen: 32
2a0e:a945::/32 maxlen: 32
2a0e:a947::/32 maxlen: 32
2a0b:3c40:10::/48 maxlen: 48
2a0e:a946::/32 maxlen: 32
2a0e:a944::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 05 Dec 2023 15:17:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:37:95:c2:f7:2b:84:f9:39:99:40:5b:1f:09:ce:cb:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 31 12:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9356e4789efe377a4d8226976fcba980d9ea159c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3d:e2:b0:2e:cf:5f:ad:e5:9a:6d:74:be:33:
ba:be:4b:ec:70:d0:35:a1:50:0b:03:28:73:f3:98:
7f:96:85:e3:27:63:2b:c7:65:ec:db:6a:ab:56:c4:
e2:f1:17:14:0c:0b:6f:d4:79:4c:41:ac:3f:2d:16:
89:c4:49:59:f9:52:bb:a0:a0:5a:f4:aa:5b:19:2a:
42:9f:c6:fd:1d:ef:35:bc:af:d7:62:8b:ac:16:c2:
38:17:74:3f:fb:9b:a0:2a:d0:21:6f:33:75:83:da:
09:b4:c0:fe:53:2f:f2:c9:b5:64:d4:96:0f:4b:e5:
b0:f1:1e:77:79:d9:4e:db:6c:8f:2b:5b:0a:3d:0b:
c1:64:d4:39:6c:9e:9f:55:e7:69:b7:af:a1:b8:6d:
d9:cd:40:d6:5a:58:b4:08:96:42:98:b9:82:0f:8a:
c1:f7:ab:07:01:83:58:e1:04:09:1f:61:2b:05:24:
5e:54:9a:81:4f:8a:80:d3:52:bd:ef:a6:df:7b:7f:
43:57:68:1e:fd:eb:8f:15:a6:52:7f:0a:44:07:23:
bc:46:e8:b2:d6:5c:e2:ff:53:23:b5:38:dd:c7:f8:
cf:89:14:9c:5d:e6:83:53:38:a1:7c:ac:c1:99:20:
4d:e0:aa:13:15:98:04:ad:8f:ed:79:01:4d:8a:64:
c9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:56:E4:78:9E:FE:37:7A:4D:82:26:97:6F:CB:A9:80:D9:EA:15:9C
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/k1bkeJ7-N3pNgiaXb8upgNnqFZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.248.0/23
IPv6:
2a0b:3c40:10::/48
2a0c:9e06::/32
2a0e:a944::/30
Signature Algorithm: sha256WithRSAEncryption
a5:5f:69:5a:3d:b5:22:ed:a6:cf:f2:86:20:91:08:3a:1b:2b:
d9:1c:43:f8:17:ba:a3:bf:a2:f9:ac:d7:91:f8:4a:47:94:33:
98:ce:78:ce:af:b1:fd:61:2e:36:a3:b6:45:45:29:12:2e:da:
9c:82:64:a9:9d:3c:b8:de:ff:a8:dd:13:24:a2:47:5a:f7:08:
30:11:8a:90:b9:45:b4:2a:82:c3:ca:a8:c7:1d:3b:9e:7f:45:
69:68:47:db:50:e3:23:d1:f9:d9:27:69:e3:68:a0:b5:b6:f3:
3e:9e:b3:e7:b8:8c:91:e4:6e:c2:83:64:1a:d3:33:fc:6c:16:
b7:03:45:a2:2c:89:a6:a1:aa:58:ec:32:5b:65:71:0e:b9:ee:
7e:72:cf:33:37:23:00:54:50:41:32:9a:00:88:2c:3d:15:cb:
c5:4c:a6:be:fa:34:6f:9f:12:8b:c5:7d:63:ee:66:af:0b:0c:
9e:c4:51:ed:cb:1a:2b:4f:a5:9c:59:05:22:4a:6a:cc:da:71:
f0:9f:99:08:1c:74:3e:c7:0a:02:e2:7e:bd:99:04:42:5a:72:
e4:bd:85:87:04:26:d4:54:74:bf:82:b0:8e:8f:3c:82:03:5a:
39:c1:2a:c7:fc:45:c5:b8:b5:ba:71:92:97:20:b9:86:2f:1c:
96:3d:cc:fe
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYc3lcL3K4T5OZlAWx8JzstIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMzMxMTIxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzU2ZTQ3ODllZmUzNzdhNGQ4MjI2OTc2ZmNiYTk4MGQ5ZWExNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD3isC7PX63lmm10vjO6vkvscNA1
oVALAyhz85h/loXjJ2Mrx2Xs22qrVsTi8RcUDAtv1HlMQaw/LRaJxElZ+VK7oKBa
9KpbGSpCn8b9He81vK/XYousFsI4F3Q/+5ugKtAhbzN1g9oJtMD+Uy/yybVk1JYP
S+Ww8R53edlO22yPK1sKPQvBZNQ5bJ6fVedpt6+huG3ZzUDWWli0CJZCmLmCD4rB
96sHAYNY4QQJH2ErBSReVJqBT4qA01K976bfe39DV2ge/euPFaZSfwpEByO8Ruiy
1lzi/1MjtTjdx/jPiRScXeaDUzihfKzBmSBN4KoTFZgErY/teQFNimTJpQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJNW5Hie/jd6TYIml2/LqYDZ6hWcMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvazFia2VKNy1OM3BOZ2lhWGI4dXBnTm5xRlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQBbc74MB0E
AgACMBcDBwAqCzxAABADBQAqDJ4GAwUCKg6pRDANBgkqhkiG9w0BAQsFAAOCAQEA
pV9pWj21Iu2mz/KGIJEIOhsr2RxD+Be6o7+i+azXkfhKR5QzmM54zq+x/WEuNqO2
RUUpEi7anIJkqZ08uN7/qN0TJKJHWvcIMBGKkLlFtCqCw8qoxx07nn9FaWhH21Dj
I9H52Sdp42igtbbzPp6z57iMkeRuwoNkGtMz/GwWtwNFoiyJpqGqWOwyW2VxDrnu
fnLPMzcjAFRQQTKaAIgsPRXLxUymvvo0b58Si8V9Y+5mrwsMnsRR7csaK0+lnFkF
IkpqzNpx8J+ZCBx0PscKAuJ+vZkEQlpy5L2FhwQm1FR0v4Kwjo88ggNaOcEqx/xF
xbi1unGSlyC5hi8clj3M/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org