Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/eghJZyscJ_amnstl7qq-kdwGfD8.roa
File: eghJZyscJ_amnstl7qq-kdwGfD8.roa (raw, json)
Hash identifier: zT9zVR6wRgM4IljKPpM/fcwR99rLfwwSmTjm+qIYQ3E=
Subject key identifier: 7A:08:49:67:2B:1C:27:F6:A6:9E:CB:65:EE:AA:BE:91:DC:06:7C:3F
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018653A42BFD47203DCB430C8CEB5A23E459
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/eghJZyscJ_amnstl7qq-kdwGfD8.roa
Signing time: Wed 15 Feb 2023 05:55:13 +0000
ROA not before: Wed 15 Feb 2023 05:55:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 91.225.227.0/24 maxlen: 24
188.191.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Apr 2023 10:23:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:53:a4:2b:fd:47:20:3d:cb:43:0c:8c:eb:5a:23:e4:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Feb 15 05:55:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a0849672b1c27f6a69ecb65eeaabe91dc067c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4e:e2:b1:e0:d0:ec:4e:84:c4:66:0b:0c:70:
86:5c:11:2f:fa:96:00:c3:50:26:c3:e7:8e:9f:5a:
01:99:cb:f3:69:9f:4f:2a:28:f1:ab:50:00:7a:18:
49:33:99:b2:56:66:bc:46:90:05:76:f9:55:89:ab:
39:77:14:7a:01:37:dd:a2:64:ba:5b:4c:f4:7f:4d:
c1:f3:28:e4:aa:f8:8e:6e:a2:69:92:4e:ec:c4:d1:
33:d0:62:49:44:b9:04:ea:6c:f8:66:e4:b5:fb:96:
f6:32:d3:2a:07:3f:80:72:95:c2:3d:e8:3f:5d:f9:
86:64:b5:a6:97:55:39:69:5e:cc:d8:55:46:0e:92:
d9:c1:1c:fd:a5:9e:7b:da:67:aa:86:27:93:c6:0a:
03:56:72:74:a2:bd:d2:ab:c8:7c:f6:8a:00:91:a5:
a2:b8:12:a7:04:dd:8d:b9:9e:27:8e:5b:82:81:88:
de:8d:03:47:61:cc:e1:59:06:f5:e8:0a:18:ff:79:
41:a7:34:4a:60:09:b6:b6:31:e1:21:2a:03:68:78:
5f:03:e9:9c:0c:b6:17:3f:1b:86:fa:bc:8e:f1:49:
32:78:bc:4b:a5:23:91:4d:c7:d2:16:e9:0f:a1:a5:
9a:02:b0:f3:8d:d3:bc:53:52:bd:51:44:aa:7a:be:
15:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:08:49:67:2B:1C:27:F6:A6:9E:CB:65:EE:AA:BE:91:DC:06:7C:3F
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/eghJZyscJ_amnstl7qq-kdwGfD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.227.0/24
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:d3:5f:ed:d4:41:55:3d:3f:1b:3e:2f:d3:81:47:f4:e7:6e:
a2:bf:17:57:33:dd:8e:6a:df:e4:7c:32:d8:27:47:17:e9:f7:
35:bd:42:27:b6:a9:a6:6e:46:61:9f:ac:09:6d:c4:b5:ef:ec:
97:93:4b:17:88:e0:b9:65:96:b5:d9:11:19:86:6a:d2:b7:03:
fc:1d:ba:1a:4f:2d:cb:2d:96:33:6f:95:bc:bf:0b:a8:7d:31:
c5:81:09:a1:42:de:ca:04:d0:6b:3a:cd:2c:d1:70:e0:85:e2:
a9:0f:88:63:96:eb:28:f6:17:da:83:68:fc:47:1d:3f:19:75:
75:ff:60:84:aa:97:ed:09:86:48:0b:f7:04:8b:fc:04:1c:f5:
db:1d:07:a9:eb:5b:52:86:36:02:b8:ee:77:00:aa:9e:bc:3c:
25:0c:95:d0:0f:0d:14:5c:5a:81:02:75:6f:04:63:22:80:d9:
3d:da:e7:d1:0e:0e:a1:f4:71:97:02:4d:74:b7:99:bc:2e:6a:
4d:90:89:ee:3f:2e:36:ac:81:4f:14:7e:15:71:29:48:e1:28:
20:6f:7d:9d:ed:1a:02:86:5d:f0:5b:c0:de:88:ae:82:d4:c4:
d6:61:d5:46:ad:a5:dc:67:8f:9b:20:ca:90:a3:e6:4e:0e:22:
0e:bc:d8:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZTpCv9RyA9y0MMjOtaI+RZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwMjE1MDU1NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTA4NDk2NzJiMWMyN2Y2YTY5ZWNiNjVlZWFhYmU5MWRjMDY3YzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU7iseDQ7E6ExGYLDHCGXBEv+pYA
w1Amw+eOn1oBmcvzaZ9PKijxq1AAehhJM5myVma8RpAFdvlVias5dxR6ATfdomS6
W0z0f03B8yjkqviObqJpkk7sxNEz0GJJRLkE6mz4ZuS1+5b2MtMqBz+AcpXCPeg/
XfmGZLWml1U5aV7M2FVGDpLZwRz9pZ572meqhieTxgoDVnJ0or3Sq8h89ooAkaWi
uBKnBN2NuZ4njluCgYjejQNHYczhWQb16AoY/3lBpzRKYAm2tjHhISoDaHhfA+mc
DLYXPxuG+ryO8UkyeLxLpSORTcfSFukPoaWaArDzjdO8U1K9UUSqer4VRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHoISWcrHCf2pp7LZe6qvpHcBnw/MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvZWdoSlp5c2NKX2FtbnN0bDdxcS1rZHdHZkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+HjAwQA
vL9vMA0GCSqGSIb3DQEBCwUAA4IBAQBN01/t1EFVPT8bPi/TgUf0526ivxdXM92O
at/kfDLYJ0cX6fc1vUIntqmmbkZhn6wJbcS17+yXk0sXiOC5ZZa12REZhmrStwP8
HboaTy3LLZYzb5W8vwuofTHFgQmhQt7KBNBrOs0s0XDgheKpD4hjluso9hfag2j8
Rx0/GXV1/2CEqpftCYZIC/cEi/wEHPXbHQep61tShjYCuO53AKqevDwlDJXQDw0U
XFqBAnVvBGMigNk92ufRDg6h9HGXAk10t5m8LmpNkInuPy42rIFPFH4VcSlI4Sgg
b32d7RoChl3wW8DeiK6C1MTWYdVGraXcZ4+bIMqQo+ZODiIOvNjv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org