Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/eGaY0JhxHLNbBO4eKlxRT89zPZ8.roa
File: eGaY0JhxHLNbBO4eKlxRT89zPZ8.roa (raw, json)
Hash identifier: pk0kP1MHe4mAxfk9h+3dT69x8vmzFwq4cKsgkn3aybg=
Subject key identifier: 78:66:98:D0:98:71:1C:B3:5B:04:EE:1E:2A:5C:51:4F:CF:73:3D:9F
Certificate issuer: /CN=e8b62bbe9eeb5a3d66e1cc223adedc53b177c4ee
Certificate serial: 01943C1C0DC0948966C6F3B4259EB434F55A
Authority key identifier: E8:B6:2B:BE:9E:EB:5A:3D:66:E1:CC:22:3A:DE:DC:53:B1:77:C4:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/eGaY0JhxHLNbBO4eKlxRT89zPZ8.roa
Signing time: Mon 06 Jan 2025 14:54:18 +0000
ROA not before: Mon 06 Jan 2025 14:54:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213168
IP address blocks: 91.211.145.0/24 maxlen: 24
2a13:8140::/48 maxlen: 48
2a13:8140:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 18 Jan 2025 16:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3c:1c:0d:c0:94:89:66:c6:f3:b4:25:9e:b4:34:f5:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b62bbe9eeb5a3d66e1cc223adedc53b177c4ee
Validity
Not Before: Jan 6 14:54:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=786698d098711cb35b04ee1e2a5c514fcf733d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ce:ec:b7:ed:ef:16:1e:ea:cb:8e:31:38:96:
db:0b:ad:f0:86:df:f2:25:bd:6e:cf:59:98:97:dd:
e2:95:9a:9f:eb:77:94:8d:fa:ea:70:65:d1:e5:b5:
ce:ae:8d:a9:ea:9e:0f:10:56:61:02:fa:a9:a8:ae:
a4:20:79:b4:13:d1:ba:88:7f:29:38:40:e2:5d:a4:
f7:fe:ac:41:b8:95:e8:93:42:ab:85:49:60:c7:e9:
c8:1f:24:ba:e3:3a:80:51:41:02:5e:8f:99:08:73:
f4:6d:67:d2:d5:34:c8:7d:00:10:6b:5e:49:fc:84:
db:a5:d2:77:b5:87:a5:b2:2a:1c:30:03:b9:7f:c9:
ff:5e:aa:c1:01:57:dd:f6:0e:85:fb:ca:06:b3:dc:
7d:e3:d8:57:b3:bb:65:12:5d:a1:48:82:36:1a:f6:
2f:4c:16:86:6c:05:09:8b:2c:f4:0c:5f:98:6d:65:
96:15:2b:c1:96:e0:ac:19:16:1a:51:c8:01:bb:42:
1b:5f:3f:66:af:9b:4c:bc:c9:9f:94:4f:67:39:f9:
e6:03:90:91:98:e7:70:9d:19:0e:d8:42:3f:41:e9:
9c:fd:a2:4f:8f:ac:b9:11:5a:9d:8a:8f:63:d7:2c:
d2:57:f0:cd:d7:17:a2:0d:af:49:49:9a:3f:ff:11:
8b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:66:98:D0:98:71:1C:B3:5B:04:EE:1E:2A:5C:51:4F:CF:73:3D:9F
X509v3 Authority Key Identifier:
keyid:E8:B6:2B:BE:9E:EB:5A:3D:66:E1:CC:22:3A:DE:DC:53:B1:77:C4:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/eGaY0JhxHLNbBO4eKlxRT89zPZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/6LYrvp7rWj1m4cwiOt7cU7F3xO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.145.0/24
IPv6:
2a13:8140::/47
Signature Algorithm: sha256WithRSAEncryption
ad:71:e1:70:a5:74:8d:92:b0:17:58:64:32:b1:6f:7c:2f:91:
dc:c4:28:af:2d:8b:5f:a4:ca:9b:fb:7e:24:da:4d:34:b5:d7:
a4:97:91:f9:d0:d7:03:4f:4d:be:e6:2f:24:10:77:1c:6a:ec:
6c:78:91:7f:01:83:f7:86:60:4a:cb:37:4c:5c:53:a5:20:cd:
85:47:bb:1a:12:f4:b3:b0:b1:07:23:0f:f7:2f:8d:eb:69:b7:
30:02:62:7b:ec:70:22:6c:ac:f4:1d:ae:2f:51:f7:76:93:c3:
1b:1f:03:fb:93:6f:a5:31:b2:ee:ae:27:c1:a1:95:65:bc:6d:
ed:10:7d:d7:17:66:59:2e:42:9b:e4:70:50:50:ea:fd:ca:4a:
08:ba:be:88:96:68:2d:f0:b8:9c:5c:3c:ac:90:e3:78:4e:1d:
62:7f:09:c5:18:97:69:c0:57:29:70:90:31:88:7b:b9:62:e8:
2b:75:5c:fc:8c:8b:ac:b9:ce:ad:ba:f8:ca:db:02:04:00:8d:
0c:79:3b:50:7b:bb:bd:05:f0:a9:e3:3d:e4:18:81:05:61:54:
11:47:0c:6a:19:37:d3:d9:2b:b5:1d:ed:82:54:94:0f:03:9e:
0d:3e:93:e8:81:c5:12:fc:20:8e:51:05:ed:78:7b:80:2e:df:
05:3e:17:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQ8HA3AlIlmxvO0JZ60NPVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjYyYmJlOWVlYjVhM2Q2NmUxY2MyMjNhZGVkYzUzYjE3
N2M0ZWUwHhcNMjUwMTA2MTQ1NDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODY2OThkMDk4NzExY2IzNWIwNGVlMWUyYTVjNTE0ZmNmNzMzZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc7st+3vFh7qy44xOJbbC63wht/y
Jb1uz1mYl93ilZqf63eUjfrqcGXR5bXOro2p6p4PEFZhAvqpqK6kIHm0E9G6iH8p
OEDiXaT3/qxBuJXok0KrhUlgx+nIHyS64zqAUUECXo+ZCHP0bWfS1TTIfQAQa15J
/ITbpdJ3tYelsiocMAO5f8n/XqrBAVfd9g6F+8oGs9x949hXs7tlEl2hSII2GvYv
TBaGbAUJiyz0DF+YbWWWFSvBluCsGRYaUcgBu0IbXz9mr5tMvMmflE9nOfnmA5CR
mOdwnRkO2EI/Qemc/aJPj6y5EVqdio9j1yzSV/DN1xeiDa9JSZo//xGLyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHhmmNCYcRyzWwTuHipcUU/Pcz2fMB8GA1UdIwQY
MBaAFOi2K76e61o9ZuHMIjre3FOxd8TuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxZcnZwN3JXajFtNGN3aU90N2NVN0YzeE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYTBiYTktZjRmZS00OWJjLWEzNjgt
YjNjYmI1YWQyYWQwLzEvZUdhWTBKaHhITE5iQk80ZUtseFJUODl6UFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYTBiYTktZjRmZS00OWJjLWEzNjgtYjNjYmI1YWQyYWQw
LzEvNkxZcnZwN3JXajFtNGN3aU90N2NVN0YzeE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9ORMA8E
AgACMAkDBwEqE4FAAAAwDQYJKoZIhvcNAQELBQADggEBAK1x4XCldI2SsBdYZDKx
b3wvkdzEKK8ti1+kypv7fiTaTTS116SXkfnQ1wNPTb7mLyQQdxxq7Gx4kX8Bg/eG
YErLN0xcU6UgzYVHuxoS9LOwsQcjD/cvjetptzACYnvscCJsrPQdri9R93aTwxsf
A/uTb6Uxsu6uJ8GhlWW8be0QfdcXZlkuQpvkcFBQ6v3KSgi6voiWaC3wuJxcPKyQ
43hOHWJ/CcUYl2nAVylwkDGIe7li6Ct1XPyMi6y5zq26+MrbAgQAjQx5O1B7u70F
8KnjPeQYgQVhVBFHDGoZN9PZK7Ud7YJUlA8Dng0+k+iBxRL8II5RBe14e4Au3wU+
F+Y=
-----END CERTIFICATE-----
Generated at Fri Apr 18 14:54:03 2025 by rpki-client